An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) (Exynos chipsets) software. Keymaster has an architectural problem because tlApi in TEE is not properly protected. The Samsung ID is SVE-2018-11792 (August 2018).
NVD-CWE-noinfo
CVE-2018-21075
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. The Call+ application can load classes from an unintended path, leading to Code Execution. The Samsung ID is SVE-2017-10886 (April 2018).
CVE-2018-20979
The contact-form-7 plugin before 5.0.4 for WordPress has privilege escalation because of capability_type mishandling in register_post_type.
CVE-2018-20959
Jura E8 devices lack Bluetooth connection security.
CVE-2018-20960
Nespresso Prodigio devices lack Bluetooth connection security.
CVE-2018-20880
cPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445).