Filtered by vendor Samsung
Subscribe
Total
1539 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-16270 | 1 Samsung | 20 Galaxy Gear, Galaxy Gear Firmware, Gear 2 and 17 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction. This allows an unprivileged process to dump Bluetooth HCI packets to an arbitrary file path.
|
|||||
| CVE-2018-16269 | 1 Samsung | 20 Galaxy Gear, Galaxy Gear Firmware, Gear 2 and 17 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The wnoti system service in Samsung Galaxy Gear series allows an unprivileged process to take over the internal notification message data, due to improper D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
|
|||||
| CVE-2018-16268 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-11-21 | 3.3 LOW | 4.3 MEDIUM |
|
The SoundServer/FocusServer system services in Tizen allow an unprivileged process to perform media-related system actions, due to improper D-Bus security policy configurations. Such actions include playing an arbitrary sound file or DTMF tones. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
|
|||||
| CVE-2018-16267 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-11-21 | 4.8 MEDIUM | 8.1 HIGH |
|
The system-popup system service in Tizen allows an unprivileged process to perform popup-related system actions, due to improper D-Bus security policy configurations. Such actions include the triggering system poweroff menu, and prompting a popup with arbitrary strings. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
|
|||||
| CVE-2018-16266 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-11-21 | 4.8 MEDIUM | 8.1 HIGH |
|
The Enlightenment system service in Tizen allows an unprivileged process to fully control or capture windows, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
|
|||||
| CVE-2018-16265 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
The bt/bt_core system service in Tizen allows an unprivileged process to create a system user interface and control the Bluetooth pairing process, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
|
|||||
| CVE-2018-16264 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
The BlueZ system service in Tizen allows an unprivileged process to partially control Bluetooth or acquire sensitive information, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
|
|||||
| CVE-2018-16263 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
|
The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
|
|||||
| CVE-2018-16262 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
|
The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations. Such actions include installing, decrypting, and killing other packages. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.
|
|||||
| CVE-2018-14908 | 1 Samsung | 1 Syncthru Web Service | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws.application/printinformation/printReportSetupView.sws for a "Print emails sent" action.
|
|||||
| CVE-2018-14904 | 1 Samsung | 1 Syncthru Web Service | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauthenticated XSS attacks on several parameters, as demonstrated by ruiFw_pid.
|
|||||
| CVE-2018-14856 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2024-11-21 | 5.8 MEDIUM | 6.3 MEDIUM |
|
Buffer overflow in dhd_bus_flow_ring_create_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi) chip to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.
|
|||||
| CVE-2018-14855 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2024-11-21 | 5.8 MEDIUM | 6.3 MEDIUM |
|
Buffer overflow in dhd_bus_flow_ring_flush_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.
|
|||||
| CVE-2018-14854 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2024-11-21 | 5.8 MEDIUM | 6.3 MEDIUM |
|
Buffer overflow in dhd_bus_flow_ring_delete_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.
|
|||||
| CVE-2018-14853 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2024-11-21 | 3.3 LOW | 4.3 MEDIUM |
|
A NULL pointer dereference in dhd_prot_txdata_write_flush in drivers/net/wireless/bcmdhd4358/dhd_msgbuf.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device to reboot. The Samsung ID is SVE-2018-11783.
|
|||||
| CVE-2018-14852 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2024-11-21 | 5.8 MEDIUM | 6.3 MEDIUM |
|
Out-of-bounds array access in dhd_rx_frame in drivers/net/wireless/bcmdhd4358/dhd_linux.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause invalid accesses to operating system memory due to improper validation of the network interface index provided by the Wi-Fi chip's firmware.
|
|||||
| CVE-2018-14745 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
|
Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer. The Samsung ID is SVE-2018-12029.
|
|||||
| CVE-2018-14318 | 1 Samsung | 2 Galaxy S8, Galaxy S8 Firmware | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling of IPCP headers. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerab ...
Show More |
|||||
| CVE-2018-12038 | 1 Samsung | 2 840 Evo, 840 Evo Firmware | 2024-11-21 | 1.9 LOW | 4.2 MEDIUM |
|
An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to the disk-encryption key.
|
|||||
| CVE-2018-12037 | 2 Micron, Samsung | 14 Crucial Mx100, Crucial Mx100 Firmware, Crucial Mx200 and 11 more | 2024-11-21 | 1.9 LOW | 4.0 MEDIUM |
|
An issue was discovered on Samsung 840 EVO and 850 EVO devices (only in "ATA high" mode, not vulnerable in "TCG" or "ATA max" mode), Samsung T3 and T5 portable drives, and Crucial MX100, MX200 and MX300 devices. Absence of a cryptographic link between the password and the Disk Encryption Key allows attackers with privileged access to SSD firmware full access to encrypted data.
|
|||||
| CVE-2018-11689 | 2 Hanwha-security, Samsung | 19 Hrd-1641, Hrd-1641 Firmware, Hrd-1642 and 16 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. (The same Web Viewer codebase was transitioned from Samsung to Hanwha.)
|
|||||
| CVE-2018-11614 | 1 Samsung | 1 Samsung Members | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Samsung Members Fixed in version 2.4.25. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Intents. The issue lies in the ability to send an Intent that would not otherwise be reachable. An attacker can leverage this vulnerability to escalate privileges to resources norm ...
Show More |
|||||
| CVE-2018-10751 | 1 Samsung | 1 Samsung Mobile | 2024-11-21 | 5.4 MEDIUM | 5.3 MEDIUM |
|
A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in memory allocation for this string. The Samsung ID is SVE-2018-11463.
|
|||||
| CVE-2018-10502 | 1 Samsung | 1 Galaxy Apps | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 4.2.18.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of a staging mode. The issue lies in the ability to change the configuration based on the presence of a file in an user-controlled location. An attacker can leverage this vulnera ...
Show More |
|||||
| CVE-2018-10501 | 1 Samsung | 1 Notes | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of ZIP files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalat ...
Show More |
|||||
| CVE-2018-10500 | 1 Samsung | 1 Galaxy Apps | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of push messages. The issue lies in the ability to start an activity with controlled arguments. An attacker can leverage this vulnerability to escalate privileges to resources no ...
Show More |
|||||
| CVE-2018-10499 | 1 Samsung | 1 Galaxy Apps | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of URLs. The issue lies in the lack of proper validation of user-supplied data, which can allow arbitrary JavaScript to execute. An attacker can leverage this vulnerability to ...
Show More |
|||||
| CVE-2018-10498 | 1 Samsung | 1 Samsung Email | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of file:/// URIs. The issue lies in the lack of proper validation of user-supplied data, which can allow for reading arbitrary files. An attacker can leverage this in conju ...
Show More |
|||||
| CVE-2018-10497 | 1 Samsung | 1 Samsung Email | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of EML files. The issue results from the lack of proper validation of user-supplied data, which can allow arbitrary JavaScript to execute. An attacker can leverage this vulnerability ...
Show More |
|||||
| CVE-2018-10496 | 1 Samsung | 1 Samsung Internet Browser | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Internet Browser Fixed in version 6.4.0.15. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of TypedArray objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this ...
Show More |
|||||
| CVE-2017-18696 | 3 Google, Qualcomm, Samsung | 4 Android, Msm8996, Exynos 7420 and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos7420, Exynos8890, or MSM8996 chipsets) software. RKP allows memory corruption. The Samsung ID is SVE-2016-7897 (January 2017).
|
|||||
| CVE-2017-18694 | 2 Google, Samsung | 8 Android, Exynos 5250, Exynos 5260 and 5 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
An issue was discovered on Samsung mobile devices with software through 2016-10-25 (Exynos5 chipsets). Attackers can read kernel addresses in the log because an incorrect format specifier is used. The Samsung ID is SVE-2016-7551 (January 2017).
|
|||||
| CVE-2017-18692 | 3 Google, Qualcomm, Samsung | 7 Android, Msm8939, Msm8996 and 4 more | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (MSM8939, MSM8996, MSM8998, Exynos7580, Exynos8890, or Exynos8895 chipsets) software. There is a race condition, with a resultant buffer overflow, in the sec_ts touchscreen sysfs interface. The Samsung ID is SVE-2016-7501 (January 2017).
|
|||||
| CVE-2017-18691 | 2 Google, Samsung | 2 Android, Exynos 8890 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos8890 chipsets) software. There are multiple Buffer Overflows in TSP sysfs cmd_store. The Samsung ID is SVE-2016-7500 (January 2017).
|
|||||
| CVE-2017-18690 | 2 Google, Samsung | 9 Android, Exynos 5410, Exynos 5420 and 6 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) (Exynos54xx, Exynos7420, Exynos8890, or Exynos8895 chipsets) software. There is a buffer overflow in the sensor hub. The Samsung ID is SVE-2016-7484 (January 2017).
|
|||||
| CVE-2017-18689 | 2 Google, Samsung | 4 Android, Exynos 5433, Exynos 7420 and 1 more | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
|
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos5433, Exynos7420, or Exynos7870 chipsets) software. An attacker can bypass a ko (aka Kernel Module) signature by modifying the count of kernel modules. The Samsung ID is SVE-2016-7466 (January 2017).
|
|||||
| CVE-2017-18681 | 1 Samsung | 2 Galaxy S5, Galaxy S5 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung Galaxy S5 mobile devices with software through 2016-12-20 (Qualcomm AP chipsets). There are multiple buffer overflows in the bootloader. The Samsung ID is SVE-2016-7930 (March 2017).
|
|||||
| CVE-2017-18675 | 2 Google, Samsung | 3 Android, Exynos 7420, Exynox 8890 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) (Exynos7420 or Exynox8890 chipsets) software. The Camera application can leak uninitialized memory via ion. The Samsung ID is SVE-2016-6989 (April 2017).
|
|||||
| CVE-2017-18020 | 1 Samsung | 1 Samsung Mobile | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
|
On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and Exynos chipsets, attackers can execute arbitrary code in the bootloader because S Boot omits a size check during a copy of ramfs data to memory. The Samsung ID is SVE-2017-10598.
|
|||||
| CVE-2017-17860 | 2 Google, Samsung | 3 Android, Gear S2, Gear S3 | 2024-11-21 | 5.7 MEDIUM | 5.7 MEDIUM |
|
In Samsung Gear products, Bluetooth link key is updated to the different key which is same with attacker's link key. It can be attacked without user's intention only if attacker can reveal the Bluetooth address of target device and paired user's smartphone
|
|||||