Filtered by vendor Samsung
Subscribe
Total
951 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-10849 | 2 Google, Samsung | 4 Android, Exynos 7885, Exynos 8895 and 1 more | 2020-03-26 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos7885, Exynos8895, and Exynos9810 chipsets) software. The Gatekeeper trustlet allows a brute-force attack on the screen lock password. The Samsung ID is SVE-2019-14575 (January 2020). | |||||
| CVE-2019-20600 | 2 Google, Samsung | 2 Android, Exynos 8890 | 2020-03-26 | 3.6 LOW | 7.1 HIGH |
| An issue was discovered on Samsung mobile devices with O(8.0) and P(9.0) (Exynos8890 chipsets) software. A use-after-free occurs in the MALI GPU driver. The Samsung ID is SVE-2019-13921-1 (May 2019). | |||||
| CVE-2020-10255 | 3 Micron, Samsung, Skhynix | 6 Ddr4 Sdram, Lpddr4, Ddr4 and 3 more | 2020-03-16 | 9.3 HIGH | 9.0 CRITICAL |
| Modern DRAM chips (DDR4 and LPDDR4 after 2015) are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh (TRR), aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain access patterns to trigger bit flips on affected memory modules, aka a Many-sided RowHammer attack. This means that, even when chips advertised as RowHammer-free are used, attackers may still be able to conduct privilege-escalation attacks against the kernel, conduct privilege-escalation attacks against the Sudo binary, and achieve cross-tenant virtual-machine access by corrupting RSA keys. The issue affects chips produced by SK Hynix, Micron, and Samsung. NOTE: tracking DRAM supply-chain issues is not straightforward because a single product model from a single vendor may use DRAM chips from different manufacturers. | |||||
| CVE-2020-8860 | 2 Google, Samsung | 2 Android, Galaxy S10 | 2020-03-05 | 5.4 MEDIUM | 8.0 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O(8.x), P(9.0), Q(10.0) devices with Exynos chipsets. User interaction is required to exploit this vulnerability in that the target must answer a phone call. The specific flaw exists within the Call Control Setup messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the baseband processor. Was ZDI-CAN-9658. | |||||
| CVE-2015-7890 | 1 Samsung | 2 Galaxy S6 Edge, Galaxy S6 Edge Firmware | 2020-02-18 | 4.9 MEDIUM | 5.5 MEDIUM |
| Multiple buffer overflows in the esa_write function in /dev/seirenin the Exynos Seiren Audio driver, as used in Samsung S6 Edge, allow local users to cause a denial of service (memory corruption) via a large (1) buffer or (2) size parameter. | |||||
| CVE-2018-16272 | 1 Samsung | 20 Galaxy Gear, Galaxy Gear Firmware, Gear 2 and 17 more | 2020-01-30 | 7.5 HIGH | 9.8 CRITICAL |
| The wpa_supplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | |||||
| CVE-2018-16271 | 1 Samsung | 20 Galaxy Gear, Galaxy Gear Firmware, Gear 2 and 17 more | 2020-01-30 | 3.3 LOW | 6.5 MEDIUM |
| The wemail_consumer_service (from the built-in application wemail) in Samsung Galaxy Gear series allows an unprivileged process to manipulate a user's mailbox, due to improper D-Bus security policy configurations. An arbitrary email can also be sent from the mailbox via the paired smartphone. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | |||||
| CVE-2018-16270 | 1 Samsung | 20 Galaxy Gear, Galaxy Gear Firmware, Gear 2 and 17 more | 2020-01-30 | 5.0 MEDIUM | 7.5 HIGH |
| Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction. This allows an unprivileged process to dump Bluetooth HCI packets to an arbitrary file path. | |||||
| CVE-2018-16269 | 1 Samsung | 20 Galaxy Gear, Galaxy Gear Firmware, Gear 2 and 17 more | 2020-01-30 | 5.0 MEDIUM | 7.5 HIGH |
| The wnoti system service in Samsung Galaxy Gear series allows an unprivileged process to take over the internal notification message data, due to improper D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | |||||
| CVE-2012-3807 | 1 Samsung | 1 Kies | 2020-01-13 | 7.5 HIGH | 9.8 CRITICAL |
| Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution. | |||||
| CVE-2012-3806 | 1 Samsung | 1 Kies | 2020-01-11 | 5.0 MEDIUM | 7.5 HIGH |
| Samsung Kies before 2.5.0.12094_27_11 contains a NULL pointer dereference vulnerability which could allow remote attackers to perform a denial of service. | |||||
| CVE-2012-3808 | 1 Samsung | 1 Kies | 2020-01-11 | 5.0 MEDIUM | 7.5 HIGH |
| Samsung Kies before 2.5.0.12094_27_11 has arbitrary file modification. | |||||
| CVE-2012-3809 | 1 Samsung | 1 Kies | 2020-01-11 | 5.0 MEDIUM | 7.5 HIGH |
| Samsung Kies before 2.5.0.12094_27_11 has arbitrary directory modification. | |||||
| CVE-2012-3810 | 1 Samsung | 1 Kies | 2020-01-11 | 5.0 MEDIUM | 7.5 HIGH |
| Samsung Kies before 2.5.0.12094_27_11 has registry modification. | |||||
| CVE-2013-4764 | 1 Samsung | 4 Galaxy S3, Galaxy S3 Firmware, Galaxy S4 and 1 more | 2020-01-10 | 2.1 LOW | 4.3 MEDIUM |
| Samsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send arbitrary SMS texts to arbitrary destinations without permission. | |||||
| CVE-2013-4763 | 1 Samsung | 4 Galaxy S3, Galaxy S3 Firmware, Galaxy S4 and 1 more | 2020-01-10 | 2.1 LOW | 4.6 MEDIUM |
| Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages without requesting permission. | |||||
| CVE-2015-7892 | 1 Samsung | 1 M2m1shot Driver | 2019-12-10 | 4.6 MEDIUM | 7.8 HIGH |
| Stack-based buffer overflow in the m2m1shot_compat_ioctl32 function in the Samsung m2m1shot driver framework, as used in Samsung S6 Edge, allows local users to have unspecified impact via a large data.buf_out.num_planes value in an ioctl call. | |||||
| CVE-2019-11341 | 2 Google, Samsung | 2 Android, Phone | 2019-11-05 | 2.1 LOW | 4.6 MEDIUM |
| On certain Samsung P(9.0) phones, an attacker with physical access can start a TCP Dump capture without the user's knowledge. This feature of the Service Mode application is available after entering the *#9900# check code, but is protected by an OTP password. However, this password is created locally and (due to mishandling of cryptography) can be obtained easily by reversing the password creation logic. | |||||
| CVE-2018-14318 | 1 Samsung | 2 Galaxy S8, Galaxy S8 Firmware | 2019-10-09 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling of IPCP headers. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the baseband processor. Was ZDI-CAN-5368. | |||||
| CVE-2018-11614 | 1 Samsung | 1 Samsung Members | 2019-10-09 | 6.5 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Samsung Members Fixed in version 2.4.25. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Intents. The issue lies in the ability to send an Intent that would not otherwise be reachable. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5361. | |||||