18 matches found
CVE-2017-18685
An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, and M6.0 software. The InputMethod application can cause a system crash via a malformed serializable object in an Intent. The Samsung ID is SVE-2016-7123 February 2017...
EUVD-2017-9776
Malware in sbrugna...
GHSA-Q4Q3-R45F-7GWG Apache Geode vulnerable to Deserialization of Untrusted Data
Apache Geode versions up to 1.12.5, 1.13.4 and 1.14.0 are vulnerable to a deserialization of untrusted data flaw when using JMX over RMI on Java 8. Any user still on Java 8 who wishes to protect against deserialization attacks involving JMX or RMI should upgrade to Apache Geode 1.15 and Java 11. ...
Deserialization of untrusted data
Apache Geode versions up to 1.12.5, 1.13.4 and 1.14.0 are vulnerable to a deserialization of untrusted data flaw when using JMX over RMI on Java 8. Any user still on Java 8 who wishes to protect against deserialization attacks involving JMX or RMI should upgrade to Apache Geode 1.15 and Java 11. ...
Samsung Mobile Device Input Validation Error Vulnerability (CNVD-2020-34731)
Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An input validation error vulnerability exists in Samsung mobile devices, which can be exploited by an attacker to restart the system UI crash with the help of a misformatted...
CVE-2017-18685
An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, and M6.0 software. The InputMethod application can cause a system crash via a malformed serializable object in an Intent. The Samsung ID is SVE-2016-7123 February 2017...
CVE-2017-18685
An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, and M6.0 software. The InputMethod application can cause a system crash via a malformed serializable object in an Intent. The Samsung ID is SVE-2016-7123 February 2017...
CVE-2017-18678
An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. An attacker can crash system processes via a Serializable object because of missing exception handling. The Samsung IDs are SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, and SVE-2017-811...
CVE-2017-18678
An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. An attacker can crash system processes via a Serializable object because of missing exception handling. The Samsung IDs are SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, and SVE-2017-811...
Design/Logic Flaw
An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, and M6.0 software. The InputMethod application can cause a system crash via a malformed serializable object in an Intent. The Samsung ID is SVE-2016-7123 February 2017...
Code injection
An issue was discovered on Samsung mobile devices with KK4.4, L5.0/5.1, M6.0, and N7.x software. An attacker can crash system processes via a Serializable object because of missing exception handling. The Samsung IDs are SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, and SVE-2017-811...
CVE-2017-18678
CVE-2017-18678 affects Samsung mobile devices running KK(4.4) to N(7.x). The issue allows an attacker to crash system processes via a Serializable object due to missing exception handling. Reported Samsung internal identifiers are SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, and SV...
Unsafe Deserialization
geode-core is vulnerable to unsafe deserialization. If a malicious user has DATA:WRITE access to a cluster, they may be able to trigger remote code execution RCE attacks. These attacks can occur because the server stores data in its serialized form and some cluster operations and API invocations...
CVE-2016-6526
The SpamCall Activity component in Telecom application on Samsung Note device L5.0/5.1 and M6.0 allows attackers to cause a denial of service crash and reboot or possibly gain privileges via a malformed serializable object...
CVE-2016-6527
The SmartCall Activity component in Telecom application on Samsung Note device L5.0/5.1 and M6.0 allows attackers to cause a denial of service crash and reboot or possibly gain privileges via a malformed serializable object...
CVE-2016-6527
The SmartCall Activity component in Telecom application on Samsung Note device L5.0/5.1 and M6.0 allows attackers to cause a denial of service crash and reboot or possibly gain privileges via a malformed serializable object...
CVE-2016-6526
The SpamCall Activity component in Telecom application on Samsung Note device L5.0/5.1 and M6.0 allows attackers to cause a denial of service crash and reboot or possibly gain privileges via a malformed serializable object...
CVE-2016-6527
The SmartCall Activity component in Telecom application on Samsung Note device L5.0/5.1 and M6.0 allows attackers to cause a denial of service crash and reboot or possibly gain privileges via a malformed serializable object...