Samsung Mobile@7.0 Security Vulnerabilities and Issues — Samsung Mobile@7.0 CVE List

Lucene search

SamsungSamsung Mobile7.0

14 matches found

CVE•added 2018/05/29 8:29 p.m.•46 views

CVE-2018-10751

A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in memory allocation for this string. The Samsung ID is SVE-2018-11463.

5.4CVSS6.4AI score0.16539EPSS

CVE•added 2017/01/12 6:59 a.m.•44 views

CVE-2017-5350

Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception handling. The Samsung ID is SVE-2016-7122.

7.5CVSS7.6AI score0.00539EPSS

CVE•added 2016/12/16 9:59 a.m.•42 views

CVE-2016-9965

Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7119.

10CVSS9.6AI score0.00493EPSS

CVE•added 2018/01/04 6:29 a.m.•41 views

CVE-2017-18020

On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and Exynos chipsets, attackers can execute arbitrary code in the bootloader because S Boot omits a size check during a copy of ramfs data to memory. The Samsung ID is SVE-2017-10598.

8.4CVSS8.5AI score0.00052EPSS

CVE•added 2017/04/19 10:59 p.m.•41 views

CVE-2017-7978

Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290.

7.5CVSS7.2AI score0.00306EPSS

CVE•added 2018/03/30 8:29 a.m.•38 views

CVE-2018-9143

On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991.

10CVSS9.6AI score0.01131EPSS

CVE•added 2018/03/30 8:29 a.m.•36 views

CVE-2018-9139

On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165.

10CVSS9.6AI score0.01348EPSS

CVE•added 2017/08/24 8:29 p.m.•35 views

CVE-2015-7896

LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file.

6.5CVSS6.5AI score0.07163EPSS

CVE•added 2017/03/23 4:59 p.m.•32 views

CVE-2017-5538

The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bounds read, aka SVE-2016-6362.

10CVSS9.6AI score0.02764EPSS

CVE•added 2016/12/16 9:59 a.m.•31 views

CVE-2016-9966

10CVSS9.6AI score0.00493EPSS

CVE•added 2018/01/04 6:29 a.m.•30 views

CVE-2018-5210

On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to discover unlock information (PIN, password, or pattern). The Samsung ID is SVE-2017-10733.

9.3CVSS8.2AI score0.01357EPSS

CVE•added 2018/03/30 8:29 a.m.•30 views

CVE-2018-9142

On Samsung mobile devices with N(7.x) software, attackers can install an arbitrary APK in the Secure Folder SD Card area because of faulty validation of a package signature and package name, aka SVE-2017-10932.

7.6CVSS7AI score0.00118EPSS

CVE•added 2018/03/30 8:29 a.m.•29 views

CVE-2018-9141

On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105.

9.3CVSS7.9AI score0.0076EPSS

CVE•added 2016/12/16 9:59 a.m.•24 views

CVE-2016-9967

10CVSS9.6AI score0.00493EPSS