Filtered by vendor Samsung
Subscriptions
Total
1251 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-9278 | 1 Samsung | 1 Exynos Fimg2d Driver | 2025-04-20 | N/A |
The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local users to cause a denial of service (kernel panic) via a crafted ioctl command. The Samsung ID is SVE-2016-6736. | ||||
CVE-2016-6604 | 2 Google, Samsung | 2 Android, Exynos Fimg2d | 2025-04-20 | N/A |
NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows attackers to have unspecified impact via unknown vectors. The Samsung ID is SVE-2016-6382. | ||||
CVE-2017-5926 | 5 Allwinner, Amd, Intel and 2 more | 20 A64, Athlon Ii 640 X4, E-350 and 17 more | 2025-04-20 | N/A |
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. | ||||
CVE-2016-4547 | 1 Samsung | 1 Samsung Mobile | 2025-04-20 | N/A |
Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C. | ||||
CVE-2016-4546 | 1 Samsung | 1 Samsung Mobile | 2025-04-20 | N/A |
Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call. | ||||
CVE-2015-7891 | 1 Samsung | 1 Samsung Mobile | 2025-04-20 | N/A |
Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598. | ||||
CVE-2016-4032 | 1 Samsung | 10 Galaxy Note 3, Galaxy Note 3 Firmware, Galaxy S4 and 7 more | 2025-04-20 | N/A |
Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices do not block AT+USBDEBUG and AT+WIFIVALUE, which allows attackers to modify Android settings by leveraging AT access, aka SVE-2016-5301. | ||||
CVE-2016-4031 | 1 Samsung | 10 Galaxy Note 3, Galaxy Note 3 Firmware, Galaxy S4 and 7 more | 2025-04-20 | N/A |
Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices allow attackers to send AT commands by plugging the device into a Linux host, aka SVE-2016-5301. | ||||
CVE-2015-7898 | 1 Samsung | 2 Galaxy S6, Samsung Mobile | 2025-04-20 | N/A |
Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | ||||
CVE-2016-2566 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2025-04-20 | N/A |
Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices has SQL injection, aka SVE-2015-5081. | ||||
CVE-2016-2565 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2025-04-20 | N/A |
Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to read sent e-mail messages, aka SVE-2015-5081. | ||||
CVE-2016-1920 | 1 Samsung | 1 Knox | 2025-04-20 | N/A |
Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service. | ||||
CVE-2017-7978 | 1 Samsung | 1 Samsung Mobile | 2025-04-20 | N/A |
Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290. | ||||
CVE-2015-1801 | 1 Samsung | 2 Galaxy S4, Galaxy S4 Firmware | 2025-04-20 | N/A |
The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 kernel 3.4 and earlier allows attackers to cause a denial of service (memory corruption) or gain privileges. | ||||
CVE-2016-1919 | 1 Samsung | 1 Knox | 2025-04-20 | N/A |
Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack. | ||||
CVE-2015-7889 | 2 Google, Samsung | 2 Android, Galaxy S6 Edge | 2025-04-20 | N/A |
The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service action, which might allow remote attackers with knowledge of the local email address to obtain sensitive information via a crafted application that sends a crafted intent. | ||||
CVE-2016-2036 | 1 Samsung | 4 Galaxy Note 3, Galaxy Note 3 Firmware, Galaxy S6 and 1 more | 2025-04-20 | N/A |
The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request, aka SVE-2016-5036. | ||||
CVE-2016-2567 | 1 Samsung | 4 Galaxy Note 3, Galaxy Note 3 Firmware, Galaxy S6 and 1 more | 2025-04-20 | N/A |
secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to bypass URL filtering by inserting an "exceptional URL" in the query string, as demonstrated by the http://should-have-been-filtered.example.com/?http://google.com URL. | ||||
CVE-2024-20804 | 1 Samsung | 2 Android, Myfiles | 2025-04-17 | 4 Medium |
Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file. | ||||
CVE-2024-20832 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2025-04-16 | 6.4 Medium |
Heap overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code. |