Samsung

Samsung Mobile

78 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2018-10751

Exploit
  • EPSS 14.36%
  • Veröffentlicht 29.05.2018 20:29:02
  • Zuletzt bearbeitet 21.11.2024 03:41:58

A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in memory allocation for this string. The Samsung ID is S...

10

CVE-2018-9143

  • EPSS 1.07%
  • Veröffentlicht 30.03.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 04:15:03

On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991.

7.6

CVE-2018-9142

  • EPSS 0.12%
  • Veröffentlicht 30.03.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 04:15:03

On Samsung mobile devices with N(7.x) software, attackers can install an arbitrary APK in the Secure Folder SD Card area because of faulty validation of a package signature and package name, aka SVE-2017-10932.

9.3

CVE-2018-9141

  • EPSS 0.76%
  • Veröffentlicht 30.03.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 04:15:03

On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105.

6.1

CVE-2018-9140

  • EPSS 0.36%
  • Veröffentlicht 30.03.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 04:15:03

On Samsung mobile devices with M(6.0) software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747.

10

CVE-2018-9139

  • EPSS 1.28%
  • Veröffentlicht 30.03.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 04:15:03

On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165.

8.4

CVE-2017-18020

  • EPSS 0.05%
  • Veröffentlicht 04.01.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:11

On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and Exynos chipsets, attackers can execute arbitrary code in the bootloader because S Boot omits a size check during a copy of ramfs data to memory. The Samsung ID is SVE-2017-10598.

9.3

CVE-2018-5210

  • EPSS 1.36%
  • Veröffentlicht 04.01.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:20

On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to discover unlock information (PIN, password, or pa...

6.5

CVE-2015-7896

  • EPSS 7.16%
  • Veröffentlicht 24.08.2017 20:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file.

7

CVE-2015-7891

Exploit
  • EPSS 0.17%
  • Veröffentlicht 02.08.2017 19:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as n...