Filtered by vendor Samsung
Subscriptions
Total
1083 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-3911 | 1 Samsung | 1 Ipolis Device Manager | 2024-08-06 | N/A |
| Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to execute arbitrary code via unspecified values to the (1) Start, (2) ChangeControlLocalName, (3) DeleteDeviceProfile, (4) FrameAdvanceReader, or other unknown method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control. | ||||
| CVE-2014-3912 | 1 Samsung | 1 Ipolis Device Manager | 2024-08-06 | N/A |
| Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote attackers to execute arbitrary code via a long value. | ||||
| CVE-2014-0997 | 4 Google, Lg, Motorola and 1 more | 6 Android, Nexus 4, Nexus 5 and 3 more | 2024-08-06 | N/A |
| WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android releases before 5.0.1 and 5.0.2 does not properly handle exceptions, which allows remote attackers to cause a denial of service (reboot) via a crafted 802.11 probe response frame. | ||||
| CVE-2015-8780 | 1 Samsung | 1 Kies | 2024-08-06 | N/A |
| Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury. | ||||
| CVE-2015-8546 | 2 Google, Samsung | 5 Android, Galaxy Note5, Galaxy S6 and 2 more | 2024-08-06 | 9.8 Critical |
| An issue was discovered on Samsung mobile devices with software through 2015-11-12, affecting the Galaxy S6/S6 Edge, Galaxy S6 Edge+, and Galaxy Note5 with the Shannon333 chipset. There is a stack-based buffer overflow in the baseband process that is exploitable for remote code execution via a fake base station. The Samsung ID is SVE-2015-5123 (December 2015). | ||||
| CVE-2015-8280 | 1 Samsung | 1 Web Viewer | 2024-08-06 | N/A |
| Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to discover credentials by reading detailed error messages. | ||||
| CVE-2015-8281 | 1 Samsung | 1 Web Viewer | 2024-08-06 | N/A |
| Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations. | ||||
| CVE-2015-8279 | 1 Samsung | 1 Web Viewer | 2024-08-06 | N/A |
| Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script. | ||||
| CVE-2015-8040 | 1 Samsung | 1 Smartviewer | 2024-08-06 | N/A |
| The rtsp_getdlsendtime method in the CNC_Ctrl control in Samsung SmartViewer allows remote attackers to execute arbitrary code via an index value. | ||||
| CVE-2015-8039 | 1 Samsung | 1 Smartviewer | 2024-08-06 | N/A |
| Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors to the (1) DVRSetupSave method in the STWAxConfig control or (2) SendCustomPacket method in the STWAxConfigNVR control, which trigger an untrusted pointer dereference. | ||||
| CVE-2015-7898 | 1 Samsung | 2 Galaxy S6, Samsung Mobile | 2024-08-06 | N/A |
| Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | ||||
| CVE-2015-7891 | 1 Samsung | 1 Samsung Mobile | 2024-08-06 | N/A |
| Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598. | ||||
| CVE-2015-7893 | 1 Samsung | 1 Galaxy S6 | 2024-08-06 | N/A |
| SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript. | ||||
| CVE-2015-7889 | 2 Google, Samsung | 2 Android, Galaxy S6 Edge | 2024-08-06 | N/A |
| The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service action, which might allow remote attackers with knowledge of the local email address to obtain sensitive information via a crafted application that sends a crafted intent. | ||||
| CVE-2015-7895 | 1 Samsung | 2 Galaxy S6, Samsung Mobile | 2024-08-06 | N/A |
| Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | ||||
| CVE-2015-7896 | 1 Samsung | 2 Galaxy S6, Samsung Mobile | 2024-08-06 | N/A |
| LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file. | ||||
| CVE-2015-7897 | 1 Samsung | 1 Galaxy S6 | 2024-08-06 | N/A |
| The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file. | ||||
| CVE-2015-7892 | 1 Samsung | 1 M2m1shot Driver | 2024-08-06 | 7.8 High |
| Stack-based buffer overflow in the m2m1shot_compat_ioctl32 function in the Samsung m2m1shot driver framework, as used in Samsung S6 Edge, allows local users to have unspecified impact via a large data.buf_out.num_planes value in an ioctl call. | ||||
| CVE-2015-7894 | 1 Samsung | 2 Galaxy S6 Edge, Galaxy S6 Edge Firmware | 2024-08-06 | N/A |
| The DCMProvider service in Samsung LibQjpeg on a Samsung SM-G925V device running build number LRX22G.G925VVRU1AOE2 allows remote attackers to cause a denial of service (segmentation fault and process crash) and execute arbitrary code via a crafted JPG. | ||||
| CVE-2015-7890 | 1 Samsung | 2 Galaxy S6 Edge, Galaxy S6 Edge Firmware | 2024-08-06 | 5.5 Medium |
| Multiple buffer overflows in the esa_write function in /dev/seirenin the Exynos Seiren Audio driver, as used in Samsung S6 Edge, allow local users to cause a denial of service (memory corruption) via a large (1) buffer or (2) size parameter. | ||||