Filtered by vendor Samsung
Subscriptions
Filtered by product Galaxy S6
Subscriptions
Total
26 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2015-7897 | 1 Samsung | 1 Galaxy S6 | 2024-11-21 | N/A |
The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file. | ||||
CVE-2015-7896 | 1 Samsung | 2 Galaxy S6, Samsung Mobile | 2024-11-21 | N/A |
LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file. | ||||
CVE-2015-7895 | 1 Samsung | 2 Galaxy S6, Samsung Mobile | 2024-11-21 | N/A |
Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | ||||
CVE-2015-7893 | 1 Samsung | 1 Galaxy S6 | 2024-11-21 | N/A |
SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript. | ||||
CVE-2015-4641 | 2 Samsung, Swiftkey | 5 Galaxy S4, Galaxy S4 Mini, Galaxy S5 and 2 more | 2024-11-21 | N/A |
Directory traversal vulnerability in the SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices allows remote web servers to write to arbitrary files, and consequently execute arbitrary code in a privileged context, by leveraging control of the skslm.swiftkey.net domain name and providing a .. (dot dot) in an entry in a ZIP archive, as demonstrated by a traversal to the /data/dalvik-cache directory. | ||||
CVE-2015-4640 | 2 Samsung, Swiftkey | 5 Galaxy S4, Galaxy S4 Mini, Galaxy S5 and 2 more | 2024-11-21 | N/A |
The SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices relies on an HTTP connection to the skslm.swiftkey.net server, which allows man-in-the-middle attackers to write to language-pack files by modifying an HTTP response. NOTE: CVE-2015-4640 exploitation can be combined with CVE-2015-4641 exploitation for man-in-the-middle code execution. |