mobile devices
CVEs (35)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-25337 | 0.12 | — | 0.01 | KEV | Mar 4, 2021 | Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files. | ||
| CVE-2023-42533 | 0.00 | — | 0.00 | Nov 7, 2023 | Improper Input Validation with USB Gadget Interface prior to SMR Nov-2023 Release 1 allows a physical attacker to execute arbitrary code in Kernel. | |||
| CVE-2015-9547 | 0.00 | — | 0.00 | Apr 10, 2020 | An issue was discovered on Samsung mobile devices with JBP(4.3) and KK(4.4.2) software. Because the READ_LOGS permission is mishandled, sensitive information is disclosed in a world-readable copy of the log file if the error message is "Unhandled exception in Dalvik VM,"… | |||
| CVE-2015-5524 | 0.00 | — | 0.00 | Apr 10, 2020 | An issue was discovered on Samsung mobile devices with KK(4.4) and later software through 2015-05-13. There is a buffer overflow in datablock_write because the amount of received data is not validated. The Samsung ID is SVE-2015-4018 (December 2015). | |||
| CVE-2018-21054 | 0.00 | — | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a… | |||
| CVE-2018-21061 | 0.00 | — | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.1) and O(8.x) software. A fake charger can execute critical functions in the locked state. The Samsung ID is SVE-2016-6341 (August 2018). | |||
| CVE-2018-21064 | 0.00 | — | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. There is an array overflow in a driver's input booster. The Samsung ID is SVE-2017-11816 (August 2018). | |||
| CVE-2018-21069 | 0.00 | — | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.x) (MediaTek chipsets) software. There is information disclosure (of kernel stack memory) in a MediaTek driver. The Samsung ID is SVE-2018-11852 (July 2018). | |||
| CVE-2018-21071 | 0.00 | — | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with M(6.0) software. Because of an unprotected intent, an attacker can read arbitrary files and emails, and take over an email account. The Samsung ID is SVE-2018-11633 (May 2018). | |||
| CVE-2018-21074 | 0.00 | — | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with M(6.x) (Exynos or Qualcomm chipsets) software. There is information disclosure from a Trustlet via the debug log. The Samsung ID is SVE-2017-10638 (April 2018). | |||
| CVE-2018-21077 | 0.00 | — | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) software. There is a Clipboard content disclosure in the locked state because the keyboard may be used during an emergency call. The Samsung ID is SVE-2017-11107 (April 2018). | |||
| CVE-2018-21085 | 0.00 | — | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software. There is a race condition with a resultant use-after-free in vnswap_deinit_backing_storage. The Samsung ID is SVE-2017-11176 (February 2018). | |||
| CVE-2018-21088 | 0.00 | — | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.x) software. An attacker can cause a reboot because InputMethodManagerService has an unprotected system service. The Samsung ID is SVE-2017-9995 (January 2018). | |||
| CVE-2018-21089 | 0.00 | — | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with N(7.x) (MT6755/MT6757 Mediatek models) software. Bootloader has an integer overflow that leads to arbitrary code execution via the download offset control. The Samsung ID is SVE-2017-10732 (January 2018). | |||
| CVE-2017-18644 | 0.00 | — | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with L(5.1), M(6.x), and N(7.x) software. There is a muic_set_reg_sel heap-based buffer overflow during the reading of MUIC register values. The Samsung ID is SVE-2017-10011 (December 2017). | |||
| CVE-2017-18648 | 0.00 | — | 0.00 | Apr 7, 2020 | An issue was discovered on Samsung mobile devices with KK(4.4.x), L(5.x), M(6.x), and N(7.x) software. Arbitrary file read/write operations can occur in the locked state via a crafted MTP command. The Samsung ID is SVE-2017-10086 (November 2017). | |||
| CVE-2017-18650 | 0.00 | — | 0.00 | Apr 7, 2020 | An issue was discovered on Samsung mobile devices with N(7.x) software. There is a WifiStateMachine IllegalArgumentException and reboot if a malformed wpa_supplicant.conf is read. The Samsung ID is SVE-2017-9828 (October 2017). | |||
| CVE-2017-18651 | 0.00 | — | 0.00 | Apr 7, 2020 | An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. There is an Integer Overflow in process_M_SetTokenTUIPasswd during handling of a trusted application, leading to memory corruption. The Samsung IDs are SVE-2017-9008 and SVE-2017-9009 (October… | |||
| CVE-2017-18654 | 0.00 | — | 0.00 | Apr 7, 2020 | An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0, 7.1) software. An unauthenticated attacker can register a new security certificate. The Samsung ID is SVE-2017-9659 (September 2017). | |||
| CVE-2017-18655 | 0.00 | — | 0.00 | Apr 7, 2020 | An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a stack-based buffer overflow with resultant memory corruption in a trustlet. The Samsung IDs are SVE-2017-8889, SVE-2017-8891, and SVE-2017-8892 (August 2017). |
- risk 0.12cvss —epss 0.01
Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files.
- CVE-2023-42533Nov 7, 2023risk 0.00cvss —epss 0.00
Improper Input Validation with USB Gadget Interface prior to SMR Nov-2023 Release 1 allows a physical attacker to execute arbitrary code in Kernel.
- CVE-2015-9547Apr 10, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with JBP(4.3) and KK(4.4.2) software. Because the READ_LOGS permission is mishandled, sensitive information is disclosed in a world-readable copy of the log file if the error message is "Unhandled exception in Dalvik VM,"…
- CVE-2015-5524Apr 10, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with KK(4.4) and later software through 2015-05-13. There is a buffer overflow in datablock_write because the amount of received data is not validated. The Samsung ID is SVE-2015-4018 (December 2015).
- CVE-2018-21054Apr 8, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a…
- CVE-2018-21061Apr 8, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with N(7.1) and O(8.x) software. A fake charger can execute critical functions in the locked state. The Samsung ID is SVE-2016-6341 (August 2018).
- CVE-2018-21064Apr 8, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. There is an array overflow in a driver's input booster. The Samsung ID is SVE-2017-11816 (August 2018).
- CVE-2018-21069Apr 8, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with N(7.x) (MediaTek chipsets) software. There is information disclosure (of kernel stack memory) in a MediaTek driver. The Samsung ID is SVE-2018-11852 (July 2018).
- CVE-2018-21071Apr 8, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with M(6.0) software. Because of an unprotected intent, an attacker can read arbitrary files and emails, and take over an email account. The Samsung ID is SVE-2018-11633 (May 2018).
- CVE-2018-21074Apr 8, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with M(6.x) (Exynos or Qualcomm chipsets) software. There is information disclosure from a Trustlet via the debug log. The Samsung ID is SVE-2017-10638 (April 2018).
- CVE-2018-21077Apr 8, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) software. There is a Clipboard content disclosure in the locked state because the keyboard may be used during an emergency call. The Samsung ID is SVE-2017-11107 (April 2018).
- CVE-2018-21085Apr 8, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software. There is a race condition with a resultant use-after-free in vnswap_deinit_backing_storage. The Samsung ID is SVE-2017-11176 (February 2018).
- CVE-2018-21088Apr 8, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with N(7.x) software. An attacker can cause a reboot because InputMethodManagerService has an unprotected system service. The Samsung ID is SVE-2017-9995 (January 2018).
- CVE-2018-21089Apr 8, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with N(7.x) (MT6755/MT6757 Mediatek models) software. Bootloader has an integer overflow that leads to arbitrary code execution via the download offset control. The Samsung ID is SVE-2017-10732 (January 2018).
- CVE-2017-18644Apr 8, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with L(5.1), M(6.x), and N(7.x) software. There is a muic_set_reg_sel heap-based buffer overflow during the reading of MUIC register values. The Samsung ID is SVE-2017-10011 (December 2017).
- CVE-2017-18648Apr 7, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with KK(4.4.x), L(5.x), M(6.x), and N(7.x) software. Arbitrary file read/write operations can occur in the locked state via a crafted MTP command. The Samsung ID is SVE-2017-10086 (November 2017).
- CVE-2017-18650Apr 7, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with N(7.x) software. There is a WifiStateMachine IllegalArgumentException and reboot if a malformed wpa_supplicant.conf is read. The Samsung ID is SVE-2017-9828 (October 2017).
- CVE-2017-18651Apr 7, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. There is an Integer Overflow in process_M_SetTokenTUIPasswd during handling of a trusted application, leading to memory corruption. The Samsung IDs are SVE-2017-9008 and SVE-2017-9009 (October…
- CVE-2017-18654Apr 7, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0, 7.1) software. An unauthenticated attacker can register a new security certificate. The Samsung ID is SVE-2017-9659 (September 2017).
- CVE-2017-18655Apr 7, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a stack-based buffer overflow with resultant memory corruption in a trustlet. The Samsung IDs are SVE-2017-8889, SVE-2017-8891, and SVE-2017-8892 (August 2017).
Page 1 of 2