Kies
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-8780 | Med | 0.42 | 6.4 | 0.01 | Apr 13, 2017 | Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury. | ||
| CVE-2012-3807 | 0.06 | — | 0.32 | Jan 9, 2020 | Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution. | |||
| CVE-2012-3810 | 0.05 | — | 0.05 | Jan 9, 2020 | Samsung Kies before 2.5.0.12094_27_11 has registry modification. | |||
| CVE-2012-3809 | 0.05 | — | 0.05 | Jan 9, 2020 | Samsung Kies before 2.5.0.12094_27_11 has arbitrary directory modification. | |||
| CVE-2012-3808 | 0.05 | — | 0.05 | Jan 9, 2020 | Samsung Kies before 2.5.0.12094_27_11 has arbitrary file modification. | |||
| CVE-2012-6429 | 0.04 | — | 0.15 | Apr 4, 2014 | Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the password argument. | |||
| CVE-2022-39845 | 0.00 | — | 0.00 | Sep 9, 2022 | Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074 allows local attackers to delete arbitrary directory using directory junction. | |||
| CVE-2022-30744 | 0.00 | — | 0.00 | Jun 7, 2022 | DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows attacker to execute arbitrary code. | |||
| CVE-2022-27843 | 0.00 | — | 0.00 | Apr 11, 2022 | DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitrary code. | |||
| CVE-2012-3806 | 0.00 | — | 0.04 | Jan 9, 2020 | Samsung Kies before 2.5.0.12094_27_11 contains a NULL pointer dereference vulnerability which could allow remote attackers to perform a denial of service. | |||
| CVE-2012-2990 | 0.00 | — | 0.04 | Aug 24, 2012 | The MASetupCaller ActiveX control before 1.4.2012.508 in MASetupCaller.dll in MarkAny ContentSAFER, as distributed in Samsung KIES before 2.3.2.12074_13_13, does not properly implement unspecified methods, which allows remote attackers to download an arbitrary program onto a… |
- risk 0.42cvss 6.4epss 0.01
Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury.
- CVE-2012-3807Jan 9, 2020risk 0.06cvss —epss 0.32
Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution.
- CVE-2012-3810Jan 9, 2020risk 0.05cvss —epss 0.05
Samsung Kies before 2.5.0.12094_27_11 has registry modification.
- CVE-2012-3809Jan 9, 2020risk 0.05cvss —epss 0.05
Samsung Kies before 2.5.0.12094_27_11 has arbitrary directory modification.
- CVE-2012-3808Jan 9, 2020risk 0.05cvss —epss 0.05
Samsung Kies before 2.5.0.12094_27_11 has arbitrary file modification.
- CVE-2012-6429Apr 4, 2014risk 0.04cvss —epss 0.15
Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the password argument.
- CVE-2022-39845Sep 9, 2022risk 0.00cvss —epss 0.00
Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074 allows local attackers to delete arbitrary directory using directory junction.
- CVE-2022-30744Jun 7, 2022risk 0.00cvss —epss 0.00
DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows attacker to execute arbitrary code.
- CVE-2022-27843Apr 11, 2022risk 0.00cvss —epss 0.00
DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitrary code.
- CVE-2012-3806Jan 9, 2020risk 0.00cvss —epss 0.04
Samsung Kies before 2.5.0.12094_27_11 contains a NULL pointer dereference vulnerability which could allow remote attackers to perform a denial of service.
- CVE-2012-2990Aug 24, 2012risk 0.00cvss —epss 0.04
The MASetupCaller ActiveX control before 1.4.2012.508 in MASetupCaller.dll in MarkAny ContentSAFER, as distributed in Samsung KIES before 2.3.2.12074_13_13, does not properly implement unspecified methods, which allows remote attackers to download an arbitrary program onto a…