VYPR

Mobile

by Samsung Mobile

CVEs (36)

  • CVE-2018-9139CriMar 30, 2018
    risk 0.64cvss 9.8epss 0.02

    On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165.

  • CVE-2017-5538CriMar 23, 2017
    risk 0.64cvss 9.8epss 0.03

    The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bounds read, aka…

  • CVE-2016-9967CriDec 16, 2016
    risk 0.64cvss 9.8epss 0.02

    Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is…

  • CVE-2016-9966CriDec 16, 2016
    risk 0.64cvss 9.8epss 0.02

    Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is…

  • CVE-2016-9965CriDec 16, 2016
    risk 0.64cvss 9.8epss 0.02

    Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is…

  • CVE-2016-4038HigFeb 1, 2017
    risk 0.51cvss 7.8epss 0.00

    Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have…

  • CVE-2016-6527HigJan 18, 2017
    risk 0.51cvss 7.8epss 0.01

    The SmartCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object.

  • CVE-2016-6526HigJan 18, 2017
    risk 0.51cvss 7.8epss 0.01

    The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object.

  • CVE-2015-7891HigAug 2, 2017
    risk 0.49cvss 7.0epss 0.01

    Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598.

  • CVE-2017-7978HigApr 19, 2017
    risk 0.49cvss 7.5epss 0.01

    Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290.

  • CVE-2016-4547HigFeb 13, 2017
    risk 0.49cvss 7.5epss 0.01

    Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C.

  • CVE-2017-5351HigJan 12, 2017
    risk 0.49cvss 7.5epss 0.01

    Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the system by creating an arbitrarily large number of active VR service threads. The Samsung ID is SVE-2016-7650.

  • CVE-2017-5350HigJan 12, 2017
    risk 0.49cvss 7.5epss 0.01

    Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception handling. The Samsung ID is SVE-2016-7122.

  • CVE-2016-9277HigNov 11, 2016
    risk 0.49cvss 7.5epss 0.01

    Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906.

  • CVE-2016-7160HigNov 3, 2016
    risk 0.49cvss 7.5epss 0.01

    A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading to a SystemUI crash and device restart, aka SVE-2016-6248.

  • CVE-2015-7896MedAug 24, 2017
    risk 0.46cvss 6.5epss 0.07

    LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file.

  • CVE-2015-7898MedJun 27, 2017
    risk 0.39cvss 5.5epss 0.01

    Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).

  • CVE-2015-7895MedJun 27, 2017
    risk 0.39cvss 5.5epss 0.01

    Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).

  • CVE-2016-4546MedFeb 13, 2017
    risk 0.36cvss 5.5epss 0.00

    Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call.

  • CVE-2017-5217MedJan 9, 2017
    risk 0.36cvss 5.5epss 0.01

    Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. The zero-permission app will create an active install session for a separate app…

Page 1 of 2