VYPR
Vendor

Samsung Mobile

Products
639
CVEs
2,204
Across products
1,851
Status
Private

Products

639
View all 639 products →

Recent CVEs

2,204
View all 2,204 CVEs →
  • CVE-2024-7399HigKEVAug 12, 2024
    risk 0.78cvss 8.8epss 0.92

    Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.

  • CVE-2016-1010HigKEVMar 12, 2016
    risk 0.71cvss 8.8epss 0.20

    Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to…

  • CVE-2018-11444CriMay 25, 2018
    risk 0.67cvss 9.8epss 0.03

    A SQL Injection issue was observed in the parameter "q" in jobcard-ongoing.php in EasyService Billing 1.0.

  • CVE-2025-54328CriApr 6, 2026
    risk 0.65cvss 10.0epss 0.01

    An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A Stack-based Buffer Overflow occurs while…

  • CVE-2018-3907CriAug 24, 2018
    risk 0.65cvss 10.0epss 0.01

    An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the…

  • CVE-2018-3856CriAug 23, 2018
    risk 0.65cvss 9.9epss 0.03

    An exploitable vulnerability exists in the smart cameras RTSP configuration of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The device incorrectly handles spaces in the URL field, leading to an arbitrary operating system command injection. An attacker can…

  • CVE-2018-3867CriAug 23, 2018
    risk 0.65cvss 9.9epss 0.02

    An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly handles the answer received…

  • CVE-2015-5473CriJun 1, 2017
    risk 0.65cvss 9.8epss 0.13

    Multiple directory traversal vulnerabilities in Samsung SyncThru 6 before 1.0 allow remote attackers to delete arbitrary files via unspecified parameters to (1) upload/updateDriver or (2) upload/addDriver or to execute arbitrary code with SYSTEM privileges via unspecified…

  • CVE-2025-52908CriApr 7, 2026
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 1…

  • CVE-2025-62818CriApr 7, 2026
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. An out-of-bounds write occurs due to a mismatch…

  • CVE-2025-52909CriApr 7, 2026
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 2…

  • CVE-2024-40754CriSep 10, 2024
    risk 0.64cvss 9.8epss 0.00

    Heap-based Buffer Overflow vulnerability in Samsung Open Source Escargot JavaScript engine allows Overflow Buffers.This issue affects Escargot: 4.0.0.

  • CVE-2018-17969CriOct 3, 2018
    risk 0.64cvss 9.8epss 0.01

    Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote attackers to discover cleartext credentials via iso.3.6.1.4.1.236.11.5.11.81.10.1.5.0 and iso.3.6.1.4.1.236.11.5.11.81.10.1.6.0 SNMP requests.

  • CVE-2018-3877CriSep 21, 2018
    risk 0.64cvss 9.9epss 0.02

    An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 160 bytes. An attacker can send an…

  • CVE-2018-3874CriSep 21, 2018
    risk 0.64cvss 9.9epss 0.02

    An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 32 bytes. An attacker can send an…

  • CVE-2018-3873CriSep 21, 2018
    risk 0.64cvss 9.9epss 0.02

    An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 128 bytes. An attacker can send an…

  • CVE-2018-3875CriSep 10, 2018
    risk 0.64cvss 9.9epss 0.02

    An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer…

  • CVE-2018-3904CriAug 27, 2018
    risk 0.64cvss 9.9epss 0.02

    An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a…

  • CVE-2018-3880CriAug 23, 2018
    risk 0.64cvss 9.9epss 0.01

    An exploitable stack-based buffer overflow vulnerability exists in the database 'find-by-cameraId' functionality of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles existing records inside its…

  • CVE-2018-3872CriAug 23, 2018
    risk 0.64cvss 9.9epss 0.02

    An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts the videoHostUrl field from a user-controlled JSON payload,…