Vendor CVEs
Samsung Mobile
All CVEs
2,204 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-7898 | Med | 0.39 | 5.5 | 0.01 | Jun 27, 2017 | Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | ||
| CVE-2015-7895 | Med | 0.39 | 5.5 | 0.01 | Jun 27, 2017 | Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | ||
| CVE-2016-1344 | Med | 0.39 | 5.9 | 0.03 | Mar 26, 2016 | The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417. | ||
| CVE-2026-21038 | Med | 0.38 | — | 0.00 | Jun 5, 2026 | Improper input validation in Samsung Android USB Driver for Windows prior to version 1.9.5.0 allows local attacker to access out-of-bounds memory. | ||
| CVE-2026-40446 | Med | 0.38 | 6.9 | 0.00 | Apr 13, 2026 | Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335. | ||
| CVE-2018-10751 | Med | 0.38 | 5.3 | 0.09 | May 29, 2018 | A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in memory allocation for this string. The Samsung ID is SVE-2018-11463. | ||
| CVE-2018-6019 | Med | 0.38 | 5.9 | 0.00 | Mar 6, 2018 | Samsung Display Solutions App before 3.02 for Android allows man-in-the-middle attackers to spoof B2B content by leveraging failure to use encryption during information transmission. | ||
| CVE-2017-10963 | Med | 0.38 | 5.9 | 0.01 | Feb 20, 2018 | In Knox SDS IAM (Identity Access Management) and EMM (Enterprise Mobility Management) 16.11 on Samsung mobile devices, a man-in-the-middle attacker can install any application into the Knox container (without the user's knowledge) by inspecting network traffic from a Samsung… | ||
| CVE-2017-8851 | Med | 0.38 | 5.9 | 0.00 | May 11, 2017 | An issue was discovered on OnePlus One and X devices. Due to a lenient updater-script on the OnePlus One and X OTA images, the fact that both products use the same OTA verification keys, and the fact that both products share the same 'ro.build.product' system property, attackers… | ||
| CVE-2016-1346 | Med | 0.38 | 5.9 | 0.02 | Apr 6, 2016 | The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequence of IPv6 packets, aka Bug ID CSCuu46673. | ||
| CVE-2026-25206 | Med | 0.37 | 6.7 | 0.00 | Apr 13, 2026 | Out-of-bounds read vulnerability in Samsung Open Source Escargot allows Resource Leak Exposure.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335. | ||
| CVE-2017-17860 | Med | 0.37 | 5.7 | 0.00 | Jan 18, 2018 | In Samsung Gear products, Bluetooth link key is updated to the different key which is same with attacker's link key. It can be attacked without user's intention only if attacker can reveal the Bluetooth address of target device and paired user's smartphone | ||
| CVE-2026-21028 | Med | 0.36 | 5.5 | 0.00 | Jun 5, 2026 | Improper access control in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information. | ||
| CVE-2026-21026 | Med | 0.36 | 5.5 | 0.00 | Jun 5, 2026 | Improper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information. | ||
| CVE-2026-21025 | Med | 0.36 | 5.5 | 0.00 | Jun 5, 2026 | Incorrect privilege assignment in Telephony prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information. | ||
| CVE-2026-21017 | Med | 0.36 | 5.5 | 0.00 | Jun 5, 2026 | Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files. | ||
| CVE-2026-21022 | Med | 0.36 | 5.5 | 0.00 | May 13, 2026 | Improper handling of insufficient permissions in Routines prior to SMR May-2026 Release 1 allows local attackers to access sensitive information. | ||
| CVE-2026-21016 | Med | 0.36 | 5.5 | 0.00 | May 13, 2026 | Incorrect privilege assignment in LocationManager prior to SMR May-2026 Release 1 allows local attackers to access sensitive information. | ||
| CVE-2026-21015 | Med | 0.36 | 5.5 | 0.00 | May 13, 2026 | Incorrect default permissions in FactoryCamera prior to SMR May-2026 Release 1 allows local attacker to access unique identifier. | ||
| CVE-2026-3291 | Med | 0.36 | 5.5 | 0.00 | May 6, 2026 | Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities. | ||
| CVE-2026-21023 | Med | 0.36 | 5.5 | 0.00 | Apr 29, 2026 | Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application. | ||
| CVE-2026-6839 | Med | 0.36 | 6.6 | 0.00 | Apr 22, 2026 | Improper validation of STRING tensor offsets could allows malformed string metadata to trigger out of bounds access during constant tensor import in Samsung Open Source ONE Affected version is prior to commit 1.30.0. | ||
| CVE-2026-41667 | Med | 0.36 | 6.6 | 0.00 | Apr 22, 2026 | Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes. Affected version is prior to commit 1.30.0. | ||
| CVE-2026-41666 | Med | 0.36 | 6.6 | 0.00 | Apr 22, 2026 | Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation. Affected version is prior to commit 1.30.0. | ||
| CVE-2026-41664 | Med | 0.36 | 6.6 | 0.00 | Apr 22, 2026 | Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0. | ||
| CVE-2026-40450 | Med | 0.36 | 6.6 | 0.00 | Apr 22, 2026 | Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized tensors. Affected version is prior to commit 1.30.0. | ||
| CVE-2026-40449 | Med | 0.36 | 6.6 | 0.00 | Apr 22, 2026 | Integer overflow in buffer size calculation could result in out of bounds memory access when handling large tensors in Samsung Open Source ONE. Affected version is prior to commit 1.30.0. | ||
| CVE-2026-21013 | Med | 0.36 | 5.5 | 0.00 | Apr 13, 2026 | Incorrect default permission in Galaxy Wearable prior to version 2.2.68.26 allows local attackers to access sensitive information. | ||
| CVE-2026-21002 | Med | 0.36 | 5.5 | 0.00 | Mar 16, 2026 | Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application. | ||
| CVE-2026-21001 | Med | 0.36 | 5.5 | 0.00 | Mar 16, 2026 | Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege. | ||
| CVE-2026-21000 | Med | 0.36 | 5.5 | 0.00 | Mar 16, 2026 | Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege. | ||
| CVE-2026-20993 | Med | 0.36 | 5.5 | 0.00 | Mar 16, 2026 | Improper export of android application components in Samsung Assistant prior to version 9.3.10.7 allows local attacker to access saved information. | ||
| CVE-2025-21012 | Med | 0.36 | 5.5 | 0.00 | Aug 6, 2025 | Improper access control in fall detection for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to modify fall detection configuration. | ||
| CVE-2025-21011 | Med | 0.36 | 5.5 | 0.00 | Aug 6, 2025 | Improper access control in SemSensorService for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to motion and body sensors. | ||
| CVE-2025-20975 | Med | 0.36 | 5.5 | 0.00 | May 7, 2025 | Improper Export of Android Application Components in AODService prior to version 8.8.28.12 allows local attackers to launch arbitrary activity with systemui privilege. | ||
| CVE-2025-20906 | Med | 0.36 | 5.5 | 0.00 | Feb 4, 2025 | Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB. | ||
| CVE-2024-49412 | Med | 0.36 | 5.5 | 0.00 | Dec 3, 2024 | Improper input validation in Settings prior to SMR Dec-2024 Release 1 allows local attackers to broadcast signal for discovering Bluetooth on Galaxy Watch. | ||
| CVE-2024-32673 | Med | 0.36 | 5.5 | 0.00 | Jul 3, 2024 | Improper Validation of Array Index vulnerability in Samsung Open Source Walrus Webassembly runtime engine allows a segmentation fault issue. This issue affects Walrus: before 72c7230f32a0b791355bbdfc78669701024b0956. | ||
| CVE-2018-10498 | Med | 0.36 | 5.5 | 0.00 | Sep 24, 2018 | This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this… | ||
| CVE-2018-3926 | Med | 0.36 | 5.5 | 0.00 | Aug 28, 2018 | An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process incorrectly handles malformed files existing in its data directory,… | ||
| CVE-2016-2036 | Med | 0.36 | 5.5 | 0.00 | Apr 13, 2017 | The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request,… | ||
| CVE-2016-4546 | Med | 0.36 | 5.5 | 0.00 | Feb 13, 2017 | Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call. | ||
| CVE-2016-3996 | Med | 0.36 | 5.5 | 0.01 | Jan 27, 2017 | ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly check the caller, which allows local users to read KNOX clipboard data via a crafted application. | ||
| CVE-2016-1920 | Med | 0.36 | 5.5 | 0.00 | Jan 27, 2017 | Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service. | ||
| CVE-2016-9278 | Med | 0.36 | 5.5 | 0.00 | Jan 18, 2017 | The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local users to cause a denial of service (kernel panic) via a crafted ioctl command. The Samsung ID is SVE-2016-6736. | ||
| CVE-2017-5217 | Med | 0.36 | 5.5 | 0.01 | Jan 9, 2017 | Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. The zero-permission app will create an active install session for a separate app… | ||
| CVE-2016-6910 | Med | 0.36 | 5.5 | 0.00 | Dec 23, 2016 | The non-existent notification listener vulnerability was introduced in the initial Android 5.0.2 builds for the Samsung Galaxy S6 Edge devices, but the vulnerability can persist on the device even after the device has been upgraded to an Android 5.1.1 or 6.0.1 build. The… | ||
| CVE-2016-9567 | Med | 0.36 | 5.5 | 0.01 | Nov 23, 2016 | The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen. This can be exploited via a crafted application to eavesdrop after phone shutdown or record a… | ||
| CVE-2014-9798 | Med | 0.36 | 5.5 | 0.00 | Jul 11, 2016 | platform/msm_shared/dev_tree.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 devices does not check the relationship between tags addresses and aboot addresses, which allows attackers to cause a denial of service (OS outage) via a crafted application, aka… | ||
| CVE-2026-25209 | Med | 0.35 | 6.5 | 0.00 | Apr 13, 2026 | Out-of-bounds read vulnerability in Samsung Open Source Escargot allows Resource Leak Exposure.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335. |
- risk 0.39cvss 5.5epss 0.01
Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).
- risk 0.39cvss 5.5epss 0.01
Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).
- risk 0.39cvss 5.9epss 0.03
The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417.
- risk 0.38cvss —epss 0.00
Improper input validation in Samsung Android USB Driver for Windows prior to version 1.9.5.0 allows local attacker to access out-of-bounds memory.
- risk 0.38cvss 6.9epss 0.00
Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.
- risk 0.38cvss 5.3epss 0.09
A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in memory allocation for this string. The Samsung ID is SVE-2018-11463.
- risk 0.38cvss 5.9epss 0.00
Samsung Display Solutions App before 3.02 for Android allows man-in-the-middle attackers to spoof B2B content by leveraging failure to use encryption during information transmission.
- risk 0.38cvss 5.9epss 0.01
In Knox SDS IAM (Identity Access Management) and EMM (Enterprise Mobility Management) 16.11 on Samsung mobile devices, a man-in-the-middle attacker can install any application into the Knox container (without the user's knowledge) by inspecting network traffic from a Samsung…
- risk 0.38cvss 5.9epss 0.00
An issue was discovered on OnePlus One and X devices. Due to a lenient updater-script on the OnePlus One and X OTA images, the fact that both products use the same OTA verification keys, and the fact that both products share the same 'ro.build.product' system property, attackers…
- risk 0.38cvss 5.9epss 0.02
The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequence of IPv6 packets, aka Bug ID CSCuu46673.
- risk 0.37cvss 6.7epss 0.00
Out-of-bounds read vulnerability in Samsung Open Source Escargot allows Resource Leak Exposure.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.
- risk 0.37cvss 5.7epss 0.00
In Samsung Gear products, Bluetooth link key is updated to the different key which is same with attacker's link key. It can be attacked without user's intention only if attacker can reveal the Bluetooth address of target device and paired user's smartphone
- risk 0.36cvss 5.5epss 0.00
Improper access control in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information.
- risk 0.36cvss 5.5epss 0.00
Improper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information.
- risk 0.36cvss 5.5epss 0.00
Incorrect privilege assignment in Telephony prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information.
- risk 0.36cvss 5.5epss 0.00
Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files.
- risk 0.36cvss 5.5epss 0.00
Improper handling of insufficient permissions in Routines prior to SMR May-2026 Release 1 allows local attackers to access sensitive information.
- risk 0.36cvss 5.5epss 0.00
Incorrect privilege assignment in LocationManager prior to SMR May-2026 Release 1 allows local attackers to access sensitive information.
- risk 0.36cvss 5.5epss 0.00
Incorrect default permissions in FactoryCamera prior to SMR May-2026 Release 1 allows local attacker to access unique identifier.
- risk 0.36cvss 5.5epss 0.00
Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities.
- risk 0.36cvss 5.5epss 0.00
Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application.
- risk 0.36cvss 6.6epss 0.00
Improper validation of STRING tensor offsets could allows malformed string metadata to trigger out of bounds access during constant tensor import in Samsung Open Source ONE Affected version is prior to commit 1.30.0.
- risk 0.36cvss 6.6epss 0.00
Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes. Affected version is prior to commit 1.30.0.
- risk 0.36cvss 6.6epss 0.00
Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation. Affected version is prior to commit 1.30.0.
- risk 0.36cvss 6.6epss 0.00
Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0.
- risk 0.36cvss 6.6epss 0.00
Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized tensors. Affected version is prior to commit 1.30.0.
- risk 0.36cvss 6.6epss 0.00
Integer overflow in buffer size calculation could result in out of bounds memory access when handling large tensors in Samsung Open Source ONE. Affected version is prior to commit 1.30.0.
- risk 0.36cvss 5.5epss 0.00
Incorrect default permission in Galaxy Wearable prior to version 2.2.68.26 allows local attackers to access sensitive information.
- risk 0.36cvss 5.5epss 0.00
Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application.
- risk 0.36cvss 5.5epss 0.00
Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege.
- risk 0.36cvss 5.5epss 0.00
Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege.
- risk 0.36cvss 5.5epss 0.00
Improper export of android application components in Samsung Assistant prior to version 9.3.10.7 allows local attacker to access saved information.
- risk 0.36cvss 5.5epss 0.00
Improper access control in fall detection for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to modify fall detection configuration.
- risk 0.36cvss 5.5epss 0.00
Improper access control in SemSensorService for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to motion and body sensors.
- risk 0.36cvss 5.5epss 0.00
Improper Export of Android Application Components in AODService prior to version 8.8.28.12 allows local attackers to launch arbitrary activity with systemui privilege.
- risk 0.36cvss 5.5epss 0.00
Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB.
- risk 0.36cvss 5.5epss 0.00
Improper input validation in Settings prior to SMR Dec-2024 Release 1 allows local attackers to broadcast signal for discovering Bluetooth on Galaxy Watch.
- risk 0.36cvss 5.5epss 0.00
Improper Validation of Array Index vulnerability in Samsung Open Source Walrus Webassembly runtime engine allows a segmentation fault issue. This issue affects Walrus: before 72c7230f32a0b791355bbdfc78669701024b0956.
- risk 0.36cvss 5.5epss 0.00
This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this…
- risk 0.36cvss 5.5epss 0.00
An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process incorrectly handles malformed files existing in its data directory,…
- risk 0.36cvss 5.5epss 0.00
The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request,…
- risk 0.36cvss 5.5epss 0.00
Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call.
- risk 0.36cvss 5.5epss 0.01
ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly check the caller, which allows local users to read KNOX clipboard data via a crafted application.
- risk 0.36cvss 5.5epss 0.00
Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service.
- risk 0.36cvss 5.5epss 0.00
The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local users to cause a denial of service (kernel panic) via a crafted ioctl command. The Samsung ID is SVE-2016-6736.
- risk 0.36cvss 5.5epss 0.01
Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. The zero-permission app will create an active install session for a separate app…
- risk 0.36cvss 5.5epss 0.00
The non-existent notification listener vulnerability was introduced in the initial Android 5.0.2 builds for the Samsung Galaxy S6 Edge devices, but the vulnerability can persist on the device even after the device has been upgraded to an Android 5.1.1 or 6.0.1 build. The…
- risk 0.36cvss 5.5epss 0.01
The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen. This can be exploited via a crafted application to eavesdrop after phone shutdown or record a…
- risk 0.36cvss 5.5epss 0.00
platform/msm_shared/dev_tree.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 devices does not check the relationship between tags addresses and aboot addresses, which allows attackers to cause a denial of service (OS outage) via a crafted application, aka…
- risk 0.35cvss 6.5epss 0.00
Out-of-bounds read vulnerability in Samsung Open Source Escargot allows Resource Leak Exposure.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.
Page 5 of 45