CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-5351
https://notcve.org/view.php?id=CVE-2017-5351
12 Jan 2017 — Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the system by creating an arbitrarily large number of active VR service threads. The Samsung ID is SVE-2016-7650. Dispositivos Samsung Note con software KK(4.4), L(5.0/5.1) y M(6.0) permiten a atacantes bloquear el sistema mediante la creación arbitraria de un gran número de hilos VR de servicio activos. El ID de Samsung es SVE-2016-7650. • http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2017-5217
https://notcve.org/view.php?id=CVE-2017-5217
09 Jan 2017 — Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. The zero-permission app will create an active install session for a separate app that it has embedded within it. The active install session of the embedded app is performed using the android.content.pm.PackageInstaller class and its nested classes in the Android API. The active install session will write the embed... • http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2016-9965
https://notcve.org/view.php?id=CVE-2016-9965
16 Dec 2016 — Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7119. Falta de manejo de excepciones apropiado en algunos receptores de la aplicación Telecom en dispositivos Samsung Note con software L(5.0/5.1), M(6.0) y N(7.0) permite a atacantes bloquear el sistema fácilmente resultan... • http://security.samsungmobile.com/smrupdate.html#SMR-DEC-2016 • CWE-388: 7PK - Errors •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2016-9966
https://notcve.org/view.php?id=CVE-2016-9966
16 Dec 2016 — Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7120. Falta de manejo de excepciones apropiado en algunos receptores de la aplicación Telecom en dispositivos Samsung Note con software L(5.0/5.1), M(6.0) y N(7.0) permite a atacantes bloquear el sistema fácilmente resultan... • http://security.samsungmobile.com/smrupdate.html#SMR-DEC-2016 • CWE-388: 7PK - Errors •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2016-9967
https://notcve.org/view.php?id=CVE-2016-9967
16 Dec 2016 — Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7121. Falta de manejo de excepciones apropiado en algunos receptores de la aplicación Telecom en dispositivos Samsung Note con software L(5.0/5.1), M(6.0) y N(7.0) permite a atacantes bloquear el sistema fácilmente resultan... • http://security.samsungmobile.com/smrupdate.html#SMR-DEC-2016 • CWE-388: 7PK - Errors •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9567
https://notcve.org/view.php?id=CVE-2016-9567
23 Nov 2016 — The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen. This can be exploited via a crafted application to eavesdrop after phone shutdown or record a conversation. The Samsung ID is SVE-2016-6343. El servicio del sistema mDNIe en dispositivos Samsung Mobile S7 con software M(6.0) no restringe adecuadamente las llamadas a la API setmDNIeScreenCurtain, permitiendo a los atacantes con... • http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-9277
https://notcve.org/view.php?id=CVE-2016-9277
11 Nov 2016 — Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906. Desbordamiento de entero en SystemUI en KK(4.4) y L(5.0/5.1) en dispositivos Samsung Note permite a atacantes provocar una denegación de servicio (reinicio de UI) a través de vectores relacionados con las APIs y una actividad que estima un indice array fuera de rango,... • http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7160
https://notcve.org/view.php?id=CVE-2016-7160
03 Nov 2016 — A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading to a SystemUI crash and device restart, aka SVE-2016-6248. Existe una vulnerabilidad en los dispositivos Samsung Mobile M(6.0) porque el acceso externo a las actividades SystemUI no está restringido adecuadamente, llevando a una caída de SystemUI y reinicio del dispositivo, vulnerabilidad también conocida como SVE-2016-6248. • http://security.samsungmobile.com/smrupdate.html#SMR-SEP-2016 • CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-6526 – Samsung Mobile Phone Telecom Denial of Service
https://notcve.org/view.php?id=CVE-2016-6526
04 Aug 2016 — The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. El componente SpamCall Activity en la aplicación Telecom en dispositivo Samsung Note L(5.0/5.1) y M(6.0) permite a atacantes provocar una denegación de servicio (caída y reinicio) o posiblemente obtener privilegios a través de un objeto serializable malformado. Vulnerabilities in t... • http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-6527 – Samsung Mobile Phone Telecom Denial of Service
https://notcve.org/view.php?id=CVE-2016-6527
04 Aug 2016 — The SmartCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. El componente SmartCall Activity en la aplicación Telecom en dispositivo Samsung Note L(5.0/5.1) y M(6.0) permite a atacantes provocar una denegación de servicio (caída y reinicio) o posiblemente obtener privilegios a través de un objeto serializable malformado. Vulnerabilities in... • http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016 • CWE-264: Permissions, Privileges, and Access Controls •