CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2017-5217
https://notcve.org/view.php?id=CVE-2017-5217
09 Jan 2017 — Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. The zero-permission app will create an active install session for a separate app that it has embedded within it. The active install session of the embedded app is performed using the android.content.pm.PackageInstaller class and its nested classes in the Android API. The active install session will write the embed... • http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2016-9965
https://notcve.org/view.php?id=CVE-2016-9965
16 Dec 2016 — Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7119. Falta de manejo de excepciones apropiado en algunos receptores de la aplicación Telecom en dispositivos Samsung Note con software L(5.0/5.1), M(6.0) y N(7.0) permite a atacantes bloquear el sistema fácilmente resultan... • http://security.samsungmobile.com/smrupdate.html#SMR-DEC-2016 • CWE-388: 7PK - Errors •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2016-9966
https://notcve.org/view.php?id=CVE-2016-9966
16 Dec 2016 — Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7120. Falta de manejo de excepciones apropiado en algunos receptores de la aplicación Telecom en dispositivos Samsung Note con software L(5.0/5.1), M(6.0) y N(7.0) permite a atacantes bloquear el sistema fácilmente resultan... • http://security.samsungmobile.com/smrupdate.html#SMR-DEC-2016 • CWE-388: 7PK - Errors •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2016-9967
https://notcve.org/view.php?id=CVE-2016-9967
16 Dec 2016 — Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7121. Falta de manejo de excepciones apropiado en algunos receptores de la aplicación Telecom en dispositivos Samsung Note con software L(5.0/5.1), M(6.0) y N(7.0) permite a atacantes bloquear el sistema fácilmente resultan... • http://security.samsungmobile.com/smrupdate.html#SMR-DEC-2016 • CWE-388: 7PK - Errors •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9567
https://notcve.org/view.php?id=CVE-2016-9567
23 Nov 2016 — The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen. This can be exploited via a crafted application to eavesdrop after phone shutdown or record a conversation. The Samsung ID is SVE-2016-6343. El servicio del sistema mDNIe en dispositivos Samsung Mobile S7 con software M(6.0) no restringe adecuadamente las llamadas a la API setmDNIeScreenCurtain, permitiendo a los atacantes con... • http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7160
https://notcve.org/view.php?id=CVE-2016-7160
03 Nov 2016 — A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading to a SystemUI crash and device restart, aka SVE-2016-6248. Existe una vulnerabilidad en los dispositivos Samsung Mobile M(6.0) porque el acceso externo a las actividades SystemUI no está restringido adecuadamente, llevando a una caída de SystemUI y reinicio del dispositivo, vulnerabilidad también conocida como SVE-2016-6248. • http://security.samsungmobile.com/smrupdate.html#SMR-SEP-2016 • CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-6526 – Samsung Mobile Phone Telecom Denial of Service
https://notcve.org/view.php?id=CVE-2016-6526
04 Aug 2016 — The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. El componente SpamCall Activity en la aplicación Telecom en dispositivo Samsung Note L(5.0/5.1) y M(6.0) permite a atacantes provocar una denegación de servicio (caída y reinicio) o posiblemente obtener privilegios a través de un objeto serializable malformado. Vulnerabilities in t... • http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-6527 – Samsung Mobile Phone Telecom Denial of Service
https://notcve.org/view.php?id=CVE-2016-6527
04 Aug 2016 — The SmartCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. El componente SmartCall Activity en la aplicación Telecom en dispositivo Samsung Note L(5.0/5.1) y M(6.0) permite a atacantes provocar una denegación de servicio (caída y reinicio) o posiblemente obtener privilegios a través de un objeto serializable malformado. Vulnerabilities in... • http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 11%CPEs: 12EXPL: 2CVE-2015-7896 – Samsung Galaxy S6 - libQjpeg DoIntegralUpsample Crash
https://notcve.org/view.php?id=CVE-2015-7896
03 Nov 2015 — LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file. LibQJpeg en el Samsung Galaxy S6 anterior al MR de octubre de 2015 permite que atacantes remotos provoquen una denegación de servicio (corrupción de memoria y SIGSEGV) mediante un archivo de imagen manipulado. • https://packetstorm.news/files/id/134198 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •