CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0CVE-2018-9141
https://notcve.org/view.php?id=CVE-2018-9141
30 Mar 2018 — On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105. En dispositivos móviles Samsung con software L(5.x), M(6.0) y N(7.x), Gallery permite que los atacantes remotos ejecuten código arbitrario mediante un archivo BMP con una resolución manipulada. Esto también se conoce como SVE-2017-11105. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 9EXPL: 0CVE-2017-18020
https://notcve.org/view.php?id=CVE-2017-18020
04 Jan 2018 — On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and Exynos chipsets, attackers can execute arbitrary code in the bootloader because S Boot omits a size check during a copy of ramfs data to memory. The Samsung ID is SVE-2017-10598. En dispositivos móviles Samsung con software L (5.x), M (6.x) y N (7.x) y chipsets Exynos, los atacantes pueden ejecutar código arbitrario en el cargador de arranque porque S Boot omite una verificación de tamaño durante una copia de los datos ramfs a la memoria... • https://security.samsungmobile.com/securityUpdate.smsb • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2017-7978
https://notcve.org/view.php?id=CVE-2017-7978
19 Apr 2017 — Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290. Dispositivos Android de Samsung con software L(5.0/5.1), M(6.0) y N(7.x) permiten a atacantes obtener información sensible leyendo un archivo de registro legible mundialmente tras un reinicio inesperado. La ID de Samsung es SVE-2017-8290. • http://security.samsungmobile.com/smrupdate.html#SMR-APR-2017 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4546
https://notcve.org/view.php?id=CVE-2016-4546
13 Feb 2017 — Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call. Los dispositivos Samsung con Android KK(4.4) o L(5.0/5.1) permiten a usuarios locales provocar una denegación de servicio (caída del servicio IAndroidShm) a través de datos manipulados en una llamada de servicio. • http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2016 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4547
https://notcve.org/view.php?id=CVE-2016-4547
13 Feb 2017 — Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C. Los dispositivos Samsung con Android KK(4.4), L(5.0 / 5.1) o M(6.0) permiten a atacantes provocar una denegación de servicio (caída del sistema) a través de una llamada de sistema manipulada a TvoutService_C. • http://security.samsungmobile.com/smrupdate.html#SMR-FEB-2016 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2016-4038
https://notcve.org/view.php?id=CVE-2016-4038
01 Feb 2017 — Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the gpio_config.gpio_name value. Error de índice de array en la función msm_sensor_config en kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c en dispositivos Samsung ... • http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2016 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-5350
https://notcve.org/view.php?id=CVE-2017-5350
12 Jan 2017 — Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception handling. The Samsung ID is SVE-2016-7122. Dispositivos Samsung Note con software L(5.0/5.1), M(6.0) y N(7.0) permiten a atacantes bloquear systemUI aprovechando un manejo de excepciones incompleto. El ID de Samsung es SVE-2016-7122. • http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-5351
https://notcve.org/view.php?id=CVE-2017-5351
12 Jan 2017 — Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the system by creating an arbitrarily large number of active VR service threads. The Samsung ID is SVE-2016-7650. Dispositivos Samsung Note con software KK(4.4), L(5.0/5.1) y M(6.0) permiten a atacantes bloquear el sistema mediante la creación arbitraria de un gran número de hilos VR de servicio activos. El ID de Samsung es SVE-2016-7650. • http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2017-5217
https://notcve.org/view.php?id=CVE-2017-5217
09 Jan 2017 — Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. The zero-permission app will create an active install session for a separate app that it has embedded within it. The active install session of the embedded app is performed using the android.content.pm.PackageInstaller class and its nested classes in the Android API. The active install session will write the embed... • http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2016-9965
https://notcve.org/view.php?id=CVE-2016-9965
16 Dec 2016 — Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7119. Falta de manejo de excepciones apropiado en algunos receptores de la aplicación Telecom en dispositivos Samsung Note con software L(5.0/5.1), M(6.0) y N(7.0) permite a atacantes bloquear el sistema fácilmente resultan... • http://security.samsungmobile.com/smrupdate.html#SMR-DEC-2016 • CWE-388: 7PK - Errors •