Samsung Samsung Mobile — known CVE vulnerabilities
Every CVE whose affected-product data names Samsung Samsung Mobile, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (28)
CVE-2018-9143 — CVSS 9.8 (critical): On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a…
CVE-2016-9965 — CVSS 9.8 (critical): Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and…
CVE-2016-9966 — CVSS 9.8 (critical): Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and…
CVE-2016-9967 — CVSS 9.8 (critical): Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and…
CVE-2017-5538 — CVSS 9.8 (critical): The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software…
CVE-2018-9139 — CVSS 9.8 (critical): On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a…
CVE-2017-18020 — CVSS 8.4 (high): On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and Exynos chipsets, attackers can execute arbitrary code in the…
CVE-2018-5210 — CVSS 8.1 (high): On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary…
CVE-2018-9141 — CVSS 7.8 (high): On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP…
CVE-2016-6526 — CVSS 7.8 (high): The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of…
CVE-2016-6527 — CVSS 7.8 (high): The SmartCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of…
CVE-2016-4038 — CVSS 7.8 (high): Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor…
CVE-2016-4547 — CVSS 7.5 (high): Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted…
CVE-2016-7160 — CVSS 7.5 (high): A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading…
CVE-2016-9277 — CVSS 7.5 (high): Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart)…
CVE-2017-5350 — CVSS 7.5 (high): Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception…
CVE-2017-5351 — CVSS 7.5 (high): Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the system by creating an arbitrarily large…
CVE-2017-7978 — CVSS 7.5 (high): Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a…
CVE-2015-7891 — CVSS 7.0 (high): Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1)…
CVE-2018-9142 — CVSS 7.0 (high): On Samsung mobile devices with N(7.x) software, attackers can install an arbitrary APK in the Secure Folder SD Card area because of faulty…
CVE-2015-7896 — CVSS 6.5 (medium): LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and…
CVE-2018-9140 — CVSS 6.1 (medium): On Samsung mobile devices with M(6.0) software, the Email application allows XSS via an event attribute and arbitrary file loading via a…
CVE-2015-7898 — CVSS 5.5 (medium): Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).
CVE-2016-4546 — CVSS 5.5 (medium): Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted…
CVE-2015-7895 — CVSS 5.5 (medium): Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).
CVE-2016-9567 — CVSS 5.5 (medium): The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls…
CVE-2017-5217 — CVSS 5.5 (medium): Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can…
CVE-2018-10751 — CVSS 5.3 (medium): A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of…