Vulnerabilities > Samsung

DATE CVE VULNERABILITY TITLE RISK
2020-02-10 CVE-2019-6744 Improper Authentication vulnerability in Samsung Knox 1.2.02.39
This vulnerability allows local attackers to disclose sensitive information on affected installations of Samsung Knox 1.2.02.39 on Samsung Galaxy S9 build G9600ZHS3ARL1 Secure Folder.
low complexity
samsung CWE-287
4.3
2020-02-10 CVE-2019-20451 Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Prismview Player 11 and Prismview System 9
The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code execution by uploading RebootSystem.lnk and requesting /REBOOTSYSTEM or /RESTARTVNC.
network
low complexity
samsung CWE-434
critical
9.8
2020-02-04 CVE-2019-19273 Out-of-bounds Write vulnerability in multiple products
On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations.
local
low complexity
google samsung CWE-787
7.8
2020-01-22 CVE-2018-16272 Improper Privilege Management vulnerability in Samsung products
The wpa_supplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations.
network
low complexity
samsung CWE-269
critical
9.8
2020-01-22 CVE-2018-16271 Improper Privilege Management vulnerability in Samsung products
The wemail_consumer_service (from the built-in application wemail) in Samsung Galaxy Gear series allows an unprivileged process to manipulate a user's mailbox, due to improper D-Bus security policy configurations.
low complexity
samsung CWE-269
6.5
2020-01-22 CVE-2018-16270 Improper Privilege Management vulnerability in Samsung products
Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction.
network
low complexity
samsung CWE-269
7.5
2020-01-22 CVE-2018-16269 Information Exposure vulnerability in Samsung products
The wnoti system service in Samsung Galaxy Gear series allows an unprivileged process to take over the internal notification message data, due to improper D-Bus security policy configurations.
network
low complexity
samsung CWE-200
7.5
2020-01-09 CVE-2012-3810 Unspecified vulnerability in Samsung Kies 2.3.2.12074/2.3.2.120741313
Samsung Kies before 2.5.0.12094_27_11 has registry modification.
network
low complexity
samsung
7.5
2020-01-09 CVE-2012-3809 Unspecified vulnerability in Samsung Kies 2.3.2.12074/2.3.2.120741313
Samsung Kies before 2.5.0.12094_27_11 has arbitrary directory modification.
network
low complexity
samsung
7.5
2020-01-09 CVE-2012-3808 Unspecified vulnerability in Samsung Kies 2.3.2.12074/2.3.2.120741313
Samsung Kies before 2.5.0.12094_27_11 has arbitrary file modification.
network
low complexity
samsung
7.5