Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-07 | CVE-2018-20135 | Improper Certificate Validation vulnerability in Samsung Galaxy Apps Samsung Galaxy Apps before 4.4.01.7 allows modification of the hostname used for load balancing on installations of applications through a man-in-the-middle attack. | 8.1 |
| 2019-06-06 | CVE-2019-12762 | Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch. | 4.2 |
| 2019-06-03 | CVE-2019-6742 | Unspecified vulnerability in Samsung Galaxy S9 Firmware This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to 1.4.20.2. | 9.8 |
| 2019-06-03 | CVE-2019-6741 | Open Redirect vulnerability in Samsung Galaxy S9 Firmware 1.4.20.2 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to January 2019 Security Update (SMR-JAN-2019 - SVE-2018-13467). | 9.3 |
| 2019-06-03 | CVE-2019-6740 | Out-of-bounds Write vulnerability in Samsung Galaxy S9 Firmware 1.4.20.2 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to January 2019 Security Update (SMR-JAN-2019 - SVE-2018-13467). | 8.8 |
| 2019-05-24 | CVE-2019-12315 | Cross-site Scripting vulnerability in Samsung Scx-824 Firmware Samsung SCX-824 printers allow a reflected Cross-Site-Scripting (XSS) vulnerability that can be triggered by using the "print from file" feature, as demonstrated by the sws/swsAlert.sws?popupid=successMsg msg parameter. | 6.1 |
| 2019-05-14 | CVE-2019-12087 | Resource Management Errors vulnerability in Samsung S10 Firmware, S9+ Firmware and Xcover 4 Firmware Samsung S9+, S10, and XCover 4 P(9.0) devices can become temporarily inoperable because of an unprotected intent in the ContainerAgent application. | 5.5 |
| 2019-03-21 | CVE-2019-7421 | Cross-site Scripting vulnerability in Samsung Syncthru web Service and X7400Gx Firmware XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.login/gnb/loginView.sws" in multiple parameters: contextpath and basedURL. | 6.1 |
| 2019-03-21 | CVE-2019-7420 | Cross-site Scripting vulnerability in Samsung Syncthru web Service and X7400Gx Firmware XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.application/information/networkinformationView.sws" in the tabName parameter. | 6.1 |
| 2019-03-21 | CVE-2019-7419 | Cross-site Scripting vulnerability in Samsung Syncthru web Service and X7400Gx Firmware XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/leftmenu.sws" in multiple parameters: ruiFw_id, ruiFw_pid, ruiFw_title. | 6.1 |