Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-14 | CVE-2019-15434 | Unspecified vulnerability in Samsung Galaxy A5 Firmware The Samsung A5 Android device with a build fingerprint of samsung/a5y17ltexx/a5y17lte:8.0.0/R16NW/A520FXXS8CSC5:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. | 7.8 |
| 2019-11-14 | CVE-2019-15433 | Unspecified vulnerability in Samsung Galaxy A3 Firmware The Samsung A3 Android device with a build fingerprint of samsung/a3y17ltedx/a3y17lte:8.0.0/R16NW/A320YDXU4CSB3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. | 7.8 |
| 2019-11-06 | CVE-2019-16401 | Unspecified vulnerability in Samsung products Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow injection of AT+CIMI and AT+CGSN over Bluetooth, leaking sensitive information such as IMSI, IMEI, call status, call setup stage, internet service status, signal strength, current roaming status, battery level, and call held status. low complexity samsung | 6.5 |
| 2019-11-06 | CVE-2019-16400 | Unspecified vulnerability in Samsung products Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow attackers to send AT commands over Bluetooth, resulting in several Denial of Service (DoS) attacks. low complexity samsung | 6.5 |
| 2019-10-17 | CVE-2019-17668 | Unspecified vulnerability in Samsung Galaxy S10 Firmware and Note 10 Firmware Samsung Galaxy S10 and Note10 devices allow unlock operations via unregistered fingerprints in certain situations involving a third-party screen protector. low complexity samsung | 6.8 |
| 2019-09-25 | CVE-2019-16253 | Unspecified vulnerability in Samsung Text-To-Speech The Text-to-speech Engine (aka SamsungTTS) application before 3.0.02.7 and 3.0.00.101 for Android allows a local attacker to escalate privileges, e.g., to system privileges. | 7.8 |
| 2019-09-12 | CVE-2019-16256 | Unspecified vulnerability in Samsung Firmware Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker. | 9.8 |
| 2019-06-07 | CVE-2018-20135 | Improper Certificate Validation vulnerability in Samsung Galaxy Apps Samsung Galaxy Apps before 4.4.01.7 allows modification of the hostname used for load balancing on installations of applications through a man-in-the-middle attack. | 8.1 |
| 2019-06-06 | CVE-2019-12762 | Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anomalies via a radio signal between 198 kHz and 203 kHz, as demonstrated by a transmitter and antenna hidden just beneath the surface of a coffee-shop table, aka Ghost Touch. | 4.2 |
| 2019-06-03 | CVE-2019-6742 | Unspecified vulnerability in Samsung Galaxy S9 Firmware This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to 1.4.20.2. | 9.8 |