Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-03 | CVE-2018-14904 | Cross-site Scripting vulnerability in Samsung Syncthru web Service 4.05.61 Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauthenticated XSS attacks on several parameters, as demonstrated by ruiFw_pid. | 6.1 |
| 2018-06-14 | CVE-2018-11689 | Cross-site Scripting vulnerability in multiple products Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi-bin/webviewer_login_page data3 parameter. | 6.1 |
| 2018-05-29 | CVE-2018-10751 | Integer Overflow or Wraparound vulnerability in Samsung Mobile A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. | 5.3 |
| 2018-03-30 | CVE-2018-9143 | Out-of-bounds Write vulnerability in Samsung Mobile On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991. | 9.8 |
| 2018-03-30 | CVE-2018-9142 | Improper Input Validation vulnerability in Samsung Mobile On Samsung mobile devices with N(7.x) software, attackers can install an arbitrary APK in the Secure Folder SD Card area because of faulty validation of a package signature and package name, aka SVE-2017-10932. | 7.0 |
| 2018-03-30 | CVE-2018-9141 | Improper Input Validation vulnerability in Samsung Mobile On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105. | 7.8 |
| 2018-03-30 | CVE-2018-9140 | Cross-site Scripting vulnerability in Samsung Mobile 6.0 On Samsung mobile devices with M(6.0) software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747. | 6.1 |
| 2018-03-30 | CVE-2018-9139 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Mobile On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165. | 9.8 |
| 2018-03-06 | CVE-2018-6019 | Cleartext Transmission of Sensitive Information vulnerability in Samsung Display Solutions 3.01 Samsung Display Solutions App before 3.02 for Android allows man-in-the-middle attackers to spoof B2B content by leveraging failure to use encryption during information transmission. | 5.9 |
| 2018-02-20 | CVE-2017-10963 | Injection vulnerability in Samsung products In Knox SDS IAM (Identity Access Management) and EMM (Enterprise Mobility Management) 16.11 on Samsung mobile devices, a man-in-the-middle attacker can install any application into the Knox container (without the user's knowledge) by inspecting network traffic from a Samsung server and injecting content at a certain point in the update sequence. | 5.9 |