Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-01-15 | CVE-2015-8281 | Cryptographic Issues vulnerability in Samsung web Viewer 1.0.0.193 Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations. | 7.8 |
| 2016-01-15 | CVE-2015-8280 | Information Exposure vulnerability in Samsung web Viewer 1.0.0.193 Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to discover credentials by reading detailed error messages. | 5.0 |
| 2016-01-15 | CVE-2015-8279 | Permissions, Privileges, and Access Controls vulnerability in Samsung web Viewer 1.0.0.193 Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script. | 5.0 |
| 2015-11-16 | CVE-2015-7897 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file. | 7.5 |
| 2015-11-02 | CVE-2015-8040 | Improper Input Validation vulnerability in Samsung Smartviewer The rtsp_getdlsendtime method in the CNC_Ctrl control in Samsung SmartViewer allows remote attackers to execute arbitrary code via an index value. | 6.8 |
| 2015-11-02 | CVE-2015-8039 | Remote Code Execution vulnerability in Samsung SmartViewer Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors to the (1) DVRSetupSave method in the STWAxConfig control or (2) SendCustomPacket method in the STWAxConfigNVR control, which trigger an untrusted pointer dereference. network samsung | 6.8 |
| 2015-07-06 | CVE-2015-4034 | Improper Access Control vulnerability in Samsung Galaxy S5 The createFromParcel method in the com.absolute.android.persistence.MethodSpec class in Samsung Galaxy S5s allows remote attackers to execute arbitrary files via a crafted Parcelable object in a serialized MethodSpec object. | 7.9 |
| 2015-07-06 | CVE-2015-4033 | Information Exposure vulnerability in Samsung S-Beam Samsung SBeam allows remote attackers to read arbitrary images by leveraging an NFC connection to access the HTTP server on port 15000. | 3.3 |
| 2015-06-19 | CVE-2015-4641 | Path Traversal vulnerability in Swiftkey SDK Directory traversal vulnerability in the SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices allows remote web servers to write to arbitrary files, and consequently execute arbitrary code in a privileged context, by leveraging control of the skslm.swiftkey.net domain name and providing a .. | 6.4 |
| 2015-06-19 | CVE-2015-4640 | 7PK - Security Features vulnerability in Swiftkey SDK The SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices relies on an HTTP connection to the skslm.swiftkey.net server, which allows man-in-the-middle attackers to write to language-pack files by modifying an HTTP response. | 2.9 |