Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-17 | CVE-2018-14855 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7 Buffer overflow in dhd_bus_flow_ring_flush_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. | 6.3 |
| 2018-12-17 | CVE-2018-14854 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7 Buffer overflow in dhd_bus_flow_ring_delete_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. | 6.3 |
| 2018-12-17 | CVE-2018-14853 | NULL Pointer Dereference vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7 A NULL pointer dereference in dhd_prot_txdata_write_flush in drivers/net/wireless/bcmdhd4358/dhd_msgbuf.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device to reboot. | 4.3 |
| 2018-12-17 | CVE-2018-14852 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7 Out-of-bounds array access in dhd_rx_frame in drivers/net/wireless/bcmdhd4358/dhd_linux.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause invalid accesses to operating system memory due to improper validation of the network interface index provided by the Wi-Fi chip's firmware. | 6.3 |
| 2018-11-20 | CVE-2018-12038 | Insufficiently Protected Credentials vulnerability in Samsung 840 EVO Firmware An issue was discovered on Samsung 840 EVO devices. | 4.2 |
| 2018-11-20 | CVE-2018-12037 | An issue was discovered on Samsung 840 EVO and 850 EVO devices (only in "ATA high" mode, not vulnerable in "TCG" or "ATA max" mode), Samsung T3 and T5 portable drives, and Crucial MX100, MX200 and MX300 devices. | 4.0 |
| 2018-10-03 | CVE-2018-17969 | Insufficiently Protected Credentials vulnerability in Samsung Scx-6545X Firmware 2.00.03.01 Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote attackers to discover cleartext credentials via iso.3.6.1.4.1.236.11.5.11.81.10.1.5.0 and iso.3.6.1.4.1.236.11.5.11.81.10.1.6.0 SNMP requests. | 9.8 |
| 2018-09-24 | CVE-2018-14318 | Improper Input Validation vulnerability in Samsung Galaxy S8 Firmware G950Fxxu1Aql5 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. | 8.8 |
| 2018-09-24 | CVE-2018-11614 | Unspecified vulnerability in Samsung Members This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Samsung Members Fixed in version 2.4.25. | 8.8 |
| 2018-09-24 | CVE-2018-10502 | Improper Input Validation vulnerability in Samsung Galaxy Apps This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 4.2.18.2. | 7.8 |