Vulnerabilities > Samsung

DATE CVE VULNERABILITY TITLE RISK
2016-12-16 CVE-2016-9965 7PK - Errors vulnerability in Samsung Mobile
Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges.
network
low complexity
samsung CWE-388
critical
9.8
2016-11-23 CVE-2016-9567 Information Exposure vulnerability in Samsung Mobile 6.0
The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen.
local
low complexity
samsung CWE-200
5.5
2016-11-11 CVE-2016-9277 Integer Overflow or Wraparound vulnerability in Samsung Mobile 4.4/5.0/5.1
Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906.
network
low complexity
samsung CWE-190
7.5
2016-11-03 CVE-2016-7160 NULL Pointer Dereference vulnerability in Samsung Mobile 6.0
A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading to a SystemUI crash and device restart, aka SVE-2016-6248.
network
low complexity
samsung CWE-476
7.5
2016-04-07 CVE-2016-0729 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corruption) or possibly execute arbitrary code via a crafted document.
network
low complexity
samsung fedoraproject CWE-119
critical
9.8
2016-04-06 CVE-2016-1346 Resource Management Errors vulnerability in multiple products
The kernel in Cisco TelePresence Server 3.0 through 4.2(4.18) on Mobility Services Engine (MSE) 8710 devices allows remote attackers to cause a denial of service (panic and reboot) via a crafted sequence of IPv6 packets, aka Bug ID CSCuu46673.
network
high complexity
dell netgear samsung zyxel zzinc CWE-399
5.9
2016-03-26 CVE-2016-1350 Resource Management Errors vulnerability in multiple products
Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293.
network
low complexity
cisco samsung sun zyxel lenovo zzinc CWE-399
7.5
2016-03-26 CVE-2016-1349 Resource Management Errors vulnerability in multiple products
The Smart Install client implementation in Cisco IOS 12.2, 15.0, and 15.2 and IOS XE 3.2 through 3.7 allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in a Smart Install packet, aka Bug ID CSCuv45410.
network
low complexity
cisco samsung sun intel zyxel netgear zzinc CWE-399
7.5
2016-03-26 CVE-2016-1348 Resource Management Errors vulnerability in multiple products
Cisco IOS 15.0 through 15.5 and IOS XE 3.3 through 3.16 allow remote attackers to cause a denial of service (device reload) via a crafted DHCPv6 Relay message, aka Bug ID CSCus55821.
network
low complexity
cisco samsung sun zyxel netgear zzinc CWE-399
7.5
2016-03-26 CVE-2016-1344 Resource Management Errors vulnerability in multiple products
The IKEv2 implementation in Cisco IOS 15.0 through 15.6 and IOS XE 3.3 through 3.17 allows remote attackers to cause a denial of service (device reload) via fragmented packets, aka Bug ID CSCux38417.
network
high complexity
cisco samsung sun zyxel lenovo netgear zzinc CWE-399
5.9