Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-09 | CVE-2017-5217 | Improper Input Validation vulnerability in Samsung Mobile Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. | 7.1 |
| 2016-12-16 | CVE-2016-9967 | 7PK - Errors vulnerability in Samsung Mobile Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. | 10.0 |
| 2016-12-16 | CVE-2016-9966 | 7PK - Errors vulnerability in Samsung Mobile Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. | 10.0 |
| 2016-12-16 | CVE-2016-9965 | 7PK - Errors vulnerability in Samsung Mobile Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. | 10.0 |
| 2016-11-23 | CVE-2016-9567 | Information Exposure vulnerability in Samsung Mobile 6.0 The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen. | 4.3 |
| 2016-11-11 | CVE-2016-9277 | Integer Overflow or Wraparound vulnerability in Samsung Mobile 4.4/5.0/5.1 Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906. | 7.8 |
| 2016-11-03 | CVE-2016-7160 | NULL Pointer Dereference vulnerability in Samsung Mobile 6.0 A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading to a SystemUI crash and device restart, aka SVE-2016-6248. | 7.8 |
| 2016-10-31 | CVE-2016-7991 | 7PK - Errors vulnerability in Google Android On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542. | 7.8 |
| 2016-10-31 | CVE-2016-7990 | 7PK - Errors vulnerability in Google Android On Samsung Galaxy S4 through S7 devices, an integer overflow condition exists within libomacp.so when parsing OMACP messages (within WAP Push SMS messages) leading to a heap corruption that can result in Denial of Service and potentially remote code execution, a subset of SVE-2016-6542. | 10.0 |
| 2016-10-31 | CVE-2016-7989 | 7PK - Security Features vulnerability in Google Android On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung's implementation of the WifiServiceImpl class within wifi-service.jar. | 7.8 |