Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-27 | CVE-2017-5925 | Information Exposure vulnerability in multiple products Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. | 7.5 |
| 2017-02-13 | CVE-2016-4547 | Improper Input Validation vulnerability in Samsung Mobile Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C. | 7.5 |
| 2017-02-13 | CVE-2016-4546 | Improper Input Validation vulnerability in Samsung Mobile 4.4/5.0/5.1 Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call. | 5.5 |
| 2017-02-01 | CVE-2016-4038 | Improper Input Validation vulnerability in Samsung Mobile 4.4/5.0/5.1 Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the gpio_config.gpio_name value. | 7.8 |
| 2017-01-30 | CVE-2016-6604 | NULL Pointer Dereference vulnerability in Samsung Exynos Fimg2D NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows attackers to have unspecified impact via unknown vectors. | 9.8 |
| 2017-01-27 | CVE-2016-3996 | Information Exposure vulnerability in Samsung Knox 1.0/2.3.0 ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly check the caller, which allows local users to read KNOX clipboard data via a crafted application. | 5.5 |
| 2017-01-27 | CVE-2016-1920 | Improper Access Control vulnerability in Samsung Knox 1.0 Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service. | 5.5 |
| 2017-01-27 | CVE-2016-1919 | Information Exposure vulnerability in Samsung Knox 1.0 Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack. | 4.7 |
| 2017-01-18 | CVE-2016-9279 | Use After Free vulnerability in Samsung Exynos Fimg2D Driver Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. | 7.5 |
| 2017-01-18 | CVE-2016-9278 | Improper Input Validation vulnerability in Samsung Exynos Fimg2D Driver The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local users to cause a denial of service (kernel panic) via a crafted ioctl command. | 5.5 |