Vulnerabilities > Samsung > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-31 | CVE-2020-25054 | Out-of-bounds Read vulnerability in Samsung Exynos An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). | 9.1 |
| 2020-04-07 | CVE-2017-18681 | Classic Buffer Overflow vulnerability in Samsung Galaxy S5 Firmware 20161220 An issue was discovered on Samsung Galaxy S5 mobile devices with software through 2016-12-20 (Qualcomm AP chipsets). | 9.8 |
| 2020-03-24 | CVE-2019-20566 | Out-of-bounds Write vulnerability in Samsung Exynos Smp1300 An issue was discovered on Samsung mobile devices with any (before September 2019 for SMP1300 Exynos modem chipsets) software. | 9.8 |
| 2020-03-24 | CVE-2020-10835 | Classic Buffer Overflow vulnerability in Samsung Exynos An issue was discovered on Samsung mobile devices with any (before February 2020 for Exynos modem chipsets) software. | 9.8 |
| 2020-03-10 | CVE-2020-10255 | Improper Input Validation vulnerability in multiple products Modern DRAM chips (DDR4 and LPDDR4 after 2015) are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh (TRR), aka the TRRespass issue. | 9.0 |
| 2020-02-10 | CVE-2019-20451 | Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Prismview Player 11 and Prismview System 9 The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code execution by uploading RebootSystem.lnk and requesting /REBOOTSYSTEM or /RESTARTVNC. | 9.8 |
| 2020-01-22 | CVE-2018-16272 | Improper Privilege Management vulnerability in Samsung products The wpa_supplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations. | 9.8 |
| 2020-01-09 | CVE-2012-3807 | Unspecified vulnerability in Samsung Kies 2.3.2.12074/2.3.2.120741313 Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution. | 9.8 |
| 2019-09-12 | CVE-2019-16256 | Unspecified vulnerability in Samsung Firmware Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker. | 9.8 |
| 2019-06-03 | CVE-2019-6742 | Unspecified vulnerability in Samsung Galaxy S9 Firmware This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to 1.4.20.2. | 9.8 |