Vulnerabilities > Samsung > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-06-11 | CVE-2014-3911 | Code Injection vulnerability in Samsung Ipolis Device Manager 1.8.2 Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to execute arbitrary code via unspecified values to the (1) Start, (2) ChangeControlLocalName, (3) DeleteDeviceProfile, (4) FrameAdvanceReader, or other unknown method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control. | 9.3 |
| 2014-06-05 | CVE-2014-3912 | Buffer Errors vulnerability in Samsung Ipolis Device Manager 1.8.2 Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote attackers to execute arbitrary code via a long value. | 9.3 |
| 2014-04-04 | CVE-2012-6429 | Buffer Errors vulnerability in Samsung Kies 2.3.2.12074/2.3.2.120741313/2.5.0.120942711 Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the password argument. | 10.0 |
| 2012-12-18 | CVE-2012-6422 | Permissions, Privileges, and Access Controls vulnerability in multiple products The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted application, as demonstrated by ExynosAbuse. | 9.3 |
| 2012-08-24 | CVE-2012-2990 | Code Injection vulnerability in Samsung Kies 2.3.2.12074 The MASetupCaller ActiveX control before 1.4.2012.508 in MASetupCaller.dll in MarkAny ContentSAFER, as distributed in Samsung KIES before 2.3.2.12074_13_13, does not properly implement unspecified methods, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a crafted HTML document. | 9.3 |
| 2012-08-14 | CVE-2012-4333 | Buffer Errors vulnerability in Samsung Net-I Viewer 1.37.120316 Multiple stack-based buffer overflows in the BackupToAvi method in the (1) UMS_Ctrl 1.5.1.1 and (2) UMS_Ctrl_STW 2.0.1.0 ActiveX controls in Samsung NET-i viewer 1.37.120316 allow remote attackers to execute arbitrary code via a long string in the fname parameter. | 10.0 |
| 2012-08-14 | CVE-2012-4334 | Remote vulnerability in Samsung Net-I Viewer 1.37.120316 The ConnectDDNS method in the (1) STWConfigNVR 1.1.13.15 and (2) STWConfig 1.1.14.13 ActiveX controls in Samsung NET-i viewer 1.37.120316 allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
| 2012-08-13 | CVE-2012-4250 | Buffer Errors vulnerability in Samsung Net-I Viewer 1.37 Stack-based buffer overflow in the RequestScreenOptimization function in the XProcessControl.ocx ActiveX control in msls31.dll in Samsung NET-i viewer 1.37 allows remote attackers to execute arbitrary code via a long string in the first argument. | 9.3 |
| 2012-07-24 | CVE-2012-4050 | Unspecified vulnerability in Google Chrome OS Multiple unspecified vulnerabilities in Google Chrome OS before 21.0.1180.50 on the Cr-48 and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, have unknown impact and attack vectors. | 10.0 |
| 2012-06-07 | CVE-2012-3290 | Multiple unspecified vulnerabilities in Google Chrome before 20.0.1132.22 on the Acer AC700; Samsung Series 5, 5 550, and Chromebox 3; and Cr-48 Chromebook platforms have unknown impact and attack vectors. | 10.0 |