Vulnerabilities > Samsung > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-03-12 | CVE-2016-0960 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005. | 8.8 |
| 2016-01-15 | CVE-2015-8281 | Cryptographic Issues vulnerability in Samsung web Viewer 1.0.0.193 Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption via XOR calculations. | 7.8 |
| 2015-11-16 | CVE-2015-7897 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file. | 7.5 |
| 2015-07-06 | CVE-2015-4034 | Improper Access Control vulnerability in Samsung Galaxy S5 The createFromParcel method in the com.absolute.android.persistence.MethodSpec class in Samsung Galaxy S5s allows remote attackers to execute arbitrary files via a crafted Parcelable object in a serialized MethodSpec object. | 7.9 |
| 2015-02-16 | CVE-2015-1499 | Permissions, Privileges, and Access Controls vulnerability in Samsung Security Manager 1.30 The ActiveMQ Broker in Samsung Security Manager (SSM) before 1.31 allows remote attackers to delete arbitrary files, and consequently cause a denial of service, via a DELETE request. | 8.5 |
| 2014-10-24 | CVE-2014-8346 | Code Injection vulnerability in Samsung Findmymobile and Mobile The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic. | 7.8 |
| 2013-08-28 | CVE-2013-3586 | Improper Authentication vulnerability in Samsung DVR and Smart Viewer Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie. | 7.6 |
| 2013-07-23 | CVE-2013-4890 | Denial of Service vulnerability in Samsung products The DMCRUIS/0.1 web server on the Samsung PS50C7700 TV allows remote attackers to cause a denial of service (daemon crash) via a long URI to TCP port 5600. | 7.8 |
| 2012-11-28 | CVE-2012-4964 | Permissions, Privileges, and Access Controls vulnerability in Samsung Printer Firmware The Samsung printer firmware before 20121031 has a hardcoded read-write SNMP community, which makes it easier for remote attackers to obtain administrative access via an SNMP request. | 7.5 |
| 2012-08-21 | CVE-2012-2980 | Credentials Management vulnerability in multiple products The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages. | 7.1 |