Vulnerabilities > Samsung > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-14 | CVE-2019-15439 | Unspecified vulnerability in Samsung Galaxy Xcover4 Firmware The Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltedo/xcover4lte:8.1.0/M1AJQ/G390YDXU2BSA1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. | 7.8 |
| 2019-11-14 | CVE-2019-15438 | Unspecified vulnerability in Samsung Galaxy Xcover4 Firmware The Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltedo/xcover4lte:8.1.0/M1AJQ/G390YDXU2BSA1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. | 7.8 |
| 2019-11-14 | CVE-2019-15437 | Unspecified vulnerability in Samsung Galaxy Xcover4 Firmware The Samsung XCover4 Android device with a build fingerprint of samsung/xcover4ltexx/xcover4lte:8.1.0/M1AJQ/G390FXXU3BSA2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. | 7.8 |
| 2019-11-14 | CVE-2019-15436 | Unspecified vulnerability in Samsung Galaxy A8+ Firmware The Samsung A8+ Android device with a build fingerprint of samsung/jackpot2ltexx/jackpot2lte:8.0.0/R16NW/A730FXXS4BSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. | 7.8 |
| 2019-11-14 | CVE-2019-15435 | Unspecified vulnerability in Samsung Galaxy A7 Firmware The Samsung A7 Android device with a build fingerprint of samsung/a7y17ltexx/a7y17lte:8.0.0/R16NW/A720FXXU7CSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. | 7.8 |
| 2019-11-14 | CVE-2019-15434 | Unspecified vulnerability in Samsung Galaxy A5 Firmware The Samsung A5 Android device with a build fingerprint of samsung/a5y17ltexx/a5y17lte:8.0.0/R16NW/A520FXXS8CSC5:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. | 7.8 |
| 2019-11-14 | CVE-2019-15433 | Unspecified vulnerability in Samsung Galaxy A3 Firmware The Samsung A3 Android device with a build fingerprint of samsung/a3y17ltedx/a3y17lte:8.0.0/R16NW/A320YDXU4CSB3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. | 7.8 |
| 2019-09-25 | CVE-2019-16253 | Unspecified vulnerability in Samsung Text-To-Speech The Text-to-speech Engine (aka SamsungTTS) application before 3.0.02.7 and 3.0.00.101 for Android allows a local attacker to escalate privileges, e.g., to system privileges. | 7.8 |
| 2019-06-07 | CVE-2018-20135 | Improper Certificate Validation vulnerability in Samsung Galaxy Apps Samsung Galaxy Apps before 4.4.01.7 allows modification of the hostname used for load balancing on installations of applications through a man-in-the-middle attack. | 8.1 |
| 2019-06-03 | CVE-2019-6740 | Out-of-bounds Write vulnerability in Samsung Galaxy S9 Firmware 1.4.20.2 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to January 2019 Security Update (SMR-JAN-2019 - SVE-2018-13467). | 8.8 |