Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-17 | CVE-2018-14854 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7 Buffer overflow in dhd_bus_flow_ring_delete_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. | 5.8 |
| 2018-12-17 | CVE-2018-14852 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7 Out-of-bounds array access in dhd_rx_frame in drivers/net/wireless/bcmdhd4358/dhd_linux.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause invalid accesses to operating system memory due to improper validation of the network interface index provided by the Wi-Fi chip's firmware. | 5.8 |
| 2018-10-03 | CVE-2018-17969 | Insufficiently Protected Credentials vulnerability in Samsung Scx-6545X Firmware 2.00.03.01 Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote attackers to discover cleartext credentials via iso.3.6.1.4.1.236.11.5.11.81.10.1.5.0 and iso.3.6.1.4.1.236.11.5.11.81.10.1.6.0 SNMP requests. | 5.0 |
| 2018-09-24 | CVE-2018-14318 | Improper Input Validation vulnerability in Samsung Galaxy S8 Firmware G950Fxxu1Aql5 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. | 6.8 |
| 2018-09-24 | CVE-2018-11614 | Unspecified vulnerability in Samsung Members This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Samsung Members Fixed in version 2.4.25. | 6.5 |
| 2018-09-24 | CVE-2018-10502 | Improper Input Validation vulnerability in Samsung Galaxy Apps This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 4.2.18.2. | 4.6 |
| 2018-09-24 | CVE-2018-10501 | Path Traversal vulnerability in Samsung Notes This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. | 4.4 |
| 2018-09-24 | CVE-2018-10500 | Unspecified vulnerability in Samsung Galaxy Apps This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. local samsung | 4.4 |
| 2018-09-24 | CVE-2018-10499 | Improper Input Validation vulnerability in Samsung Galaxy Apps This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. | 4.4 |
| 2018-09-24 | CVE-2018-10497 | Improper Input Validation vulnerability in Samsung Email This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. | 4.6 |