Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-27 | CVE-2017-5925 | Information Exposure vulnerability in multiple products Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. | 5.0 |
| 2017-02-13 | CVE-2016-4547 | Improper Input Validation vulnerability in Samsung Mobile Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C. | 5.0 |
| 2017-01-27 | CVE-2016-3996 | Information Exposure vulnerability in Samsung Knox 1.0/2.3.0 ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly check the caller, which allows local users to read KNOX clipboard data via a crafted application. | 4.3 |
| 2017-01-27 | CVE-2016-1920 | Improper Access Control vulnerability in Samsung Knox 1.0 Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service. | 4.3 |
| 2017-01-18 | CVE-2016-9279 | Use After Free vulnerability in Samsung Exynos Fimg2D Driver Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. | 5.0 |
| 2017-01-18 | CVE-2016-9278 | Improper Input Validation vulnerability in Samsung Exynos Fimg2D Driver The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local users to cause a denial of service (kernel panic) via a crafted ioctl command. | 4.9 |
| 2017-01-12 | CVE-2017-5350 | Denial of Service vulnerability in Multiple Samsung Android Mobile Devices Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception handling. | 5.0 |
| 2016-11-23 | CVE-2016-9567 | Information Exposure vulnerability in Samsung Mobile 6.0 The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen. | 4.3 |
| 2016-01-15 | CVE-2015-8280 | Information Exposure vulnerability in Samsung web Viewer 1.0.0.193 Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to discover credentials by reading detailed error messages. | 5.0 |
| 2016-01-15 | CVE-2015-8279 | Permissions, Privileges, and Access Controls vulnerability in Samsung web Viewer 1.0.0.193 Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script. | 5.0 |