Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-17 | CVE-2018-14856 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7 Buffer overflow in dhd_bus_flow_ring_create_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi) chip to cause the device driver to perform invalid memory accesses. | 6.3 |
| 2018-12-17 | CVE-2018-14855 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7 Buffer overflow in dhd_bus_flow_ring_flush_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. | 6.3 |
| 2018-12-17 | CVE-2018-14854 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7 Buffer overflow in dhd_bus_flow_ring_delete_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. | 6.3 |
| 2018-12-17 | CVE-2018-14853 | NULL Pointer Dereference vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7 A NULL pointer dereference in dhd_prot_txdata_write_flush in drivers/net/wireless/bcmdhd4358/dhd_msgbuf.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device to reboot. | 4.3 |
| 2018-12-17 | CVE-2018-14852 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7 Out-of-bounds array access in dhd_rx_frame in drivers/net/wireless/bcmdhd4358/dhd_linux.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause invalid accesses to operating system memory due to improper validation of the network interface index provided by the Wi-Fi chip's firmware. | 6.3 |
| 2018-11-20 | CVE-2018-12038 | Insufficiently Protected Credentials vulnerability in Samsung 840 EVO Firmware An issue was discovered on Samsung 840 EVO devices. | 4.2 |
| 2018-11-20 | CVE-2018-12037 | An issue was discovered on Samsung 840 EVO and 850 EVO devices (only in "ATA high" mode, not vulnerable in "TCG" or "ATA max" mode), Samsung T3 and T5 portable drives, and Crucial MX100, MX200 and MX300 devices. | 4.0 |
| 2018-09-24 | CVE-2018-10498 | Information Exposure vulnerability in Samsung Email This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. | 5.5 |
| 2018-09-21 | CVE-2018-3913 | Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. | 6.7 |
| 2018-08-28 | CVE-2018-3926 | Integer Underflow (Wrap or Wraparound) vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. | 5.5 |