Vulnerabilities > Samsung > Samsung Mobile > 5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-30 | CVE-2018-9141 | Improper Input Validation vulnerability in Samsung Mobile On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105. | 7.8 |
| 2018-01-04 | CVE-2017-18020 | Improper Input Validation vulnerability in Samsung Mobile On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and Exynos chipsets, attackers can execute arbitrary code in the bootloader because S Boot omits a size check during a copy of ramfs data to memory. | 8.4 |
| 2017-08-24 | CVE-2015-7896 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Mobile LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file. | 6.5 |
| 2017-08-02 | CVE-2015-7891 | Race Condition vulnerability in Samsung Mobile 5.0/5.1 Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598. | 7.0 |
| 2017-04-19 | CVE-2017-7978 | Information Exposure vulnerability in Samsung Mobile Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. | 7.5 |
| 2017-02-13 | CVE-2016-4547 | Improper Input Validation vulnerability in Samsung Mobile Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C. | 7.5 |
| 2017-02-13 | CVE-2016-4546 | Improper Input Validation vulnerability in Samsung Mobile 4.4/5.0/5.1 Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call. | 5.5 |
| 2017-02-01 | CVE-2016-4038 | Improper Input Validation vulnerability in Samsung Mobile 4.4/5.0/5.1 Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the gpio_config.gpio_name value. | 7.8 |
| 2017-01-18 | CVE-2016-6527 | Permissions, Privileges, and Access Controls vulnerability in Samsung Mobile 5.0/5.1/6.0 The SmartCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. | 7.8 |
| 2017-01-18 | CVE-2016-6526 | Permissions, Privileges, and Access Controls vulnerability in Samsung Mobile 5.0/5.1/6.0 The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. | 7.8 |