Vulnerabilities > Samsung > Samsung Mobile > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-30 | CVE-2018-9139 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Mobile On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165. | 10.0 |
| 2018-03-30 | CVE-2018-9141 | Improper Input Validation vulnerability in Samsung Mobile On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105. | 9.3 |
| 2018-03-30 | CVE-2018-9143 | Out-of-bounds Write vulnerability in Samsung Mobile On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991. | 10.0 |
| 2018-01-04 | CVE-2018-5210 | Out-of-bounds Write vulnerability in Samsung Mobile On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to discover unlock information (PIN, password, or pattern). | 9.3 |
| 2017-03-23 | CVE-2017-5538 | Out-of-bounds Read vulnerability in Samsung Mobile 6.0/7.0 The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bounds read, aka SVE-2016-6362. | 10.0 |
| 2017-01-18 | CVE-2016-6526 | Permissions, Privileges, and Access Controls vulnerability in Samsung Mobile 5.0/5.1/6.0 The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. | 9.3 |
| 2017-01-18 | CVE-2016-6527 | Permissions, Privileges, and Access Controls vulnerability in Samsung Mobile 5.0/5.1/6.0 The SmartCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. | 9.3 |
| 2016-12-16 | CVE-2016-9965 | 7PK - Errors vulnerability in Samsung Mobile Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. | 10.0 |
| 2016-12-16 | CVE-2016-9966 | 7PK - Errors vulnerability in Samsung Mobile Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. | 10.0 |
| 2016-12-16 | CVE-2016-9967 | 7PK - Errors vulnerability in Samsung Mobile Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. | 10.0 |