Vulnerabilities > Samsung > Samsung Mobile > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-29 | CVE-2018-10751 | Integer Overflow or Wraparound vulnerability in Samsung Mobile A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. | 5.3 |
| 2018-03-30 | CVE-2018-9140 | Cross-site Scripting vulnerability in Samsung Mobile 6.0 On Samsung mobile devices with M(6.0) software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747. | 6.1 |
| 2017-08-24 | CVE-2015-7896 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Mobile LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file. | 6.5 |
| 2017-06-27 | CVE-2015-7898 | Improper Access Control vulnerability in Samsung Mobile Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | 5.5 |
| 2017-06-27 | CVE-2015-7895 | Improper Access Control vulnerability in Samsung Mobile Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | 5.5 |
| 2017-02-13 | CVE-2016-4546 | Improper Input Validation vulnerability in Samsung Mobile 4.4/5.0/5.1 Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call. | 5.5 |
| 2017-01-09 | CVE-2017-5217 | Improper Input Validation vulnerability in Samsung Mobile Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. | 5.5 |
| 2016-11-23 | CVE-2016-9567 | Information Exposure vulnerability in Samsung Mobile 6.0 The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen. | 5.5 |