National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:samsung:samsung_mobile:7.1.2
There are 9 matching records.
Vuln ID Summary CVSS Severity
CVE-2018-10751

A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in memory allocation for this string. The Samsung ID is SVE-2018-11463.

Published: May 29, 2018; 04:29:02 PM -04:00
V3: 5.3 MEDIUM
V2: 5.4 MEDIUM
CVE-2018-9143

On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991.

Published: March 30, 2018; 04:29:00 AM -04:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2018-9142

On Samsung mobile devices with N(7.x) software, attackers can install an arbitrary APK in the Secure Folder SD Card area because of faulty validation of a package signature and package name, aka SVE-2017-10932.

Published: March 30, 2018; 04:29:00 AM -04:00
V3: 7.0 HIGH
V2: 7.6 HIGH
CVE-2018-9141

On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105.

Published: March 30, 2018; 04:29:00 AM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2018-9139

On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165.

Published: March 30, 2018; 04:29:00 AM -04:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2018-5210

On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to discover unlock information (PIN, password, or pattern). The Samsung ID is SVE-2017-10733.

Published: January 04, 2018; 01:29:00 AM -05:00
V3: 8.1 HIGH
V2: 9.3 HIGH
CVE-2017-18020

On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and Exynos chipsets, attackers can execute arbitrary code in the bootloader because S Boot omits a size check during a copy of ramfs data to memory. The Samsung ID is SVE-2017-10598.

Published: January 04, 2018; 01:29:00 AM -05:00
V3: 8.4 HIGH
V2: 7.2 HIGH
CVE-2015-7896

LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file.

Published: August 24, 2017; 04:29:00 PM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2017-7978

Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290.

Published: April 19, 2017; 06:59:00 PM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM