Filtered by vendor Samsung
Subscriptions
Total
1187 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-20582 | 2 Google, Samsung | 2 Android, Exynos 9810 | 2024-11-21 | 9.8 Critical |
| An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) devices (Exynos9810 chipsets) software. There is a use after free in the ion driver. The Samsung ID is SVE-2019-14837 (August 2019). | ||||
| CVE-2019-20578 | 2 Google, Samsung | 2 Android, Exynos 9820 | 2024-11-21 | 9.8 Critical |
| An issue was discovered on Samsung mobile devices with P(9.0) (Exynos 9820 chipsets) software. A Buffer overflow occurs when loading the UH Partition during Secure Boot. The Samsung ID is SVE-2019-14412 (August 2019). | ||||
| CVE-2019-20572 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 9.8 Critical |
| An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (Exynos chipsets) software. load_kernel has a buffer overflow via untrusted data. The Samsung ID is SVE-2019-14939 (September 2019). | ||||
| CVE-2019-20566 | 1 Samsung | 1 Exynos Smp1300 | 2024-11-21 | 9.8 Critical |
| An issue was discovered on Samsung mobile devices with any (before September 2019 for SMP1300 Exynos modem chipsets) software. Attackers can trigger stack corruption in the Shannon modem via a crafted RP-Originator/Destination address. The Samsung ID is SVE-2019-14858 (September 2019). | ||||
| CVE-2019-20564 | 1 Samsung | 2 Note9, S9 | 2024-11-21 | 7.5 High |
| An issue was discovered on Samsung mobile devices with any (before October 2019 for S9 or Note9) software. Attackers can manipulate the IMEI. The Samsung ID is SVE-2019-15435 (October 2019). | ||||
| CVE-2019-20558 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 9.8 Critical |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a Buffer Overflow in the Touch Screen Driver. The Samsung ID is SVE-2019-14990 (October 2019). | ||||
| CVE-2019-20556 | 3 Google, Qualcomm, Samsung | 7 Android, Sm6150, Sm8150 and 4 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, and exynos9820 chipsets) software. RKP memory corruption allows attackers to control the effective address in EL2. The Samsung ID is SVE-2019-15221 (October 2019). | ||||
| CVE-2019-20553 | 3 Google, Qualcomm, Samsung | 7 Android, Sm6150, Sm8150 and 4 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, and exynos9820 chipsets) software. Arbitrary memory read and write operations can occur in RKP. The Samsung ID is SVE-2019-15143 (October 2019). | ||||
| CVE-2019-20451 | 1 Samsung | 2 Prismview Player 11, Prismview System 9 | 2024-11-21 | 9.8 Critical |
| The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code execution by uploading RebootSystem.lnk and requesting /REBOOTSYSTEM or /RESTARTVNC. (Authentication is required but an XML file containing credentials can be downloaded.) | ||||
| CVE-2019-19273 | 2 Google, Samsung | 5 Android, Exynos 8895, Galaxy Note8 and 2 more | 2024-11-21 | 7.8 High |
| On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations. The Samsung ID is SVE-2019-16265. | ||||
| CVE-2019-17668 | 1 Samsung | 4 Galaxy S10, Galaxy S10 Firmware, Note 10 and 1 more | 2024-11-21 | 6.8 Medium |
| Samsung Galaxy S10 and Note10 devices allow unlock operations via unregistered fingerprints in certain situations involving a third-party screen protector. | ||||
| CVE-2019-16401 | 1 Samsung | 6 Galaxy Note 2, Galaxy Note 2 Firmware, Galaxy S3 and 3 more | 2024-11-21 | 6.5 Medium |
| Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow injection of AT+CIMI and AT+CGSN over Bluetooth, leaking sensitive information such as IMSI, IMEI, call status, call setup stage, internet service status, signal strength, current roaming status, battery level, and call held status. | ||||
| CVE-2019-16400 | 1 Samsung | 6 Galaxy Note 2, Galaxy Note 2 Firmware, Galaxy S3 and 3 more | 2024-11-21 | 6.5 Medium |
| Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow attackers to send AT commands over Bluetooth, resulting in several Denial of Service (DoS) attacks. | ||||
| CVE-2019-16253 | 1 Samsung | 1 Text-to-speech | 2024-11-21 | 7.8 High |
| The Text-to-speech Engine (aka SamsungTTS) application before 3.0.02.7 and 3.0.00.101 for Android allows a local attacker to escalate privileges, e.g., to system privileges. The Samsung case ID is 101755. | ||||
| CVE-2019-15465 | 1 Samsung | 2 Galaxy J7 Pro, Galaxy J7 Pro Firmware | 2024-11-21 | 7.8 High |
| The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteubm/j7y17lte:8.1.0/M1AJQ/J730GMUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app. | ||||
| CVE-2019-15464 | 1 Samsung | 2 Galaxy J7 Pro, Galaxy J7 Pro Firmware | 2024-11-21 | 7.8 High |
| The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteub/j7y17lte:8.1.0/M1AJQ/J730GUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app. | ||||
| CVE-2019-15463 | 1 Samsung | 2 Galaxy J7 Prime, Galaxy J7 Prime Firmware | 2024-11-21 | 7.8 High |
| The Samsung j7popeltemtr Android device with a build fingerprint of samsung/j7popeltemtr/j7popeltemtr:8.1.0/M1AJQ/J727T1UVS5BSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app. | ||||
| CVE-2019-15462 | 1 Samsung | 2 Galaxy J7 Duo, Galaxy J7 Duo Firmware | 2024-11-21 | 7.8 High |
| The Samsung J7 Duo Android device with a build fingerprint of samsung/j7duolteub/j7duolte:8.0.0/R16NW/J720MUBS3ASB2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app. | ||||
| CVE-2019-15461 | 1 Samsung | 2 Galaxy J7 Neo, Galaxy J7 Neo Firmware | 2024-11-21 | 7.8 High |
| The Samsung J7 Neo Android device with a build fingerprint of samsung/j7velteub/j7velte:8.1.0/M1AJQ/J701MUBS6BSB4:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app. | ||||
| CVE-2019-15460 | 1 Samsung | 2 Galaxy J7 Neo, Galaxy J7 Neo Firmware | 2024-11-21 | 7.8 High |
| The Samsung J7 Neo Android device with a build fingerprint of samsung/j7veltedx/j7velte:8.1.0/M1AJQ/J701FXVS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app. | ||||