|
249141
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos5433, Exynos7420, or Exynos7870 chipsets) software. An attacker can bypass a ko (aka Kernel Module) signature by modify…
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2017-18689
|
2024-11-21 12:20 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249142
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with L(5.1), M(6.0), and N(7.0) software. There is an information disclosure (of memory locations outside a buffer) via /dev/dsm_ctrl_dev. The Samsun…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-18688
|
2024-11-21 12:20 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249143
|
5.3 |
MEDIUM
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. An attacker can obtain the full pathnames of sdcard files by reading the system protected log …
|
CWE-200
Information Exposure
|
CVE-2017-18687
|
2024-11-21 12:20 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249144
|
5.3 |
MEDIUM
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) software. Contact information can leak to a log file because of the broadcasting of an unprotected intent. The Samsung ID is S…
|
CWE-200
Information Exposure
|
CVE-2017-18686
|
2024-11-21 12:20 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249145
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. The InputMethod application can cause a system crash via a malformed serializable object in an Intent.…
|
CWE-20
Improper Input Validation
|
CVE-2017-18685
|
2024-11-21 12:20 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249146
|
9.8 |
CRITICAL
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. SVoice allows provider seizure via an application that uses a custom provider. The Samsung ID is SVE-2016-6942 (…
|
CWE-20
Improper Input Validation
|
CVE-2017-18684
|
2024-11-21 12:20 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249147
|
9.8 |
CRITICAL
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. SVoice allows Hare Hunting during application installation. The Samsung ID is SVE-2016-6942 (February 2017).
|
CWE-20
Improper Input Validation
|
CVE-2017-18683
|
2024-11-21 12:20 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249148
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. Because of incorrect exception handling and an unprotected intent, AudioService can cause a sy…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2017-18682
|
2024-11-21 12:20 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249149
|
9.8 |
CRITICAL
Network
|
samsung
|
galaxy_s5_firmware
|
An issue was discovered on Samsung Galaxy S5 mobile devices with software through 2016-12-20 (Qualcomm AP chipsets). There are multiple buffer overflows in the bootloader. The Samsung ID is SVE-2016-…
|
CWE-120
Classic Buffer Overflow
|
CVE-2017-18681
|
2024-11-21 12:20 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249150
|
7.1 |
HIGH
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) (tablets) software. The lockscreen interface allows Add User actions, leading to an unintended ability to access user data…
|
CWE-20
Improper Input Validation
|
CVE-2017-18680
|
2024-11-21 12:20 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
