|
269981
|
4.6 |
MEDIUM
Physics
|
google
|
android
|
An issue was discovered on Samsung mobile devices with L(5.0/5.1) (Spreadtrum or Marvell chipsets) software. There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2016-5421 (March 2…
|
CWE-20
Improper Input Validation
|
CVE-2016-11048
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269982
|
7.8 |
HIGH
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with JBP(4.2) and KK(4.4) (Marvell chipsets) software. The ACIPC-MSOCKET driver allows local privilege escalation via a stack-based buffer overflow. …
|
CWE-787
Out-of-bounds Write
|
CVE-2016-11047
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269983
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with JBP(4.3), KK(4.4), and L(5.0/5.1) software. Because of a misused whitelist, attackers can reach the radio layer (aka RIL or RILD) to place calls…
|
CWE-20
Improper Input Validation
|
CVE-2016-11046
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269984
|
7.8 |
HIGH
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with L(5.0/5.1) software. The Gallery library allow memory corruption via a malformed image. The Samsung ID is SVE-2016-5317 (May 2016).
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-11045
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269985
|
7.8 |
HIGH
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) (with Fingerprint support) software. The check of an application's signature can be bypassed during installation. The Sams…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2016-11044
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269986
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with M(6.0) software. The S/MIME implementation in EAS uses DES (where 3DES is intended). The Samsung ID is SVE-2016-5871 (June 2016).
|
CWE-326
Inadequate Encryption Strength
|
CVE-2016-11043
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269987
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. There is a SIM Lock bypass. The Samsung ID is SVE-2016-5381 (June 2016).
|
CWE-287
Improper Authentication
|
CVE-2016-11042
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269988
|
4.6 |
MEDIUM
Physics
|
google
|
android
|
An issue was discovered on Samsung mobile devices with KK(4.4) software. Attackers can bypass the lockscreen by sending an AT command over USB. The Samsung ID is SVE-2015-5301 (June 2016).
|
CWE-287
Improper Authentication
|
CVE-2016-11041
|
2024-11-21 11:45 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269989
|
9.8 |
CRITICAL
Network
|
odata4j_project
|
odata4j
|
odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
|
CWE-89
SQL Injection
|
CVE-2016-11024
|
2024-11-21 11:45 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269990
|
9.8 |
CRITICAL
Network
|
odata4j_project
|
odata4j
|
odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
|
CWE-89
SQL Injection
|
CVE-2016-11023
|
2024-11-21 11:45 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
