Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Samsung Subscribe
Filtered by product Galaxy S6

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-14745 1 Samsung 2 Galaxy S6, Galaxy S6 Firmware 2019-04-01 5.8 MEDIUM 8.8 HIGH
Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer. The Samsung ID is SVE-2018-12029.
CVE-2015-7893 1 Samsung 1 Galaxy S6 2017-04-17 6.8 MEDIUM 8.8 HIGH
SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript.
CVE-2016-7991 2 Google, Samsung 6 Android, Galaxy S4, Galaxy S4 Mini and 3 more 2016-12-02 7.8 HIGH 7.5 HIGH
On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542.
CVE-2016-7988 2 Google, Samsung 6 Android, Galaxy S4, Galaxy S4 Mini and 3 more 2016-12-02 7.8 HIGH 7.5 HIGH
On Samsung Galaxy S4 through S7 devices, absence of permissions on the BroadcastReceiver responsible for handling the com.[Samsung].android.intent.action.SET_WIFI intent leads to unsolicited configuration messages being handled by wifi-service.jar within the Android Framework, a subset of SVE-2016-6542.
CVE-2016-7989 2 Google, Samsung 6 Android, Galaxy S4, Galaxy S4 Mini and 3 more 2016-12-02 7.8 HIGH 7.5 HIGH
On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung's implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually crash, rendering the device unusable until a factory reset is performed, a subset of SVE-2016-6542.