Filtered by vendor Google
Subscribe
Search
Total
9554 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-11052 | 1 Google | 1 Android | 2020-04-08 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered on Samsung mobile devices with L(5.0/5.1) software. je_free in libQjpeg.so in Qjpeg in Qt 5.5 allows memory corruption via a malformed JPEG file. The Samsung ID is SVE-2015-5110 (January 2016). | |||||
| CVE-2016-11053 | 1 Google | 1 Android | 2020-04-08 | 2.1 LOW | 4.6 MEDIUM |
| An issue was discovered on Samsung mobile devices with software through 2015-11-11 (supporting FRP/RL). There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2015-5131 (January 2016). | |||||
| CVE-2016-11025 | 1 Google | 1 Android | 2020-04-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with software through 2016-09-13 (Exynos AP chipsets). There is a memcpy heap-based buffer overflow in the OTP service. The Samsung ID is SVE-2016-7114 (December 2016). | |||||
| CVE-2017-18652 | 1 Google | 1 Android | 2020-04-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. SVoice allows arbitrary code execution by changing dynamic libraries. The Samsung ID is SVE-2017-9299 (September 2017). | |||||
| CVE-2017-18662 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. Data outside of the rkp log buffer boundary is read, causing an information leak. The Samsung ID is SVE-2017-9109 (July 2017). | |||||
| CVE-2016-11026 | 1 Google | 1 Android | 2020-04-08 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. BootReceiver allows attackers to trigger a system crash because of incorrect exception handling. The Samsung ID is SVE-2016-7118 (December 2016). | |||||
| CVE-2017-18663 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with N(7.x) software. Because of missing Intent exception handling, system_server can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 (July 2017). | |||||
| CVE-2016-11027 | 1 Google | 1 Android | 2020-04-08 | 2.1 LOW | 2.4 LOW |
| An issue was discovered on Samsung mobile devices with M(6.0) software. In the Shade Locked state, a physically proximate attacker can read notifications on the lock screen. The Samsung ID is SVE-2016-7132 (December 2016). | |||||
| CVE-2017-18665 | 1 Google | 1 Android | 2020-04-08 | 5.8 MEDIUM | 8.8 HIGH |
| An issue was discovered on Samsung mobile devices with M(6.0) software. There is a NULL pointer exception in WifiService via adb-cmd, causing memory corruption. The Samsung ID is SVE-2017-8287 (June 2017). | |||||
| CVE-2017-18668 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with M(6.0) software. Attackers can prevent users from making outbound calls and sending outbound text messages. The Samsung ID is SVE-2017-8706 (June 2017). | |||||
| CVE-2017-18669 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with N(7.x) software. Persona has an unprotected API that allows launch of any activity with system privileges. The Samsung ID is SVE-2017-9000 (June 2017). | |||||
| CVE-2017-18653 | 1 Google | 1 Android | 2020-04-08 | 4.0 MEDIUM | 4.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. The Email application allows attackers to send emails on behalf of any user via a broadcasted intent. The Samsung ID is SVE-2017-9357 (September 2017). | |||||
| CVE-2017-18654 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0, 7.1) software. An unauthenticated attacker can register a new security certificate. The Samsung ID is SVE-2017-9659 (September 2017). | |||||
| CVE-2017-18655 | 1 Google | 1 Android | 2020-04-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a stack-based buffer overflow with resultant memory corruption in a trustlet. The Samsung IDs are SVE-2017-8889, SVE-2017-8891, and SVE-2017-8892 (August 2017). | |||||
| CVE-2017-18656 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer over-read in a trustlet. The Samsung ID is SVE-2017-8890 (August 2017). | |||||
| CVE-2017-18657 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is an arbitrary write in a trustlet. The Samsung ID is SVE-2017-8893 (August 2017). | |||||
| CVE-2017-18658 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with M(6.0) software. The multiwindow_facade API allows attackers to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 (August 2017). | |||||
| CVE-2017-18659 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Attackers can crash system processes via a broadcast to AdaptiveDisplayColorService. The Samsung ID is SVE-2017-8290 (July 2017). | |||||
| CVE-2017-18660 | 1 Google | 1 Android | 2020-04-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer overflow in tlc_server. The Samsung ID is SVE-2017-8888 (July 2017). | |||||
| CVE-2017-18661 | 1 Google | 1 Android | 2020-04-08 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer overflow in process_cipher_tdea. The Samsung ID is SVE-2017-8973 (July 2017). | |||||
| CVE-2016-11030 | 1 Google | 1 Android | 2020-04-07 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) (with Hrm sensor support) software. The sysfs of the MAX86902 sensor driver does not prevent concurrent access, leading to a race condition and resultant heap-based buffer overflow. The Samsung ID is SVE-2016-7341 (December 2016). | |||||
| CVE-2016-11029 | 1 Google | 1 Android | 2020-04-07 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.0) software. Attackers can read the password of the Mobile Hotspot in the log because of an unprotected intent. The Samsung ID is SVE-2016-7301 (December 2016). | |||||
| CVE-2016-11028 | 2 Google, Samsung | 2 Android, Exynos | 2020-04-07 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with software through 2016-09-13 (Exynos AP chipsets). There is a stack-based buffer overflow in the OTP TrustZone trustlet. The Samsung IDs are SVE-2016-7173 and SVE-2016-7174 (December 2016). | |||||
| CVE-2016-11041 | 1 Google | 1 Android | 2020-04-07 | 2.1 LOW | 4.6 MEDIUM |
| An issue was discovered on Samsung mobile devices with KK(4.4) software. Attackers can bypass the lockscreen by sending an AT command over USB. The Samsung ID is SVE-2015-5301 (June 2016). | |||||
| CVE-2016-11042 | 1 Google | 1 Android | 2020-04-07 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. There is a SIM Lock bypass. The Samsung ID is SVE-2016-5381 (June 2016). | |||||
| CVE-2016-11031 | 1 Google | 1 Android | 2020-04-07 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. AntService allows a system_server crash and reboot. The Samsung ID is SVE-2016-7044 (November 2016). | |||||
| CVE-2016-11032 | 1 Google | 1 Android | 2020-04-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with M(6.0) software. An attacker can disable all Sound functionality by broadcasting an unprotected intent. The Samsung IDs are SVE-2016-7179 and SVE-2016-7182 (November 2016). | |||||
| CVE-2016-11045 | 1 Google | 1 Android | 2020-04-07 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered on Samsung mobile devices with L(5.0/5.1) software. The Gallery library allow memory corruption via a malformed image. The Samsung ID is SVE-2016-5317 (May 2016). | |||||
| CVE-2016-11044 | 1 Google | 1 Android | 2020-04-07 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) (with Fingerprint support) software. The check of an application's signature can be bypassed during installation. The Samsung ID is SVE-2016-5923 (June 2016). | |||||
| CVE-2016-11033 | 1 Google | 1 Android | 2020-04-07 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with M(6.0) software. There is a heap-based buffer overflow in tlc_server. The Samsung IDs are SVE-2016-7220 and SVE-2016-7225 (November 2016). | |||||
| CVE-2016-11043 | 1 Google | 1 Android | 2020-04-07 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with M(6.0) software. The S/MIME implementation in EAS uses DES (where 3DES is intended). The Samsung ID is SVE-2016-5871 (June 2016). | |||||
| CVE-2016-11047 | 1 Google | 1 Android | 2020-04-07 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on Samsung mobile devices with JBP(4.2) and KK(4.4) (Marvell chipsets) software. The ACIPC-MSOCKET driver allows local privilege escalation via a stack-based buffer overflow. The Samsung ID is SVE-2016-5393 (April 2016). | |||||
| CVE-2016-11046 | 1 Google | 1 Android | 2020-04-07 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with JBP(4.3), KK(4.4), and L(5.0/5.1) software. Because of a misused whitelist, attackers can reach the radio layer (aka RIL or RILD) to place calls or send SMS messages. The Samsung ID is SVE-2016-5733 (May 2016). | |||||
| CVE-2016-6604 | 2 Google, Samsung | 2 Android, Exynos Fimg2d | 2020-04-07 | 10.0 HIGH | 9.8 CRITICAL |
| NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows attackers to have unspecified impact via unknown vectors. The Samsung ID is SVE-2016-6382. | |||||
| CVE-2019-20613 | 1 Google | 1 Android | 2020-03-30 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. There is time-based SQL injection in Contacts. The Samsung ID is SVE-2018-13452 (March 2019). | |||||
| CVE-2019-20592 | 1 Google | 1 Android | 2020-03-30 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is local SQL injection in the Story Video Editor Content Provider. The Samsung ID is SVE-2019-14062 (July 2019). | |||||
| CVE-2019-20591 | 1 Google | 1 Android | 2020-03-30 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is local SQL injection in the Gear VR Service Content Provider. The Samsung ID is SVE-2019-14058 (July 2019). | |||||
| CVE-2019-20567 | 1 Google | 1 Android | 2020-03-30 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A up_parm heap overflow leads to code execution in the bootloader. The Samsung ID is SVE-2019-14993 (September 2019). | |||||
| CVE-2019-20588 | 1 Google | 1 Android | 2020-03-30 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the SEM Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14891 (August 2019). | |||||
| CVE-2020-10847 | 2 Google, Samsung | 3 Android, Galaxy Note8, Galaxy S8 | 2020-03-30 | 4.6 MEDIUM | 6.8 MEDIUM |
| An issue was discovered on Samsung mobile devices with P(9.0) (Galaxy S8 and Note8) software. Facial recognition can be spoofed. The Samsung ID is SVE-2019-16614 (February 2020). | |||||
| CVE-2019-20605 | 1 Google | 1 Android | 2020-03-30 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A heap overflow occurs for baseband in the Shannon modem. The Samsung ID is SVE-2019-14071 (May 2019). | |||||
| CVE-2019-20607 | 3 Google, Qualcomm, Samsung | 7 Android, Msm8996, Msm8998 and 4 more | 2020-03-30 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890, and Exynos8895 chipsets) software. A heap overflow in the keymaster Trustlet allows attackers to write to TEE memory, and achieve arbitrary code execution. The Samsung ID is SVE-2019-14126 (May 2019). | |||||
| CVE-2019-20589 | 1 Google | 1 Android | 2020-03-30 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the SKPM Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14892 (August 2019). | |||||
| CVE-2019-20604 | 1 Google | 1 Android | 2020-03-30 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with O(8.x) software. Attackers can disable Gallery permanently. The Samsung ID is SVE-2019-14031 (May 2019). | |||||
| CVE-2019-20611 | 1 Google | 1 Android | 2020-03-30 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), Go(8.1), P(9.0), and Go(9.0) (Exynos chipsets) software. A baseband stack overflow leads to arbitrary code execution. The Samsung ID is SVE-2019-13963 (April 2019). | |||||
| CVE-2019-20590 | 2 Google, Qualcomm | 2 Android, Sdm660 | 2020-03-30 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with O(8.x) (Qualcomm chipsets) software. There is an integer underflow in the Secure Storage Trustlet. The Samsung ID is SVE-2019-13952 (July 2019). | |||||
| CVE-2019-20576 | 1 Google | 1 Android | 2020-03-30 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with P(9.0) software. The MemorySaver Content Provider allows SQL injection. The Samsung ID is SVE-2019-14365 (August 2019). | |||||
| CVE-2019-20578 | 2 Google, Samsung | 2 Android, Exynos 9820 | 2020-03-27 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with P(9.0) (Exynos 9820 chipsets) software. A Buffer overflow occurs when loading the UH Partition during Secure Boot. The Samsung ID is SVE-2019-14412 (August 2019). | |||||
| CVE-2019-20587 | 1 Google | 1 Android | 2020-03-27 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (with TEEGRIS) software. There is type confusion in the MLDAP Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14867 (August 2019). | |||||
| CVE-2019-20582 | 2 Google, Samsung | 2 Android, Exynos 9810 | 2020-03-27 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) devices (Exynos9810 chipsets) software. There is a use after free in the ion driver. The Samsung ID is SVE-2019-14837 (August 2019). | |||||