| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds memory. |
| Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to manipulate broadcasting Auracast. |
| Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows local attackers to access sensitive information. |
| Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability. |
| Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to혻read out-of-bounds memory. |
| Out-of-bounds read in applying binary of pdf content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. |
| Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. |
| Out-of-bounds read in parsing wbmp image in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory. |
| Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Release 1 allows secondary users to access owner's saved Wi-Fi password. |
| Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to stop broadcasting Auracast. |
| Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device. |
| The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bounds read, aka SVE-2016-6362. |
| Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). |
| LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file. |
| The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. |
| Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. The zero-permission app will create an active install session for a separate app that it has embedded within it. The active install session of the embedded app is performed using the android.content.pm.PackageInstaller class and its nested classes in the Android API. The active install session will write the embedded APK file to the /data/app directory, but the app will not be installed since third-party applications cannot programmatically install apps. Samsung has modified AOSP in order to accelerate the parsing of APKs by introducing the com.android.server.pm.PackagePrefetcher class and its nested classes. These classes will parse the APKs present in the /data/app directory and other directories, even if the app is not actually installed. The embedded APK that was written to the /data/app directory via the active install session has a very large but valid AndroidManifest.xml file. Specifically, the AndroidManifest.xml file contains a very large string value for the name of a permission-tree that it declares. When system_server tries to parse the APK file of the embedded app from the active install session, it will crash due to an uncaught error (i.e., java.lang.OutOfMemoryError) or an uncaught exception (i.e., std::bad_alloc) because of memory constraints. The Samsung Android device will encounter a soft reboot due to a system_server crash, and this action will keep repeating since parsing the APKs in the /data/app directory as performed by the system_server process is part of the normal boot process. The Samsung ID is SVE-2016-6917. |
| Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception handling. The Samsung ID is SVE-2016-7122. |
| GALAXY Apps (aka Samsung Apps, Samsung Updates, or com.sec.android.app.samsungapps) before 14120405.03.012 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code. |
| Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x before 2.1.0069 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code. |
| Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598. |
