Filtered by vendor Samsung
Subscribe
Total
656 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-3912 | 1 Samsung | 1 Ipolis Device Manager | 2014-06-06 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote attackers to execute arbitrary code via a long value. | |||||
| CVE-2012-2864 | 3 Acer, Google, Samsung | 5 Ac700 Chromebook, Chrome Os, Cr-48 Chromebook and 2 more | 2014-02-11 | 10.0 HIGH | N/A |
| Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, Cr-48, and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, allows remote attackers to execute arbitrary code via unspecified vectors that trigger an "array overflow." | |||||
| CVE-2013-3585 | 1 Samsung | 2 Dvr, Smart Viewer | 2013-10-07 | 5.0 MEDIUM | N/A |
| Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent attackers to obtain sensitive information via vectors involving (1) direct access to a file or (2) the user-setup web page. | |||||
| CVE-2013-3964 | 1 Samsung | 2 Shr-5082, Shr-5162 | 2013-10-02 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Samsung SHR-5162, SHR-5082, and possibly other models, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | |||||
| CVE-2013-3586 | 1 Samsung | 2 Dvr, Smart Viewer | 2013-08-29 | 7.6 HIGH | N/A |
| Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie. | |||||
| CVE-2013-4890 | 1 Samsung | 2 Ps50c7700 Television, Ps50c7700 Television Firmware | 2013-07-23 | 7.8 HIGH | N/A |
| The DMCRUIS/0.1 web server on the Samsung PS50C7700 TV allows remote attackers to cause a denial of service (daemon crash) via a long URI to TCP port 5600. | |||||
| CVE-2012-6337 | 1 Samsung | 4 Galaxy Note 2, Galaxy S, Galaxy S2 and 1 more | 2012-12-31 | 3.3 LOW | N/A |
| The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices shows the activation of remote tracking, which might allow physically proximate attackers to defeat a product-recovery effort by tampering with this feature or its location data. | |||||
| CVE-2012-6422 | 2 Meizu, Samsung | 3 Mx, Galaxy Note 2, Galaxy S2 | 2012-12-20 | 9.3 HIGH | N/A |
| The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted application, as demonstrated by ExynosAbuse. | |||||
| CVE-2012-4964 | 1 Samsung | 1 Printer Firmware | 2012-11-27 | 7.5 HIGH | N/A |
| The Samsung printer firmware before 20121031 has a hardcoded read-write SNMP community, which makes it easier for remote attackers to obtain administrative access via an SNMP request. | |||||
| CVE-2012-2990 | 1 Samsung | 1 Kies | 2012-08-28 | 9.3 HIGH | N/A |
| The MASetupCaller ActiveX control before 1.4.2012.508 in MASetupCaller.dll in MarkAny ContentSAFER, as distributed in Samsung KIES before 2.3.2.12074_13_13, does not properly implement unspecified methods, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a crafted HTML document. | |||||
| CVE-2012-2980 | 5 Att, Htc, Samsung and 2 more | 9 Status, Chacha, Desire and 6 more | 2012-08-21 | 7.1 HIGH | N/A |
| The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages. | |||||
| CVE-2012-3290 | 3 Acer, Google, Samsung | 6 Ac700 Chromebook, Chrome Os, Cr-48 Chromebook and 3 more | 2012-06-11 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 20.0.1132.22 on the Acer AC700; Samsung Series 5, 5 550, and Chromebox 3; and Cr-48 Chromebook platforms have unknown impact and attack vectors. | |||||
| CVE-2012-1418 | 3 Acer, Google, Samsung | 4 Ac700 Chromebook, Chrome Os, Cr-48 Chromebook and 1 more | 2012-04-19 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.60 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | |||||
| CVE-2011-4719 | 3 Acer, Google, Samsung | 4 Ac700 Chromebook, Chrome Os, Cr-48 Chromebook and 1 more | 2012-04-19 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 16.0.912.63 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | |||||
| CVE-2010-4284 | 1 Samsung | 1 Data Management Server | 2011-05-26 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2007-3931 | 1 Samsung | 1 Scx-4200 Driver | 2008-11-14 | 4.4 MEDIUM | N/A |
| The wrap_setuid_third_party_application function in the installation script for the Samsung SCX-4200 Driver 2.00.95 adds setuid permissions to third party applications such as xsane and xscanimage, which allows local users to gain privileges. | |||||