Samsung Galaxy_s6
18 CVEs affecting Samsung Galaxy_s6. Latest disclosed: 2017-08-24. Critical: 2, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-2566 | Critical | 9.8 | 2017-04-13 | Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices has SQL injection, aka SVE-2015-5081. |
CVE-2016-7990 | Critical | 9.8 | 2016-10-31 | On Samsung Galaxy S4 through S7 devices, an integer overflow condition exists within libomacp.so when parsing OMACP messages (within WAP Push SMS messages) lea… |
CVE-2015-7893 | High | 8.8 | 2017-04-11 | SecEmailUI in Samsung Galaxy S6 does not sanitize HTML email content, allows remote attackers to execute arbitrary JavaScript. |
CVE-2016-7991 | High | 7.5 | 2016-10-31 | On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push S… |
CVE-2016-7989 | High | 7.5 | 2016-10-31 | On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsExce… |
CVE-2016-7988 | High | 7.5 | 2016-10-31 | On Samsung Galaxy S4 through S7 devices, absence of permissions on the BroadcastReceiver responsible for handling the com.[Samsung].android.intent.action.SET_W… |
CVE-2016-4031 | Medium | 6.8 | 2017-04-13 | Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9… |
CVE-2016-4030 | Medium | 6.8 | 2017-04-13 | Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9… |
CVE-2015-7896 | Medium | 6.5 | 2017-08-24 | LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted… |
CVE-2015-7898 | Medium | 5.5 | 2017-06-27 | Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). |
CVE-2015-7895 | Medium | 5.5 | 2017-06-27 | Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). |
CVE-2016-2036 | Medium | 5.5 | 2017-04-13 | The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build… |
CVE-2016-4032 | Medium | 4.6 | 2017-04-13 | Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9… |
CVE-2016-2567 | Low | 3.3 | 2017-04-13 | secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to b… |
CVE-2016-2565 | Low | 3.3 | 2017-04-13 | Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to read sent e-mail messages, aka SVE-2015-5081. |
CVE-2015-7897 | | 2015-11-16 | The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attacker… | |
CVE-2015-4641 | | 2015-06-19 | Directory traversal vulnerability in the SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices allows remote web serve… | |
CVE-2015-4640 | | 2015-06-19 | The SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices relies on an HTTP connection to the skslm.swiftkey.net serve… |