Vulnerabilities (CVE)

Filtered by vendor Samsung Subscribe
Filtered by product Galaxy S6
Total 26 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-14856 1 Samsung 2 Galaxy S6, Galaxy S6 Firmware 2024-11-21 5.8 MEDIUM 6.3 MEDIUM
Buffer overflow in dhd_bus_flow_ring_create_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi) chip to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.
CVE-2018-14855 1 Samsung 2 Galaxy S6, Galaxy S6 Firmware 2024-11-21 5.8 MEDIUM 6.3 MEDIUM
Buffer overflow in dhd_bus_flow_ring_flush_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.
CVE-2018-14854 1 Samsung 2 Galaxy S6, Galaxy S6 Firmware 2024-11-21 5.8 MEDIUM 6.3 MEDIUM
Buffer overflow in dhd_bus_flow_ring_delete_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.
CVE-2018-14853 1 Samsung 2 Galaxy S6, Galaxy S6 Firmware 2024-11-21 3.3 LOW 4.3 MEDIUM
A NULL pointer dereference in dhd_prot_txdata_write_flush in drivers/net/wireless/bcmdhd4358/dhd_msgbuf.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device to reboot. The Samsung ID is SVE-2018-11783.
CVE-2018-14852 1 Samsung 2 Galaxy S6, Galaxy S6 Firmware 2024-11-21 5.8 MEDIUM 6.3 MEDIUM
Out-of-bounds array access in dhd_rx_frame in drivers/net/wireless/bcmdhd4358/dhd_linux.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause invalid accesses to operating system memory due to improper validation of the network interface index provided by the Wi-Fi chip's firmware.
CVE-2018-14745 1 Samsung 2 Galaxy S6, Galaxy S6 Firmware 2024-11-21 5.8 MEDIUM 8.8 HIGH
Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer. The Samsung ID is SVE-2018-12029.
CVE-2016-7991 2 Google, Samsung 6 Android, Galaxy S4, Galaxy S4 Mini and 3 more 2024-11-21 7.8 HIGH 7.5 HIGH
On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542.
CVE-2016-7990 2 Google, Samsung 6 Android, Galaxy S4, Galaxy S4 Mini and 3 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
On Samsung Galaxy S4 through S7 devices, an integer overflow condition exists within libomacp.so when parsing OMACP messages (within WAP Push SMS messages) leading to a heap corruption that can result in Denial of Service and potentially remote code execution, a subset of SVE-2016-6542.
CVE-2016-7989 2 Google, Samsung 6 Android, Galaxy S4, Galaxy S4 Mini and 3 more 2024-11-21 7.8 HIGH 7.5 HIGH
On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung's implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually crash, rendering the device unusable until a factory reset is performed, a subset of SVE-2016-6542.
CVE-2016-7988 2 Google, Samsung 6 Android, Galaxy S4, Galaxy S4 Mini and 3 more 2024-11-21 7.8 HIGH 7.5 HIGH
On Samsung Galaxy S4 through S7 devices, absence of permissions on the BroadcastReceiver responsible for handling the com.[Samsung].android.intent.action.SET_WIFI intent leads to unsolicited configuration messages being handled by wifi-service.jar within the Android Framework, a subset of SVE-2016-6542.
CVE-2016-4032 1 Samsung 10 Galaxy Note 3, Galaxy Note 3 Firmware, Galaxy S4 and 7 more 2024-11-21 2.1 LOW 4.6 MEDIUM
Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices do not block AT+USBDEBUG and AT+WIFIVALUE, which allows attackers to modify Android settings by leveraging AT access, aka SVE-2016-5301.
CVE-2016-4031 1 Samsung 10 Galaxy Note 3, Galaxy Note 3 Firmware, Galaxy S4 and 7 more 2024-11-21 4.6 MEDIUM 6.8 MEDIUM
Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices allow attackers to send AT commands by plugging the device into a Linux host, aka SVE-2016-5301.
CVE-2016-4030 1 Samsung 10 Galaxy Note 3, Galaxy Note 3 Firmware, Galaxy S4 and 7 more 2024-11-21 4.6 MEDIUM 6.8 MEDIUM
Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices have unintended availability of the modem in USB configuration number 2 within the secure lockscreen state, allowing an attacker to make phone calls, send text messages, or issue commands, aka SVE-2016-5301.
CVE-2016-2567 1 Samsung 4 Galaxy Note 3, Galaxy Note 3 Firmware, Galaxy S6 and 1 more 2024-11-21 2.1 LOW 3.3 LOW
secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to bypass URL filtering by inserting an "exceptional URL" in the query string, as demonstrated by the http://should-have-been-filtered.example.com/?http://google.com URL.
CVE-2016-2566 1 Samsung 2 Galaxy S6, Galaxy S6 Firmware 2024-11-21 7.5 HIGH 9.8 CRITICAL
Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices has SQL injection, aka SVE-2015-5081.
CVE-2016-2565 1 Samsung 2 Galaxy S6, Galaxy S6 Firmware 2024-11-21 2.1 LOW 3.3 LOW
Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to read sent e-mail messages, aka SVE-2015-5081.
CVE-2016-2036 1 Samsung 4 Galaxy Note 3, Galaxy Note 3 Firmware, Galaxy S6 and 1 more 2024-11-21 2.1 LOW 5.5 MEDIUM
The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request, aka SVE-2016-5036.
CVE-2016-11038 2 Google, Samsung 7 Android, Galaxy Note 3, Galaxy Note 4 and 4 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with software through 2016-04-05 (incorporating the Samsung Professional Audio SDK). The Jack audio service doesn't implement access control for shared memory, leading to arbitrary code execution or privilege escalation. The Samsung ID is SVE-2016-5953 (July 2016).
CVE-2015-8546 2 Google, Samsung 5 Android, Galaxy Note5, Galaxy S6 and 2 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with software through 2015-11-12, affecting the Galaxy S6/S6 Edge, Galaxy S6 Edge+, and Galaxy Note5 with the Shannon333 chipset. There is a stack-based buffer overflow in the baseband process that is exploitable for remote code execution via a fake base station. The Samsung ID is SVE-2015-5123 (December 2015).
CVE-2015-7898 1 Samsung 2 Galaxy S6, Samsung Mobile 2024-11-21 2.1 LOW 5.5 MEDIUM
Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).