cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2015-7890,https://securityvulnerability.io/vulnerability/CVE-2015-7890,,"Multiple buffer overflows in the esa_write function in /dev/seirenin the Exynos Seiren Audio driver, as used in Samsung S6 Edge, allow local users to cause a denial of service (memory corruption) via a large (1) buffer or (2) size parameter.",Samsung,Galaxy S6 Edge Firmware,5.5,MEDIUM,0.0010300000431016088,false,,false,false,false,,,false,false,,2020-02-12T14:54:18.000Z,0
CVE-2018-14745,https://securityvulnerability.io/vulnerability/CVE-2018-14745,,Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer. The Samsung ID is SVE-2018-12029.,Samsung,Galaxy S6 Firmware,8.8,HIGH,0.003389999968931079,false,,false,false,false,,,false,false,,2019-03-21T16:00:00.000Z,0
CVE-2018-14853,https://securityvulnerability.io/vulnerability/CVE-2018-14853,,A NULL pointer dereference in dhd_prot_txdata_write_flush in drivers/net/wireless/bcmdhd4358/dhd_msgbuf.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device to reboot. The Samsung ID is SVE-2018-11783.,Samsung,Galaxy S6 Firmware,4.3,MEDIUM,0.0008200000156648457,false,,false,false,false,,,false,false,,2018-12-17T18:00:00.000Z,0
CVE-2018-14854,https://securityvulnerability.io/vulnerability/CVE-2018-14854,,Buffer overflow in dhd_bus_flow_ring_delete_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.,Samsung,Galaxy S6 Firmware,6.3,MEDIUM,0.0010100000072270632,false,,false,false,false,,,false,false,,2018-12-17T18:00:00.000Z,0
CVE-2018-14856,https://securityvulnerability.io/vulnerability/CVE-2018-14856,,Buffer overflow in dhd_bus_flow_ring_create_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi) chip to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.,Samsung,Galaxy S6 Firmware,6.3,MEDIUM,0.0010100000072270632,false,,false,false,false,,,false,false,,2018-12-17T18:00:00.000Z,0
CVE-2018-14852,https://securityvulnerability.io/vulnerability/CVE-2018-14852,,Out-of-bounds array access in dhd_rx_frame in drivers/net/wireless/bcmdhd4358/dhd_linux.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause invalid accesses to operating system memory due to improper validation of the network interface index provided by the Wi-Fi chip's firmware.,Samsung,Galaxy S6 Firmware,6.3,MEDIUM,0.0010100000072270632,false,,false,false,false,,,false,false,,2018-12-17T18:00:00.000Z,0
CVE-2018-14855,https://securityvulnerability.io/vulnerability/CVE-2018-14855,,Buffer overflow in dhd_bus_flow_ring_flush_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.,Samsung,Galaxy S6 Firmware,6.3,MEDIUM,0.0010100000072270632,false,,false,false,false,,,false,false,,2018-12-17T18:00:00.000Z,0
CVE-2015-7894,https://securityvulnerability.io/vulnerability/CVE-2015-7894,,The DCMProvider service in Samsung LibQjpeg on a Samsung SM-G925V device running build number LRX22G.G925VVRU1AOE2 allows remote attackers to cause a denial of service (segmentation fault and process crash) and execute arbitrary code via a crafted JPG.,Samsung,Galaxy S6 Edge Firmware,8.8,HIGH,0.07108999788761139,false,,false,false,false,,,false,false,,2017-08-09T18:00:00.000Z,0
CVE-2015-7888,https://securityvulnerability.io/vulnerability/CVE-2015-7888,,"Directory traversal vulnerability in the WifiHs20UtilityService on the Samsung S6 Edge LRX22G.G925VVRU1AOE2 allows remote attackers to overwrite or create arbitrary files as the system-level user via a .. (dot dot) in the name of a file, compressed into a zipped file named cred.zip, and downloaded to /sdcard/Download.",Samsung,Galaxy S6 Edge Firmware,7.5,HIGH,0.0037499999161809683,false,,false,false,false,,,false,false,,2017-06-07T14:00:00.000Z,0
CVE-2016-2567,https://securityvulnerability.io/vulnerability/CVE-2016-2567,,"secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to bypass URL filtering by inserting an ""exceptional URL"" in the query string, as demonstrated by the http://should-have-been-filtered.example.com/?http://google.com URL.",Samsung,Galaxy S6 Firmware,3.3,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-04-13T16:00:00.000Z,0
CVE-2016-2036,https://securityvulnerability.io/vulnerability/CVE-2016-2036,,"The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to trigger a NULL pointer dereference via a ""GET HTTP/1.1"" request, aka SVE-2016-5036.",Samsung,Galaxy S6 Firmware,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-04-13T16:00:00.000Z,0
CVE-2016-4030,https://securityvulnerability.io/vulnerability/CVE-2016-4030,,"Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices have unintended availability of the modem in USB configuration number 2 within the secure lockscreen state, allowing an attacker to make phone calls, send text messages, or issue commands, aka SVE-2016-5301.",Samsung,Galaxy S6 Firmware,6.8,MEDIUM,0.0022799998987466097,false,,false,false,false,,,false,false,,2017-04-13T16:00:00.000Z,0
CVE-2016-4031,https://securityvulnerability.io/vulnerability/CVE-2016-4031,,"Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices allow attackers to send AT commands by plugging the device into a Linux host, aka SVE-2016-5301.",Samsung,Galaxy S6 Firmware,6.8,MEDIUM,0.0022799998987466097,false,,false,false,false,,,false,false,,2017-04-13T16:00:00.000Z,0
CVE-2016-2566,https://securityvulnerability.io/vulnerability/CVE-2016-2566,,"Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices has SQL injection, aka SVE-2015-5081.",Samsung,Galaxy S6 Firmware,9.8,CRITICAL,0.0033499998971819878,false,,false,false,false,,,false,false,,2017-04-13T16:00:00.000Z,0
CVE-2016-4032,https://securityvulnerability.io/vulnerability/CVE-2016-4032,,"Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices do not block AT+USBDEBUG and AT+WIFIVALUE, which allows attackers to modify Android settings by leveraging AT access, aka SVE-2016-5301.",Samsung,Galaxy S6 Firmware,4.6,MEDIUM,0.002099999925121665,false,,false,false,false,,,false,false,,2017-04-13T16:00:00.000Z,0
CVE-2016-2565,https://securityvulnerability.io/vulnerability/CVE-2016-2565,,"Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices allows attackers to read sent e-mail messages, aka SVE-2015-5081.",Samsung,Galaxy S6 Firmware,3.3,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-04-13T16:00:00.000Z,0