An issue was discovered on Samsung mobile devices with software through 2015-11-12, affecting the Galaxy S6/S6 Edge, Galaxy S6 Edge+, and Galaxy Note5 with the Shannon333 chipset. There is a stack-based buffer overflow in the baseband process that is exploitable for remote code execution via a fake base station. The Samsung ID is SVE-2015-5123 (December 2015).
Max CVSS
10.0
EPSS Score
0.12%
Published
2020-04-10
Updated
2020-04-13
media/libmedia/IAudioPolicyService.cpp in Android before 5.1 allows attackers to execute arbitrary code with media_server privileges or cause a denial of service (integer overflow) via a crafted application that provides an invalid array size.
Max CVSS
7.8
EPSS Score
0.05%
Published
2020-01-24
Updated
2020-01-28
A Code Execution vulnerability exists in Android prior to 4.4.0 related to the addJavascriptInterface method and the accessibility and accessibilityTraversal objects, which could let a remote malicious user execute arbitrary code.
Max CVSS
9.0
EPSS Score
1.82%
Published
2020-02-07
Updated
2020-02-12
3 vulnerabilities found