Filtered by vendor Samsung
Subscriptions
Total
1083 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-49927 | 1 Samsung | 26 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 23 more | 2024-08-02 | 5.3 Medium |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check format types specified by the RRC. This can lead to a lack of encryption. | ||||
CVE-2023-49928 | 1 Samsung | 26 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 23 more | 2024-08-02 | 7.5 High |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check states specified by the RRC. This can lead to disclosure of sensitive information. | ||||
CVE-2023-45864 | 1 Samsung | 14 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 11 more | 2024-08-02 | 4 Medium |
A race condition issue discovered in Samsung Mobile Processor Exynos 9820, 980, 1080, 2100, 2200, 1280, and 1380 allows unintended modifications of values within certain areas. | ||||
CVE-2023-43122 | 1 Samsung | 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more | 2024-08-02 | 4.8 Medium |
Samsung Mobile Processor and Wearable Processor (Exynos 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, and W920) allow Information Disclosure in the Bootloader. | ||||
CVE-2023-42576 | 1 Samsung | 1 Pass | 2024-08-02 | 5.4 Medium |
Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid exception handler. | ||||
CVE-2023-42556 | 1 Samsung | 1 Android | 2024-08-02 | 3.3 Low |
Improper usage of implicit intent in Contacts prior to SMR Dec-2023 Release 1 allows attacker to get sensitive information. | ||||
CVE-2023-42578 | 1 Samsung | 1 Cloud | 2024-08-02 | 6.5 Medium |
Improper handling of insufficient permissions or privileges vulnerability in Samsung Data Store prior to version 5.2.00.7 allows remote attackers to access location information without permission. | ||||
CVE-2023-42579 | 2 Google, Samsung | 2 Android, Samsung Keyboard | 2024-08-02 | 6.5 Medium |
Improper usage of insecure protocol (i.e. HTTP) in SogouSDK of Chinese Samsung Keyboard prior to versions 5.3.70.1 in Android 11, 5.4.60.49, 5.4.85.5, 5.5.00.58 in Android 12, and 5.6.00.52, 5.6.10.42, 5.7.00.45 in Android 13 allows adjacent attackers to access keystroke data using Man-in-the-Middle attack. | ||||
CVE-2023-42575 | 1 Samsung | 1 Pass | 2024-08-02 | 5.4 Medium |
Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid flag setting. | ||||
CVE-2023-42548 | 1 Samsung | 1 Account | 2024-08-02 | 5.5 Medium |
Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege. | ||||
CVE-2023-42567 | 1 Samsung | 1 Android | 2024-08-02 | 7.3 High |
Improper size check vulnerability in softsimd prior to SMR Dec-2023 Release 1 allows stack-based buffer overflow. | ||||
CVE-2023-42538 | 1 Samsung | 1 Android | 2024-08-02 | 5.9 Medium |
An improper input validation in saped_rec_silence in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write. | ||||
CVE-2023-42562 | 1 Samsung | 1 Android | 2024-08-02 | 6.7 Medium |
Integer overflow vulnerability in detectionFindFaceSupportMultiInstance of libFacePreProcessingjni.camera.samsung.so prior to SMR Dec-2023 Release 1 allows attacker to trigger heap overflow. | ||||
CVE-2023-42570 | 1 Samsung | 1 Android | 2024-08-02 | 5.9 Medium |
Improper access control vulnerability in KnoxCustomManagerService prior to SMR Dec-2023 Release 1 allows attacker to access device SIM PIN. | ||||
CVE-2023-42573 | 1 Samsung | 1 Search Widget | 2024-08-02 | 4.7 Medium |
PendingIntent hijacking vulnerability in Search Widget prior to version 3.4 in China models allows local attackers to access data. | ||||
CVE-2023-42565 | 1 Samsung | 1 Android | 2024-08-02 | 7.3 High |
Improper input validation vulnerability in Smart Clip prior to SMR Dec-2023 Release 1 allows local attackers with shell privilege to execute arbitrary code. | ||||
CVE-2023-42540 | 1 Samsung | 1 Account | 2024-08-02 | 4 Medium |
Improper access control vulnerability in Samsung Account prior to version 14.5.01.1 allows attackers to access sensitive information via implicit intent. | ||||
CVE-2023-42569 | 1 Samsung | 1 Android | 2024-08-02 | 4 Medium |
Improper authorization verification vulnerability in AR Emoji prior to SMR Dec-2023 Release 1 allows attackers to read sandbox data of AR Emoji. | ||||
CVE-2023-42563 | 1 Samsung | 1 Android | 2024-08-02 | 6.7 Medium |
Integer overflow vulnerability in landmarkCopyImageToNative of libFacePreProcessingjni.camera.samsung.so prior to SMR Dec-2023 Release 1 allows attacker to trigger heap overflow. | ||||
CVE-2023-42553 | 1 Samsung | 1 Email | 2024-08-02 | 4 Medium |
Improper authorization verification vulnerability in Samsung Email prior to version 6.1.90.4 allows attackers to read sandbox data of email. |