Filtered by vendor Samsung
Subscriptions
Total
1083 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-42542 | 1 Samsung | 1 Push Service | 2024-08-02 | 3.3 Low |
Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID to identify the device. | ||||
CVE-2023-42531 | 1 Samsung | 1 Android | 2024-08-02 | 6.2 Medium |
Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local attackers to bypass restrictions on starting activities from the background. | ||||
CVE-2023-42554 | 1 Samsung | 1 Pass | 2024-08-02 | 5.4 Medium |
Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication. | ||||
CVE-2023-42580 | 1 Samsung | 1 Galaxy Store | 2024-08-02 | 7.5 High |
Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store. | ||||
CVE-2023-42557 | 1 Samsung | 1 Android | 2024-08-02 | 5.6 Medium |
Out-of-bound write vulnerability in libIfaaCa prior to SMR Dec-2023 Release 1 allows local system attackers to execute arbitrary code. | ||||
CVE-2023-42577 | 1 Samsung | 2 Android, Samsung Voice Recorder | 2024-08-02 | 6.8 Medium |
Improper Access Control in Samsung Voice Recorder prior to versions 21.4.15.01 in Android 12 and Android 13, 21.4.50.17 in Android 14 allows physical attackers to access Voice Recorder information on the lock screen. | ||||
CVE-2023-42536 | 1 Samsung | 1 Android | 2024-08-02 | 8.4 High |
An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write. | ||||
CVE-2023-42558 | 1 Samsung | 1 Android | 2024-08-02 | 6 Medium |
Out of bounds write vulnerability in HDCP in HAL prior to SMR Dec-2023 Release 1 allows attacker to perform code execution. | ||||
CVE-2023-42564 | 1 Samsung | 1 Android | 2024-08-02 | 6.6 Medium |
Improper access control in knoxcustom service prior to SMR Dec-2023 Release 1 allows attacker to send broadcast with system privilege. | ||||
CVE-2023-42571 | 1 Samsung | 1 Find My Mobile | 2024-08-02 | 7.6 High |
Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device. | ||||
CVE-2023-42560 | 1 Samsung | 1 Android | 2024-08-02 | 7.4 High |
Heap out-of-bounds write vulnerability in dec_mono_audb of libsavsac.so prior to SMR Dec-2023 Release 1 allows an attacker to execute arbitrary code. | ||||
CVE-2023-42566 | 1 Samsung | 1 Android | 2024-08-02 | 7.3 High |
Out-of-bound write vulnerability in libsavsvc prior to SMR Dec-2023 Release 1 allows local attackers to execute arbitrary code. | ||||
CVE-2023-42561 | 1 Samsung | 1 Android | 2024-08-02 | 7.1 High |
Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical attacker to execute arbitrary code. | ||||
CVE-2023-42568 | 1 Samsung | 1 Android | 2024-08-02 | 7.3 High |
Improper access control vulnerability in SmartManagerCN prior to SMR Dec-2023 Release 1 allows local attackers to access arbitrary files with system privilege. | ||||
CVE-2023-42572 | 1 Samsung | 1 Account Web Software Development Kit | 2024-08-02 | 3.3 Low |
Implicit intent hijacking vulnerability in Samsung Account Web SDK prior to version 1.5.24 allows attacker to get sensitive information. | ||||
CVE-2023-42574 | 1 Samsung | 1 Gamehomecn | 2024-08-02 | 5.1 Medium |
Improper access control vulnerablility in GameHomeCN prior to version 4.2.60.2 allows local attackers to launch arbitrary activity in GameHomeCN. | ||||
CVE-2023-42559 | 1 Samsung | 1 Android | 2024-08-02 | 4.9 Medium |
Improper exception management vulnerability in Knox Guard prior to SMR Dec-2023 Release 1 allows Knox Guard lock bypass via changing system time. | ||||
CVE-2023-42555 | 1 Samsung | 1 Easysetup | 2024-08-02 | 6.3 Medium |
Use of implicit intent for sensitive communication vulnerability in EasySetup prior to version 11.1.13 allows attackers to get the bluetooth address of user device. | ||||
CVE-2023-42541 | 1 Samsung | 1 Push Service | 2024-08-02 | 4 Medium |
Improper authorization in PushClientProvider of Samsung Push Service prior to version 3.4.10 allows attacker to access unique id. | ||||
CVE-2023-42482 | 1 Samsung | 2 Exynos 2200, Exynos 2200 Firmware | 2024-08-02 | 4.7 Medium |
Samsung Mobile Processor Exynos 2200 allows a GPU Use After Free. |