Filtered by vendor Samsung
Subscriptions
Total
1082 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-21453 | 1 Samsung | 1 Android | 2024-08-02 | 6 Medium |
Improper input validation vulnerability in SoftSim TA prior to SMR Mar-2023 Release 1 allows local attackers access to protected data. | ||||
CVE-2023-21446 | 1 Samsung | 1 Android | 2024-08-02 | 6.2 Medium |
Improper input validation in MyFiles prior to version 12.2.09 in Android R(11), 13.1.03.501 in Android S( 12) and 14.1.00.422 in Android T(13) allows local attacker to access data of MyFiles. | ||||
CVE-2023-21494 | 1 Samsung | 2 Android, Exynos | 2024-08-02 | 5.6 Medium |
Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. | ||||
CVE-2023-21447 | 1 Samsung | 1 Cloud | 2024-08-02 | 4 Medium |
Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent. | ||||
CVE-2023-21451 | 1 Samsung | 1 Android | 2024-08-02 | 6.7 Medium |
A Stack-based overflow vulnerability in IpcRxEmbmsSessionList in SECRIL prior to Android S(12) allows attacker to cause memory corruptions. | ||||
CVE-2023-21462 | 2 Google, Samsung | 2 Android, Quick Share | 2024-08-02 | 4.2 Medium |
The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in Android 12 and 3.5.16.20 in Android 13 allows to local attacker to access MAC address without related permission. | ||||
CVE-2023-21442 | 1 Samsung | 1 Android | 2024-08-02 | 4 Medium |
Improper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R(11) and 3.2.01.007 in Android S(12) allows local attackers to get device location information. | ||||
CVE-2023-21486 | 1 Samsung | 1 Android | 2024-08-02 | 5.3 Medium |
Improper export of android application components vulnerability in ImagePreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox. | ||||
CVE-2023-21436 | 1 Samsung | 1 Android | 2024-08-02 | 3.3 Low |
Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID. | ||||
CVE-2023-21431 | 1 Samsung | 1 Bixby Vision | 2024-08-02 | 3.3 Low |
Improper input validation in Bixby Vision prior to version 3.7.70.17 allows attacker to access data of Bixby Vision. | ||||
CVE-2023-21487 | 1 Samsung | 1 Android | 2024-08-02 | 5.1 Medium |
Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call setting. | ||||
CVE-2023-21464 | 2 Google, Samsung | 2 Android, Calendar | 2024-08-02 | 4 Medium |
Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08.2000 in Android 12 allows local attacker to configure improper status. | ||||
CVE-2023-21423 | 1 Samsung | 1 Android | 2024-08-02 | 5.1 Medium |
Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action. | ||||
CVE-2023-21435 | 1 Samsung | 1 Android | 2024-08-02 | 4.4 Medium |
Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log. | ||||
CVE-2023-21440 | 1 Samsung | 1 Android | 2024-08-02 | 6.2 Medium |
Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture. | ||||
CVE-2023-21429 | 1 Samsung | 1 Android | 2024-08-02 | 4 Medium |
Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID. | ||||
CVE-2023-21422 | 1 Samsung | 1 Android | 2024-08-02 | 5.7 Medium |
Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService. | ||||
CVE-2023-21425 | 1 Samsung | 1 Android | 2024-08-02 | 4.3 Medium |
Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information. | ||||
CVE-2023-21433 | 1 Samsung | 1 Galaxy Store | 2024-08-02 | 7.8 High |
Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store. | ||||
CVE-2023-21444 | 1 Samsung | 1 Flow | 2024-08-02 | 7.5 High |
Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers to decrypt encrypted messages or inject commands. |