Filtered by vendor Samsung
Subscriptions
Filtered by product Android
Subscriptions
Total
239 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-30654 | 1 Samsung | 1 Android | 2024-08-02 | 6.7 Medium |
Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location. | ||||
CVE-2023-30642 | 1 Samsung | 1 Android | 2024-08-02 | 6.2 Medium |
Improper privilege management vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to call privilege function. | ||||
CVE-2023-30640 | 1 Samsung | 1 Android | 2024-08-02 | 4.3 Medium |
Improper access control vulnerability in PersonaManagerService prior to SMR Jul-2023 Release 1 allows local attackers to change confiugration. | ||||
CVE-2023-21512 | 1 Samsung | 1 Android | 2024-08-02 | 2.4 Low |
Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission. | ||||
CVE-2023-21500 | 1 Samsung | 1 Android | 2024-08-02 | 6 Medium |
Double free validation vulnerability in setPinPadImages in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the trustlet memory. | ||||
CVE-2023-21498 | 1 Samsung | 1 Android | 2024-08-02 | 6 Medium |
Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to overwrite the trustlet memory. | ||||
CVE-2023-21504 | 1 Samsung | 1 Android | 2024-08-02 | 5.6 Medium |
Potential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. | ||||
CVE-2023-21503 | 1 Samsung | 2 Android, Exynos | 2024-08-02 | 5.6 Medium |
Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. | ||||
CVE-2023-21497 | 1 Samsung | 1 Android | 2024-08-02 | 4.4 Medium |
Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address. | ||||
CVE-2023-21501 | 1 Samsung | 1 Android | 2024-08-02 | 8.2 High |
Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code. | ||||
CVE-2023-21513 | 1 Samsung | 1 Android | 2024-08-02 | 6.1 Medium |
Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition. | ||||
CVE-2023-21502 | 1 Samsung | 1 Android | 2024-08-02 | 5.7 Medium |
Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1 allows local attackers to get privilege escalation via debugging commands. | ||||
CVE-2023-21499 | 1 Samsung | 1 Android | 2024-08-02 | 8.2 High |
Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code. | ||||
CVE-2023-21489 | 1 Samsung | 1 Android | 2024-08-02 | 7.1 High |
Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code. | ||||
CVE-2023-21496 | 1 Samsung | 1 Android | 2024-08-02 | 6.1 Medium |
Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level. | ||||
CVE-2023-21492 | 1 Samsung | 1 Android | 2024-08-02 | 4.4 Medium |
Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. | ||||
CVE-2023-21458 | 1 Samsung | 1 Android | 2024-08-02 | 6.2 Medium |
Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent. | ||||
CVE-2023-21426 | 1 Samsung | 1 Android | 2024-08-02 | 4.3 Medium |
Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows attackers to access cardemulation PIN. | ||||
CVE-2023-21449 | 1 Samsung | 1 Android | 2024-08-02 | 4 Medium |
Improper access control vulnerability in Call application prior to SMR Mar-2023 Release 1 allows local attackers to access sensitive information without proper permission. | ||||
CVE-2023-21488 | 1 Samsung | 1 Android | 2024-08-02 | 4.4 Medium |
Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips. |