Total
220 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21498 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to overwrite the trustlet memory. | |||||
| CVE-2023-30656 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in LSOItemData prior to SMR Jul-2023 Release 1 allows attackers to launch certain activities. | |||||
| CVE-2023-30642 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 5.5 MEDIUM |
| Improper privilege management vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to call privilege function. | |||||
| CVE-2023-30663 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in OemPersonalizationSetLock in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write. | |||||
| CVE-2023-30646 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| Heap out of bound write vulnerability in BroadcastSmsConfig of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code. | |||||
| CVE-2023-30652 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| Out of bounds read and write in callrunTspCmdNoRead of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code. | |||||
| CVE-2023-30655 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in SCEPProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2023-30644 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| Stack out of bound write vulnerability in CdmaSmsParser of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code. | |||||
| CVE-2023-21461 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 5.5 MEDIUM |
| Improper authorization vulnerability in AutoPowerOnOffConfirmDialog in Settings prior to SMR Mar-2023 Release 1 allows local attacker to turn device off via unprotected activity. | |||||
| CVE-2023-21440 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture. | |||||
| CVE-2023-21454 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 2.4 LOW |
| Improper authorization in Samsung Keyboard prior to SMR Mar-2023 Release 1 allows physical attacker to access users text history on the lockscreen. | |||||
| CVE-2023-21426 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 5.5 MEDIUM |
| Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows attackers to access cardemulation PIN. | |||||
| CVE-2023-21425 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information. | |||||
| CVE-2023-21438 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 2.4 LOW |
| Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder. | |||||
| CVE-2023-21424 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 3.3 LOW |
| Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper prior to SMR Jan-2023 Release 1 allows attacker to modify network related values, network code, carrier id and operator brand. | |||||
| CVE-2023-21441 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 5.5 MEDIUM |
| Insufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30.6 in Android Q(10), 3.1.21.10 in Android R(11) and 3.5.2.23 in Android S(12) allows local attacker to access protected files via unused code. | |||||
| CVE-2023-21458 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 3.3 LOW |
| Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent. | |||||
| CVE-2023-21427 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 6.5 MEDIUM |
| Improper access control vulnerability in NfcTile prior to SMR Jan-2023 Release 1 allows to attacker to use NFC without user recognition. | |||||
| CVE-2023-21439 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in UwbDataTxStatusEvent prior to SMR Feb-2023 Release 1 allows attackers to launch certain activities. | |||||
| CVE-2023-21459 | 1 Samsung | 2 Android, Exynos 2100 | 2024-02-04 | N/A | 9.8 CRITICAL |
| Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault. | |||||