Total
220 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21456 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 5.5 MEDIUM |
| Path traversal vulnerability in Galaxy Themes Service prior to SMR Mar-2023 Release 1 allows attacker to access arbitrary file with system uid. | |||||
| CVE-2023-21436 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 3.3 LOW |
| Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID. | |||||
| CVE-2023-21422 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 5.5 MEDIUM |
| Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService. | |||||
| CVE-2023-21423 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 5.5 MEDIUM |
| Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action. | |||||
| CVE-2023-21452 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 3.3 LOW |
| Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device. | |||||
| CVE-2023-21430 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault. | |||||
| CVE-2023-21435 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 5.5 MEDIUM |
| Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log. | |||||
| CVE-2023-21428 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 3.3 LOW |
| Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code. | |||||
| CVE-2023-21449 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in Call application prior to SMR Mar-2023 Release 1 allows local attackers to access sensitive information without proper permission. | |||||
| CVE-2023-21457 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 8.1 HIGH |
| Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1 allows attackers to send file via Bluetooth without related permission. | |||||
| CVE-2023-21421 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN. | |||||
| CVE-2023-21420 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution. | |||||
| CVE-2023-21446 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 5.5 MEDIUM |
| Improper input validation in MyFiles prior to version 12.2.09 in Android R(11), 13.1.03.501 in Android S( 12) and 14.1.00.422 in Android T(13) allows local attacker to access data of MyFiles. | |||||
| CVE-2023-21442 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R(11) and 3.2.01.007 in Android S(12) allows local attackers to get device location information. | |||||
| CVE-2023-21429 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 3.3 LOW |
| Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID. | |||||
| CVE-2023-21437 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast. | |||||
| CVE-2023-21445 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13) allows local attacker to write file with MyFiles privilege via implicit intent. | |||||
| CVE-2023-21460 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 4.4 MEDIUM |
| Improper authentication in SecSettings prior to SMR Mar-2023 Release 1 allows attacker to reset the setting. | |||||
| CVE-2023-21451 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| A Stack-based overflow vulnerability in IpcRxEmbmsSessionList in SECRIL prior to Android S(12) allows attacker to cause memory corruptions. | |||||
| CVE-2023-21453 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 5.5 MEDIUM |
| Improper input validation vulnerability in SoftSim TA prior to SMR Mar-2023 Release 1 allows local attackers access to protected data. | |||||