Total
36 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21494 | 1 Samsung | 2 Android, Exynos | 2024-02-04 | N/A | 9.8 CRITICAL |
| Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. | |||||
| CVE-2023-21503 | 1 Samsung | 2 Android, Exynos | 2024-02-04 | N/A | 9.8 CRITICAL |
| Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. | |||||
| CVE-2023-21517 | 1 Samsung | 1 Exynos | 2024-02-04 | N/A | 9.8 CRITICAL |
| Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code. | |||||
| CVE-2022-39902 | 1 Samsung | 2 Exynos, Exynos Firmware | 2024-02-04 | N/A | 7.5 HIGH |
| Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency call. | |||||
| CVE-2022-39901 | 1 Samsung | 2 Exynos, Exynos Firmware | 2024-02-04 | N/A | 6.5 MEDIUM |
| Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB. | |||||
| CVE-2023-21455 | 1 Samsung | 2 Exynos, Exynos Firmware | 2024-02-04 | N/A | 9.1 CRITICAL |
| Improper authorization implementation in Exynos baseband prior to SMR Mar-2023 Release 1 allows incorrect handling of unencrypted message. | |||||
| CVE-2022-39881 | 1 Samsung | 2 Exynos, Exynos Firmware | 2024-02-04 | N/A | 9.1 CRITICAL |
| Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR Sep-2022 Release allows remote attacker to read out of bounds memory. | |||||
| CVE-2022-39854 | 2 Google, Samsung | 2 Android, Exynos | 2024-02-04 | N/A | 7.8 HIGH |
| Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory. | |||||
| CVE-2022-25821 | 2 Google, Samsung | 2 Android, Exynos | 2024-02-04 | 3.6 LOW | 7.1 HIGH |
| Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read. | |||||
| CVE-2022-23428 | 2 Google, Samsung | 2 Android, Exynos | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2022-23432 | 2 Google, Samsung | 2 Android, Exynos | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| An improper input validation in SMC_SRPMB_WSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2022-23425 | 2 Google, Samsung | 2 Android, Exynos | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station. | |||||
| CVE-2022-23431 | 2 Google, Samsung | 2 Android, Exynos | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2022-25819 | 2 Google, Samsung | 2 Android, Exynos | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| OOB read vulnerability in hdcp2 device node prior to SMR Mar-2022 Release 1 allow an attacker to view Kernel stack memory. | |||||
| CVE-2021-25481 | 2 Google, Samsung | 2 Android, Exynos | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| An improper error handling in Exynos CP booting driver prior to SMR Oct-2021 Release 1 allows local attackers to bypass a Secure Memory Protector of Exynos CP Memory. | |||||
| CVE-2022-22265 | 2 Google, Samsung | 2 Android, Exynos | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25488 | 2 Google, Samsung | 2 Android, Exynos | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| Lack of boundary checking of a buffer in recv_data() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read. | |||||
| CVE-2021-25469 | 2 Google, Samsung | 2 Android, Exynos | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution. | |||||
| CVE-2021-25479 | 2 Google, Samsung | 2 Android, Exynos | 2024-02-04 | 6.5 MEDIUM | 7.2 HIGH |
| A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25503 | 2 Google, Samsung | 2 Android, Exynos | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper input validation vulnerability in HDCP prior to SMR Nov-2021 Release 1 allows attackers to arbitrary code execution. | |||||