Total
18 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-49928 | 1 Samsung | 26 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 23 more | 2024-08-01 | N/A | 7.5 HIGH |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check states specified by the RRC. This can lead to disclosure of sensitive information. | |||||
CVE-2023-49927 | 1 Samsung | 26 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 23 more | 2024-08-01 | N/A | 5.3 MEDIUM |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check format types specified by the RRC. This can lead to a lack of encryption. | |||||
CVE-2023-50804 | 1 Samsung | 26 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 23 more | 2024-06-27 | N/A | 5.3 MEDIUM |
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check format types specified by the NAS (Non-Access-Stratum) module. This can lead to bypass of authentication. | |||||
CVE-2023-50803 | 1 Samsung | 26 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 23 more | 2024-06-25 | N/A | 5.3 MEDIUM |
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay protection specified by the NAS (Non-Access-Stratum) module. This can lead to denial of service. | |||||
CVE-2023-42483 | 1 Samsung | 14 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 11 more | 2024-02-05 | N/A | 4.7 MEDIUM |
A TOCTOU race condition in Samsung Mobile Processor Exynos 9820, Exynos 980, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, and Exynos 1380 can cause unexpected termination of a system. | |||||
CVE-2023-45864 | 1 Samsung | 14 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 11 more | 2024-02-05 | N/A | 4.7 MEDIUM |
A race condition issue discovered in Samsung Mobile Processor Exynos 9820, 980, 1080, 2100, 2200, 1280, and 1380 allows unintended modifications of values within certain areas. | |||||
CVE-2021-25500 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-02-04 | 2.1 LOW | 4.4 MEDIUM |
A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise. | |||||
CVE-2021-25416 | 2 Google, Samsung | 5 Android, Exynos 9610, Exynos 9810 and 2 more | 2024-02-04 | 2.1 LOW | 6.5 MEDIUM |
Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area. | |||||
CVE-2021-25408 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution. | |||||
CVE-2021-25411 | 2 Google, Samsung | 5 Android, Exynos 9610, Exynos 9810 and 2 more | 2024-02-04 | 2.1 LOW | 4.4 MEDIUM |
Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root privileged local attackers to write read-only kernel memory. | |||||
CVE-2021-25407 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write. | |||||
CVE-2021-25415 | 2 Google, Samsung | 5 Android, Exynos 9610, Exynos 9810 and 2 more | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable. | |||||
CVE-2021-25396 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution. | |||||
CVE-2020-28343 | 2 Google, Samsung | 4 Android, Exynos 980, Exynos 9820 and 1 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. The NPU driver allows attackers to execute arbitrary code because of unintended write and read operations on memory. The Samsung ID is SVE-2020-18610 (November 2020). | |||||
CVE-2019-20578 | 2 Google, Samsung | 2 Android, Exynos 9820 | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered on Samsung mobile devices with P(9.0) (Exynos 9820 chipsets) software. A Buffer overflow occurs when loading the UH Partition during Secure Boot. The Samsung ID is SVE-2019-14412 (August 2019). | |||||
CVE-2019-20556 | 3 Google, Qualcomm, Samsung | 7 Android, Sm6150, Sm8150 and 4 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, and exynos9820 chipsets) software. RKP memory corruption allows attackers to control the effective address in EL2. The Samsung ID is SVE-2019-15221 (October 2019). | |||||
CVE-2018-21054 | 5 Google, Mediatek, Qualcomm and 2 more | 14 Android, M6737t, Msm8909 and 11 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a resultant buffer overflow in eCryptFS. The Samsung ID is SVE-2017-11857 (September 2018). | |||||
CVE-2019-20553 | 3 Google, Qualcomm, Samsung | 7 Android, Sm6150, Sm8150 and 4 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, and exynos9820 chipsets) software. Arbitrary memory read and write operations can occur in RKP. The Samsung ID is SVE-2019-15143 (October 2019). |