VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2019-20601HigMar 24, 2020
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos7570, 7580, 7870, 7880, and 8890 chipsets) software. RKP memory corruption causes an arbitrary write to protected memory. The Samsung ID is SVE-2019-13921-2 (May 2019).

  • CVE-2019-20570HigMar 24, 2020
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered on Samsung mobile devices with P(9.0), O(8.0), and N(7.1) software. Attackers can bypass Factory Reset Protection (FRP) via Smart Switch. The Samsung ID is SVE-2019-15138 (September 2019).

  • CVE-2019-20565HigMar 24, 2020
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) software. Attackers can change the USB configuration without authentication. The Samsung ID is SVE-2018-13300 (September 2019).

  • CVE-2019-20552HigMar 24, 2020
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can bypass Factory Reset Protection (FRP) via an RCS call. The Samsung ID is SVE-2019-15035 (October 2019).

  • CVE-2019-20551HigMar 24, 2020
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Attackers can bypass Factory Reset Protection (FRP) via a Class 0 Type Message. The Samsung ID is SVE-2019-14941 (October 2019).

  • CVE-2020-10854HigMar 24, 2020
    risk 0.49cvss 7.5epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Kernel stack addresses are leaked to userspace. The Samsung ID is SVE-2019-16161 (January 2020).

  • CVE-2023-42560HigDec 5, 2023
    risk 0.48cvss 7.4epss 0.00

    Heap out-of-bounds write vulnerability in dec_mono_audb of libsavsac.so prior to SMR Dec-2023 Release 1 allows an attacker to execute arbitrary code.

  • CVE-2022-26092HigApr 11, 2022
    risk 0.48cvss 7.4epss 0.00

    Improper boundary check in Quram Agif library prior to SMR Apr-2022 Release 1 allows arbitrary code execution.

  • CVE-2023-42568HigDec 5, 2023
    risk 0.47cvss 7.3epss 0.00

    Improper access control vulnerability in SmartManagerCN prior to SMR Dec-2023 Release 1 allows local attackers to access arbitrary files with system privilege.

  • CVE-2023-42567HigDec 5, 2023
    risk 0.47cvss 7.3epss 0.00

    Improper size check vulnerability in softsimd prior to SMR Dec-2023 Release 1 allows stack-based buffer overflow.

  • CVE-2023-42566HigDec 5, 2023
    risk 0.47cvss 7.3epss 0.00

    Out-of-bound write vulnerability in libsavsvc prior to SMR Dec-2023 Release 1 allows local attackers to execute arbitrary code.

  • CVE-2023-42565HigDec 5, 2023
    risk 0.47cvss 7.3epss 0.00

    Improper input validation vulnerability in Smart Clip prior to SMR Dec-2023 Release 1 allows local attackers with shell privilege to execute arbitrary code.

  • CVE-2023-21420HigFeb 9, 2023
    risk 0.47cvss 7.3epss 0.00

    Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution.

  • CVE-2022-30755HigJul 12, 2022
    risk 0.47cvss 7.3epss 0.00

    Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent.

  • CVE-2021-25500HigNov 5, 2021
    risk 0.47cvss 7.2epss 0.00

    A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise.

  • CVE-2021-25479HigOct 6, 2021
    risk 0.47cvss 7.2epss 0.01

    A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.

  • CVE-2021-25478HigOct 6, 2021
    risk 0.47cvss 7.2epss 0.01

    A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.

  • CVE-2018-21071HigApr 8, 2020
    risk 0.47cvss 7.3epss 0.00

    An issue was discovered on Samsung mobile devices with M(6.0) software. Because of an unprotected intent, an attacker can read arbitrary files and emails, and take over an email account. The Samsung ID is SVE-2018-11633 (May 2018).

  • CVE-2023-42561HigDec 5, 2023
    risk 0.46cvss 7.1epss 0.00

    Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical attacker to execute arbitrary code.

  • CVE-2023-21489HigMay 4, 2023
    risk 0.46cvss 7.1epss 0.00

    Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code.

Page 10 of 46