VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2022-39880HigNov 9, 2022
    risk 0.46cvss 7.1epss 0.00

    Improper input validation vulnerability in DualOutFocusViewer prior to SMR Nov-2022 Release 1 allows local attacker to perform an arbitrary code execution.

  • CVE-2022-22292HigFeb 11, 2022
    risk 0.46cvss 7.1epss 0.00

    Unprotected dynamic receiver in Telecom prior to SMR Feb-2022 Release 1 allows untrusted applications to launch arbitrary activity.

  • CVE-2021-25410HigJun 11, 2021
    risk 0.46cvss 7.1epss 0.00

    Improper access control of a component in CallBGProvider prior to SMR JUN-2021 Release 1 allows local attackers to access arbitrary files with an escalated privilege.

  • CVE-2021-25388HigJun 11, 2021
    risk 0.46cvss 7.1epss 0.00

    Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers to install arbitrary app.

  • CVE-2021-25356HigApr 9, 2021
    risk 0.46cvss 7.1epss 0.00

    An improper caller check vulnerability in Managed Provisioning prior to SMR APR-2021 Release 1 allows unprivileged application to install arbitrary application, grant device admin permission and then delete several installed application.

  • CVE-2021-30162HigApr 6, 2021
    risk 0.46cvss 7.1epss 0.00

    An issue was discovered on LG mobile devices with Android OS 4.4 through 11 software. Attackers can leverage ISMS services to bypass access control on specific content providers. The LG ID is LVE-SMP-210003 (April 2021).

  • CVE-2021-25346HigMar 4, 2021
    risk 0.46cvss 7.1epss 0.01

    A possible arbitrary memory overwrite vulnerabilities in quram library version prior to SMR Jan-2021 Release 1 allow arbitrary code execution.

  • CVE-2017-18680HigApr 7, 2020
    risk 0.46cvss 7.1epss 0.00

    An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) (tablets) software. The lockscreen interface allows Add User actions, leading to an unintended ability to access user data in external storage. The Samsung ID is SVE-2016-7797 (March 2017).

  • CVE-2020-10840HigMar 24, 2020
    risk 0.46cvss 7.1epss 0.00

    An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 9610 chipsets) software. There is a kernel pointer leak in the vipx driver. The Samsung ID is SVE-2019-16293 (February 2020).

  • CVE-2022-39908MedDec 8, 2022
    risk 0.45cvss 6.9epss 0.00

    TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write.

  • CVE-2022-39907MedDec 8, 2022
    risk 0.45cvss 6.9epss 0.00

    Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write.

  • CVE-2022-22265MedKEVJan 10, 2022
    risk 0.45cvss 5.0epss 0.00

    An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution.

  • CVE-2024-20803MedJan 4, 2024
    risk 0.44cvss 6.8epss 0.00

    Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction.

  • CVE-2023-42563MedDec 5, 2023
    risk 0.44cvss 6.7epss 0.00

    Integer overflow vulnerability in landmarkCopyImageToNative of libFacePreProcessingjni.camera.samsung.so prior to SMR Dec-2023 Release 1 allows attacker to trigger heap overflow.

  • CVE-2023-42562MedDec 5, 2023
    risk 0.44cvss 6.7epss 0.00

    Integer overflow vulnerability in detectionFindFaceSupportMultiInstance of libFacePreProcessingjni.camera.samsung.so prior to SMR Dec-2023 Release 1 allows attacker to trigger heap overflow.

  • CVE-2023-42530MedNov 7, 2023
    risk 0.44cvss 6.7epss 0.00

    Improper access control vulnerability in SecSettings prior to SMR Nov-2023 Release 1 allows attackers to enable Wi-Fi and Wi-Fi Direct without User Interaction.

  • CVE-2023-42529MedNov 7, 2023
    risk 0.44cvss 6.7epss 0.00

    Out-of-bound write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to execute arbitrary code.

  • CVE-2023-42528MedNov 7, 2023
    risk 0.44cvss 6.7epss 0.00

    Improper Input Validation vulnerability in ProcessNvBuffering of libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.

  • CVE-2023-30739MedNov 7, 2023
    risk 0.44cvss 6.7epss 0.00

    Arbitrary File Descriptor Write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.

  • CVE-2023-30727MedOct 4, 2023
    risk 0.44cvss 6.7epss 0.00

    Improper access control vulnerability in SecSettings prior to SMR Oct-2023 Release 1 allows attackers to enable Wi-Fi and connect arbitrary Wi-Fi without User Interaction.

Page 11 of 46