VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2021-25518MedDec 8, 2021
    risk 0.42cvss 6.4epss 0.00

    An improper boundary check in secure_log of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution.

  • CVE-2021-25516MedDec 8, 2021
    risk 0.42cvss 6.4epss 0.00

    An improper check or handling of exceptional conditions in Exynos baseband prior to SMR Dec-2021 Release 1 allows attackers to track locations.

  • CVE-2021-25481MedOct 6, 2021
    risk 0.42cvss 6.4epss 0.00

    An improper error handling in Exynos CP booting driver prior to SMR Oct-2021 Release 1 allows local attackers to bypass a Secure Memory Protector of Exynos CP Memory.

  • CVE-2021-25449MedSep 9, 2021
    risk 0.42cvss 6.5epss 0.00

    An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021 Release 1 allows attackers to execute arbitrary code in mediaextractor process.

  • CVE-2021-25427MedJul 8, 2021
    risk 0.42cvss 6.5epss 0.00

    SQL injection vulnerability in Bluetooth prior to SMR July-2021 Release 1 allows unauthorized access to paired device information

  • CVE-2021-25416MedJun 11, 2021
    risk 0.42cvss 6.5epss 0.00

    Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area.

  • CVE-2019-20546MedMar 24, 2020
    risk 0.42cvss 6.5epss 0.00

    An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Broadcom Wi-Fi chipsets) software. A denial-of-service attack can leverage a shared interface between Broadcom Bluetooth and Broadcom Wi-Fi. The Samsung ID is SVE-2019-15350 (November 2019).

  • CVE-2020-10845MedMar 24, 2020
    risk 0.42cvss 6.4epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. There is a race condition leading to a use-after-free in MTP. The Samsung ID is SVE-2019-16520 (February 2020).

  • CVE-2020-10844MedMar 24, 2020
    risk 0.42cvss 6.5epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x), P(9.x), and Q(10.0) software. There is an out-of-bounds read vulnerability in media.audio_policy. The Samsung ID is SVE-2019-16333 (February 2020).

  • CVE-2023-42534MedNov 7, 2023
    risk 0.41cvss 6.3epss 0.00

    Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows local attackers to read arbitrary files with system privilege.

  • CVE-2023-30671MedJul 6, 2023
    risk 0.41cvss 6.3epss 0.00

    Logic error in package installation via adb command prior to SMR Jul-2023 Release 1 allows local attackers to downgrade installed application.

  • CVE-2023-21492MedKEVMay 4, 2023
    risk 0.41cvss 4.4epss 0.03

    Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR.

  • CVE-2021-25511MedDec 8, 2021
    risk 0.41cvss 6.3epss 0.00

    An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows attackers to write arbitrary files via a path traversal vulnerability.

  • CVE-2021-25337MedKEVMar 4, 2021
    risk 0.41cvss 4.4epss 0.03

    Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files.

  • CVE-2024-20806MedJan 4, 2024
    risk 0.40cvss 6.2epss 0.00

    Improper access control in Notification service prior to SMR Jan-2024 Release 1 allows local attacker to access notification data.

  • CVE-2023-42531MedNov 7, 2023
    risk 0.40cvss 6.2epss 0.00

    Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local attackers to bypass restrictions on starting activities from the background.

  • CVE-2023-30713MedSep 6, 2023
    risk 0.40cvss 6.2epss 0.00

    Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep-2023 Release 1 allows local attackers to change some settings of the folder lock.

  • CVE-2023-30662MedJul 6, 2023
    risk 0.40cvss 6.2epss 0.00

    Exposure of Sensitive Information vulnerability in getChipIds in UwbAospAdapterService prior to SMR Jul-2023 Release 1 allows local attackers to access the UWB chipset Identifier.

  • CVE-2023-30661MedJul 6, 2023
    risk 0.40cvss 6.2epss 0.00

    Exposure of Sensitive Information vulnerability in getChipInfos in UwbAospAdapterService prior to SMR Jul-2023 Release 1 allows local attackers to access the UWB chipset Identifier.

  • CVE-2023-30660MedJul 6, 2023
    risk 0.40cvss 6.2epss 0.00

    Exposure of Sensitive Information vulnerability in getDefaultChipId in UwbAospAdapterService prior to SMR Jul-2023 Release 1 allows local attackers to access the UWB chipset Identifier.

Page 14 of 46