VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2023-30659MedJul 6, 2023
    risk 0.40cvss 6.2epss 0.00

    Improper input validation vulnerability in Transaction prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.

  • CVE-2023-30657MedJul 6, 2023
    risk 0.40cvss 6.2epss 0.00

    Improper input validation vulnerability in EnhancedAttestationResult prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.

  • CVE-2023-30642MedJul 6, 2023
    risk 0.40cvss 6.2epss 0.00

    Improper privilege management vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to call privilege function.

  • CVE-2023-21513MedJun 28, 2023
    risk 0.40cvss 6.1epss 0.00

    Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition.

  • CVE-2023-21496MedMay 4, 2023
    risk 0.40cvss 6.1epss 0.00

    Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level.

  • CVE-2023-21458MedMar 16, 2023
    risk 0.40cvss 6.2epss 0.00

    Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent.

  • CVE-2023-21440MedFeb 9, 2023
    risk 0.40cvss 6.2epss 0.00

    Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture.

  • CVE-2022-39912MedDec 8, 2022
    risk 0.40cvss 6.2epss 0.00

    Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure folder.

  • CVE-2022-33732MedAug 5, 2022
    risk 0.40cvss 6.2epss 0.00

    Improper access control vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows local attackers to scan and connect to PC by unprotected binder call.

  • CVE-2022-33718MedAug 5, 2022
    risk 0.40cvss 6.2epss 0.00

    An improper access control vulnerability in Wi-Fi Service prior to SMR AUG-2022 Release 1 allows untrusted applications to manipulate the list of apps that can use mobile data.

  • CVE-2022-33714MedAug 5, 2022
    risk 0.40cvss 6.2epss 0.00

    Improper access control vulnerability in SemWifiApBroadcastReceiver prior to SMR Aug-2022 Release 1 allows attacker to reset a setting value related to mobile hotspot.

  • CVE-2022-33702MedJul 12, 2022
    risk 0.40cvss 6.2epss 0.00

    Improper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local attacker to disable keyguard and bypass Knoxguard lock by factory reset.

  • CVE-2022-33691MedJul 12, 2022
    risk 0.40cvss 6.2epss 0.00

    A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations.

  • CVE-2022-33689MedJul 12, 2022
    risk 0.40cvss 6.2epss 0.00

    Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attackers to change preferred network type by unprotected binder call.

  • CVE-2022-30727MedJun 7, 2022
    risk 0.40cvss 6.2epss 0.00

    Improper handling of insufficient permissions vulnerability in addAppPackageNameToAllowList in PersonaManagerService prior to SMR Jun-2022 Release 1 allows local attackers to set some setting value in work space.

  • CVE-2022-30726MedJun 7, 2022
    risk 0.40cvss 6.2epss 0.00

    Unprotected component vulnerability in DeviceSearchTrampoline in SecSettingsIntelligence prior to SMR Jun-2022 Release 1 allows local attackers to launch activities of SecSettingsIntelligence.

  • CVE-2022-30722MedJun 7, 2022
    risk 0.40cvss 6.2epss 0.00

    Implicit Intent hijacking vulnerability in Samsung Account prior to SMR Jun-2022 Release 1 allows attackers to bypass user confirmation of Samsung Account.

  • CVE-2022-28783MedMay 3, 2022
    risk 0.40cvss 6.2epss 0.00

    Improper validation of removing package name in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to uninstall arbitrary packages without permission. The patch adds proper validation logic for removing package name.

  • CVE-2022-22268MedJan 10, 2022
    risk 0.40cvss 6.1epss 0.00

    Incorrect implementation of Knox Guard prior to SMR Jan-2022 Release 1 allows physically proximate attackers to temporary unlock the Knox Guard via Samsung DeX mode.

  • CVE-2021-25512MedDec 8, 2021
    risk 0.40cvss 6.1epss 0.00

    An improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities.

Page 15 of 46