mobile devices
CVEs (911)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-36861 | Med | 0.38 | 5.9 | 0.00 | Sep 9, 2022 | Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege. | ||
| CVE-2022-33729 | Med | 0.38 | 5.9 | 0.00 | Aug 5, 2022 | Improper restriction of broadcasting Intent in ConfirmConnectActivity of?NFC prior to SMR Aug-2022 Release 1 leaks MAC address of the connected Bluetooth device. | ||
| CVE-2022-27567 | Med | 0.38 | 5.9 | 0.01 | Apr 11, 2022 | Null pointer dereference vulnerability in parser_hvcC function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attackers. | ||
| CVE-2022-26099 | Med | 0.38 | 5.9 | 0.01 | Apr 11, 2022 | Null pointer dereference vulnerability in parser_infe function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds read by remote attackers. | ||
| CVE-2022-26097 | Med | 0.38 | 5.9 | 0.01 | Apr 11, 2022 | Null pointer dereference vulnerability in parser_unknown_property function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker. | ||
| CVE-2022-26096 | Med | 0.38 | 5.9 | 0.01 | Apr 11, 2022 | Null pointer dereference vulnerability in parser_ispe function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker. | ||
| CVE-2022-26095 | Med | 0.38 | 5.9 | 0.01 | Apr 11, 2022 | Null pointer dereference vulnerability in parser_colr function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker. | ||
| CVE-2022-26094 | Med | 0.38 | 5.9 | 0.01 | Apr 11, 2022 | Null pointer dereference vulnerability in parser_auxC function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker. | ||
| CVE-2022-26093 | Med | 0.38 | 5.9 | 0.01 | Apr 11, 2022 | Null pointer dereference vulnerability in parser_irot function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker. | ||
| CVE-2022-24928 | Med | 0.38 | 5.9 | 0.00 | Mar 10, 2022 | Security misconfiguration of RKP in kernel prior to SMR Mar-2022 Release 1 allows a system not to be protected by RKP. | ||
| CVE-2021-25482 | Med | 0.38 | 5.9 | 0.00 | Oct 6, 2021 | SQL injection vulnerabilities in CMFA framework prior to SMR Oct-2021 Release 1 allow untrusted application to overwrite some CMFA framework information. | ||
| CVE-2021-25457 | Med | 0.38 | 5.9 | 0.00 | Sep 9, 2021 | An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows local attackers to get a limited kernel memory information. | ||
| CVE-2021-25365 | Med | 0.38 | 5.9 | 0.00 | Apr 9, 2021 | An improper exception control in softsimd prior to SMR APR-2021 Release 1 allows unprivileged applications to access the API in softsimd. | ||
| CVE-2023-30731 | Med | 0.37 | 5.7 | 0.00 | Oct 4, 2023 | Logic error in package installation via debugger command prior to SMR Oct-2023 Release 1 allows physical attacker to install an application that has different build type. | ||
| CVE-2023-21502 | Med | 0.37 | 5.7 | 0.00 | May 4, 2023 | Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1 allows local attackers to get privilege escalation via debugging commands. | ||
| CVE-2023-21422 | Med | 0.37 | 5.7 | 0.00 | Feb 9, 2023 | Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService. | ||
| CVE-2022-39899 | Med | 0.37 | 5.7 | 0.00 | Dec 8, 2022 | Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture. | ||
| CVE-2022-26091 | Med | 0.37 | 5.7 | 0.00 | Apr 11, 2022 | Improper access control vulnerability in Knox Manage prior to SMR Apr-2022 Release 1 allows that physical attackers can bypass Knox Manage using a function key of hardware keyboard. | ||
| CVE-2021-25501 | Med | 0.37 | 5.7 | 0.00 | Nov 5, 2021 | An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers. | ||
| CVE-2023-42557 | Med | 0.36 | 5.6 | 0.00 | Dec 5, 2023 | Out-of-bound write vulnerability in libIfaaCa prior to SMR Dec-2023 Release 1 allows local system attackers to execute arbitrary code. |
- risk 0.38cvss 5.9epss 0.00
Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege.
- risk 0.38cvss 5.9epss 0.00
Improper restriction of broadcasting Intent in ConfirmConnectActivity of?NFC prior to SMR Aug-2022 Release 1 leaks MAC address of the connected Bluetooth device.
- risk 0.38cvss 5.9epss 0.01
Null pointer dereference vulnerability in parser_hvcC function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attackers.
- risk 0.38cvss 5.9epss 0.01
Null pointer dereference vulnerability in parser_infe function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds read by remote attackers.
- risk 0.38cvss 5.9epss 0.01
Null pointer dereference vulnerability in parser_unknown_property function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.
- risk 0.38cvss 5.9epss 0.01
Null pointer dereference vulnerability in parser_ispe function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.
- risk 0.38cvss 5.9epss 0.01
Null pointer dereference vulnerability in parser_colr function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.
- risk 0.38cvss 5.9epss 0.01
Null pointer dereference vulnerability in parser_auxC function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.
- risk 0.38cvss 5.9epss 0.01
Null pointer dereference vulnerability in parser_irot function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.
- risk 0.38cvss 5.9epss 0.00
Security misconfiguration of RKP in kernel prior to SMR Mar-2022 Release 1 allows a system not to be protected by RKP.
- risk 0.38cvss 5.9epss 0.00
SQL injection vulnerabilities in CMFA framework prior to SMR Oct-2021 Release 1 allow untrusted application to overwrite some CMFA framework information.
- risk 0.38cvss 5.9epss 0.00
An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows local attackers to get a limited kernel memory information.
- risk 0.38cvss 5.9epss 0.00
An improper exception control in softsimd prior to SMR APR-2021 Release 1 allows unprivileged applications to access the API in softsimd.
- risk 0.37cvss 5.7epss 0.00
Logic error in package installation via debugger command prior to SMR Oct-2023 Release 1 allows physical attacker to install an application that has different build type.
- risk 0.37cvss 5.7epss 0.00
Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1 allows local attackers to get privilege escalation via debugging commands.
- risk 0.37cvss 5.7epss 0.00
Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService.
- risk 0.37cvss 5.7epss 0.00
Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture.
- risk 0.37cvss 5.7epss 0.00
Improper access control vulnerability in Knox Manage prior to SMR Apr-2022 Release 1 allows that physical attackers can bypass Knox Manage using a function key of hardware keyboard.
- risk 0.37cvss 5.7epss 0.00
An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers.
- risk 0.36cvss 5.6epss 0.00
Out-of-bound write vulnerability in libIfaaCa prior to SMR Dec-2023 Release 1 allows local system attackers to execute arbitrary code.
Page 17 of 46