VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2020-15580MedJul 7, 2020
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Attackers can bypass Factory Reset Protection (FRP) by enrolling a new lock password. The Samsung ID is SVE-2020-17328 (July 2020).

  • CVE-2020-13843MedJun 5, 2020
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered on LG mobile devices with Android OS software before 2020-06-01. Local users can cause a denial of service because checking of the userdata partition is mishandled. The LG ID is LVE-SMP-200014 (June 2020).

  • CVE-2019-20784MedApr 17, 2020
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 (MTK chipsets) software. Interaction of GPS with 911 emergency calls is mishandled. The LG ID is LVE-SMP-180012 (January 2019).

  • CVE-2017-18672MedApr 7, 2020
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.x) software. Because of incorrect exception handling for Intents, a local attacker can force a reboot within framework.jar. The Samsung ID is SVE-2017-8390 (May 2017).

  • CVE-2023-21427MedFeb 9, 2023
    risk 0.35cvss 5.4epss 0.00

    Improper access control vulnerability in NfcTile prior to SMR Jan-2023 Release 1 allows to attacker to use NFC without user recognition.

  • CVE-2022-39881MedNov 9, 2022
    risk 0.35cvss 5.3epss 0.01

    Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR Sep-2022 Release allows remote attacker to read out of bounds memory.

  • CVE-2019-20575MedMar 24, 2020
    risk 0.35cvss 5.4epss 0.00

    An issue was discovered on Samsung mobile devices with P(9.0) software. The WPA3 handshake feature allows a downgrade or dictionary attack. The Samsung ID is SVE-2019-14204 (August 2019).

  • CVE-2023-30700MedAug 10, 2023
    risk 0.34cvss 5.3epss 0.00

    PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in framework prior to SMR Aug-2023 Release 1 allows local attackers to access ContentProvider without proper permission.

  • CVE-2023-30666MedJul 6, 2023
    risk 0.34cvss 5.3epss 0.00

    Improper input validation vulnerability in DoOemImeiSetPreconfig in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write.

  • CVE-2023-30663MedJul 6, 2023
    risk 0.34cvss 5.3epss 0.00

    Improper input validation vulnerability in OemPersonalizationSetLock in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write.

  • CVE-2023-21486MedMay 4, 2023
    risk 0.34cvss 5.3epss 0.00

    Improper export of android application components vulnerability in ImagePreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox.

  • CVE-2023-21485MedMay 4, 2023
    risk 0.34cvss 5.3epss 0.00

    Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox.

  • CVE-2022-39862MedOct 7, 2022
    risk 0.34cvss 5.3epss 0.01

    Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and 3.3.03.66 in Android S(12) allows unauthorized use of javascript interface api.

  • CVE-2022-33715MedAug 5, 2022
    risk 0.34cvss 5.3epss 0.00

    Improper access control and path traversal vulnerability in LauncherProvider prior to SMR Aug-2022 Release 1 allow local attacker to access files of One UI.

  • CVE-2022-23429MedFeb 11, 2022
    risk 0.34cvss 5.3epss 0.00

    An improper boundary check in audio hal service prior to SMR Feb-2022 Release 1 allows attackers to read invalid memory and it leads to application crash.

  • CVE-2021-25510MedDec 8, 2021
    risk 0.34cvss 5.3epss 0.00

    An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows local arbitrary code execution.

  • CVE-2021-25467MedOct 6, 2021
    risk 0.34cvss 5.3epss 0.00

    Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library.

  • CVE-2021-25443MedAug 5, 2021
    risk 0.34cvss 5.3epss 0.00

    A use after free vulnerability in conn_gadget driver prior to SMR AUG-2021 Release 1 allows malicious action by an attacker.

  • CVE-2021-25347MedMar 4, 2021
    risk 0.34cvss 5.3epss 0.00

    Hijacking vulnerability in Samsung Email application version prior to SMR Feb-2021 Release 1 allows attackers to intercept when the provider is executed.

  • CVE-2020-15581MedJul 7, 2020
    risk 0.34cvss 5.3epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The kernel logging feature allows attackers to discover virtual addresses via vectors involving shared memory. The Samsung ID is SVE-2020-17605 (July 2020).

Page 19 of 46