VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2017-18659MedApr 7, 2020
    risk 0.34cvss 5.3epss 0.00

    An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Attackers can crash system processes via a broadcast to AdaptiveDisplayColorService. The Samsung ID is SVE-2017-8290 (July 2017).

  • CVE-2017-18656MedApr 7, 2020
    risk 0.34cvss 5.3epss 0.00

    An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer over-read in a trustlet. The Samsung ID is SVE-2017-8890 (August 2017).

  • CVE-2019-20547MedMar 24, 2020
    risk 0.34cvss 5.3epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) software. Data may leak via a Bluetooth debug command. The Samsung ID is SVE-2019-15398 (November 2019).

  • CVE-2024-20811MedFeb 6, 2024
    risk 0.33cvss 5.1epss 0.00

    Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer.

  • CVE-2023-30667MedJul 6, 2023
    risk 0.33cvss 5.1epss 0.00

    Improper access control in Audio system service prior to SMR Jul-2023 Release 1 allows attacker to send broadcast with system privilege.

  • CVE-2023-21487MedMay 4, 2023
    risk 0.33cvss 5.1epss 0.00

    Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call setting.

  • CVE-2023-21484MedMay 4, 2023
    risk 0.33cvss 5.1epss 0.00

    Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation.

  • CVE-2023-21459MedMar 16, 2023
    risk 0.33cvss 5.0epss 0.00

    Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault.

  • CVE-2023-21424MedFeb 9, 2023
    risk 0.33cvss 5.1epss 0.00

    Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper prior to SMR Jan-2023 Release 1 allows attacker to modify network related values, network code, carrier id and operator brand.

  • CVE-2023-21423MedFeb 9, 2023
    risk 0.33cvss 5.1epss 0.00

    Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action.

  • CVE-2022-39855MedOct 7, 2022
    risk 0.33cvss 5.1epss 0.00

    Improper access control vulnerability in FACM application prior to SMR Oct-2022 Release 1 allows a local attacker to connect arbitrary AP and Bluetooth devices.

  • CVE-2022-36848MedSep 9, 2022
    risk 0.33cvss 5.1epss 0.00

    Improper Authorization vulnerability in setDualDARPolicyCmd prior to SMR Sep-2022 Release 1 allows local attackers to cause local permanent denial of service.

  • CVE-2022-33731MedAug 5, 2022
    risk 0.33cvss 5.1epss 0.00

    Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components.

  • CVE-2022-33695MedJul 12, 2022
    risk 0.33cvss 5.1epss 0.00

    Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows unauthorized access to the service.

  • CVE-2022-28780MedMay 3, 2022
    risk 0.33cvss 5.0epss 0.00

    Improper access control vulnerability in Weather prior to SMR May-2022 Release 1 allows that attackers can access location information that set in Weather without permission. The patch adds proper protection to prevent access to location information.

  • CVE-2021-25503MedNov 5, 2021
    risk 0.33cvss 5.0epss 0.00

    Improper input validation vulnerability in HDCP prior to SMR Nov-2021 Release 1 allows attackers to arbitrary code execution.

  • CVE-2021-25489LowKEVOct 6, 2021
    risk 0.33cvss 3.3epss 0.01

    Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.

  • CVE-2021-25453MedSep 9, 2021
    risk 0.33cvss 5.1epss 0.00

    Some improper access control in Bluetooth APIs prior to SMR Sep-2021 Release 1 allows untrusted application to get Bluetooth information.

  • CVE-2021-25340MedMar 4, 2021
    risk 0.33cvss 5.1epss 0.00

    Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows physically proximate attackers to change in arbitrary settings during Initialization State.

  • CVE-2023-42559MedDec 5, 2023
    risk 0.32cvss 4.9epss 0.00

    Improper exception management vulnerability in Knox Guard prior to SMR Dec-2023 Release 1 allows Knox Guard lock bypass via changing system time.

Page 20 of 46