VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2022-39847MedOct 7, 2022
    risk 0.32cvss 4.9epss 0.00

    Use after free vulnerability in set_nft_pid and signal_handler function of NFC driver prior to SMR Oct-2022 Release 1 allows attackers to perform malicious actions.

  • CVE-2022-36849MedSep 9, 2022
    risk 0.32cvss 4.9epss 0.00

    Use after free vulnerability in sdp_mm_set_process_sensitive function of sdpmm driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions.

  • CVE-2022-36847MedSep 9, 2022
    risk 0.32cvss 4.9epss 0.00

    Use after free vulnerability in mtp_send_signal function of MTP driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions.

  • CVE-2023-30720MedSep 6, 2023
    risk 0.31cvss 4.7epss 0.00

    PendingIntent hijacking in LmsAssemblyTrackerCTC prior to SMR Sep-2023 Release 1 allows local attacker to gain arbitrary file access.

  • CVE-2023-30701MedAug 10, 2023
    risk 0.31cvss 4.7epss 0.00

    PendingIntent hijacking in WifiGeofenceManager prior to SMR Aug-2023 Release 1 allows local attacker to arbitrary file access.

  • CVE-2023-21490MedMay 4, 2023
    risk 0.31cvss 4.7epss 0.00

    Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager.

  • CVE-2022-33727MedAug 5, 2022
    risk 0.31cvss 4.8epss 0.00

    A vulnerable code in onCreate of SecDevicePickerDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack.

  • CVE-2022-33723MedAug 5, 2022
    risk 0.31cvss 4.8epss 0.00

    A vulnerable code in onCreate of BluetoothScanDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack.

  • CVE-2024-20802MedJan 4, 2024
    risk 0.30cvss 4.6epss 0.00

    Improper access control vulnerability in Samsung DeX prior to SMR Jan-2024 Release 1 allows owner to access other users' notification in a multi-user environment.

  • CVE-2023-30714MedSep 6, 2023
    risk 0.30cvss 4.6epss 0.00

    Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR Sep-2023 Release 1 allows physical attackers to change some settings of the folder lock.

  • CVE-2023-30708MedSep 6, 2023
    risk 0.30cvss 4.6epss 0.01

    Improper authentication in SecSettings prior to SMR Sep-2023 Release 1 allows attacker to access Captive Portal Wi-Fi in Reactivation Lock status.

  • CVE-2022-39900MedDec 8, 2022
    risk 0.30cvss 4.6epss 0.00

    Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch.

  • CVE-2022-28782MedMay 3, 2022
    risk 0.30cvss 4.6epss 0.00

    Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability.

  • CVE-2018-21080MedApr 8, 2020
    risk 0.30cvss 4.6epss 0.00

    An issue was discovered on Samsung mobile devices with N(7.x) software. A physically proximate attacker wielding a magnet can activate NFC to bypass the lockscreen. The Samsung ID is SVE-2017-10897 (March 2018).

  • CVE-2018-21062MedApr 8, 2020
    risk 0.30cvss 4.6epss 0.00

    An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. When biometric authentication is disabled, an attacker can view Streams content (e.g., a Gallery slideshow) of a locked Secure Folder via a connection to an external device. The Samsung ID is…

  • CVE-2018-21053MedApr 8, 2020
    risk 0.30cvss 4.6epss 0.00

    An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is Clipboard access in the lockscreen state via a physical keyboard. The Samsung ID is SVE-2018-12684 (October 2018).

  • CVE-2016-11040MedApr 7, 2020
    risk 0.30cvss 4.6epss 0.00

    An issue was discovered on Samsung mobile devices with L(5.0/5.1) (with USB OTG MyFile2014_L_ESS support) software. There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2015-5068 (June 2016).

  • CVE-2016-11053MedApr 7, 2020
    risk 0.30cvss 4.6epss 0.00

    An issue was discovered on Samsung mobile devices with software through 2015-11-11 (supporting FRP/RL). There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2015-5131 (January 2016).

  • CVE-2016-11048MedApr 7, 2020
    risk 0.30cvss 4.6epss 0.00

    An issue was discovered on Samsung mobile devices with L(5.0/5.1) (Spreadtrum or Marvell chipsets) software. There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2016-5421 (March 2016).

  • CVE-2019-20557MedMar 24, 2020
    risk 0.30cvss 4.6epss 0.00

    An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Attackers can bypass Factory Reset Protection (FRP) via a SIM card by blocking the PUK code. The Samsung ID is SVE-2019-15262 (October 2019).

Page 21 of 46