mobile devices
CVEs (911)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-10855 | Med | 0.30 | 4.6 | 0.00 | Mar 24, 2020 | An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can bypass Factory Reset Protection (FRP) via AppTray. The Samsung ID is SVE-2019-16192 (January 2020). | ||
| CVE-2024-20820 | Med | 0.29 | 4.4 | 0.00 | Feb 6, 2024 | Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows local privileged attackers to cause an Out-Of-Bounds read. | ||
| CVE-2023-30721 | Med | 0.29 | 4.4 | 0.00 | Sep 6, 2023 | Insertion of sensitive information into log vulnerability in Locksettings prior to SMR Sep-2023 Release 1 allows a privileged local attacker to get lock screen match information from the log. | ||
| CVE-2023-30697 | Med | 0.29 | 4.4 | 0.00 | Aug 10, 2023 | An improper input validation in IpcTxCfgSetSimlockPayload in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write. | ||
| CVE-2023-30696 | Med | 0.29 | 4.4 | 0.00 | Aug 10, 2023 | An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write. | ||
| CVE-2023-30681 | Med | 0.29 | 4.4 | 0.00 | Aug 10, 2023 | An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write. | ||
| CVE-2023-30665 | Med | 0.29 | 4.4 | 0.00 | Jul 6, 2023 | Improper input validation vulnerability in OnOemServiceMode in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds read. | ||
| CVE-2023-21497 | Med | 0.29 | 4.4 | 0.00 | May 4, 2023 | Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address. | ||
| CVE-2023-21488 | Med | 0.29 | 4.4 | 0.00 | May 4, 2023 | Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips. | ||
| CVE-2023-21460 | Med | 0.29 | 4.4 | 0.00 | Mar 16, 2023 | Improper authentication in SecSettings prior to SMR Mar-2023 Release 1 allows attacker to reset the setting. | ||
| CVE-2023-21435 | Med | 0.29 | 4.4 | 0.00 | Feb 9, 2023 | Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log. | ||
| CVE-2023-21430 | Med | 0.29 | 4.4 | 0.00 | Feb 9, 2023 | An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault. | ||
| CVE-2022-39897 | Med | 0.29 | 4.4 | 0.00 | Dec 8, 2022 | Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log. | ||
| CVE-2022-39853 | Med | 0.29 | 4.4 | 0.00 | Oct 7, 2022 | A use after free vulnerability in perf-mgr driver prior to SMR Oct-2022 Release 1 allows attacker to cause memory access fault. | ||
| CVE-2022-36863 | Med | 0.29 | 4.4 | 0.00 | Sep 9, 2022 | A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | ||
| CVE-2022-36862 | Med | 0.29 | 4.4 | 0.00 | Sep 9, 2022 | A heap-based overflow vulnerability in HWR::EngineCJK::Impl::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | ||
| CVE-2022-36860 | Med | 0.29 | 4.4 | 0.00 | Sep 9, 2022 | A heap-based overflow vulnerability in LoadEnvironment function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | ||
| CVE-2022-36858 | Med | 0.29 | 4.4 | 0.00 | Sep 9, 2022 | A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc() function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | ||
| CVE-2022-36855 | Med | 0.29 | 4.4 | 0.00 | Sep 9, 2022 | A use after free vulnerability in iva_ctl driver prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | ||
| CVE-2022-36846 | Med | 0.29 | 4.4 | 0.00 | Sep 9, 2022 | A heap-based overflow vulnerability in ConstructDictionary function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. |
- risk 0.30cvss 4.6epss 0.00
An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can bypass Factory Reset Protection (FRP) via AppTray. The Samsung ID is SVE-2019-16192 (January 2020).
- risk 0.29cvss 4.4epss 0.00
Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows local privileged attackers to cause an Out-Of-Bounds read.
- risk 0.29cvss 4.4epss 0.00
Insertion of sensitive information into log vulnerability in Locksettings prior to SMR Sep-2023 Release 1 allows a privileged local attacker to get lock screen match information from the log.
- risk 0.29cvss 4.4epss 0.00
An improper input validation in IpcTxCfgSetSimlockPayload in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.
- risk 0.29cvss 4.4epss 0.00
An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.
- risk 0.29cvss 4.4epss 0.00
An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.
- risk 0.29cvss 4.4epss 0.00
Improper input validation vulnerability in OnOemServiceMode in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds read.
- risk 0.29cvss 4.4epss 0.00
Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address.
- risk 0.29cvss 4.4epss 0.00
Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips.
- risk 0.29cvss 4.4epss 0.00
Improper authentication in SecSettings prior to SMR Mar-2023 Release 1 allows attacker to reset the setting.
- risk 0.29cvss 4.4epss 0.00
Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log.
- risk 0.29cvss 4.4epss 0.00
An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault.
- risk 0.29cvss 4.4epss 0.00
Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log.
- risk 0.29cvss 4.4epss 0.00
A use after free vulnerability in perf-mgr driver prior to SMR Oct-2022 Release 1 allows attacker to cause memory access fault.
- risk 0.29cvss 4.4epss 0.00
A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
- risk 0.29cvss 4.4epss 0.00
A heap-based overflow vulnerability in HWR::EngineCJK::Impl::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
- risk 0.29cvss 4.4epss 0.00
A heap-based overflow vulnerability in LoadEnvironment function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
- risk 0.29cvss 4.4epss 0.00
A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc() function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
- risk 0.29cvss 4.4epss 0.00
A use after free vulnerability in iva_ctl driver prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
- risk 0.29cvss 4.4epss 0.00
A heap-based overflow vulnerability in ConstructDictionary function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
Page 22 of 46