VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2022-25816MedMar 10, 2022
    risk 0.27cvss 4.1epss 0.00

    Improper authentication in Samsung Lock and mask apps setting prior to SMR Mar-2022 Release 1 allows attacker to change enable/disable without authentication

  • CVE-2022-24932MedMar 10, 2022
    risk 0.27cvss 4.2epss 0.00

    Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard.

  • CVE-2022-24929MedMar 10, 2022
    risk 0.27cvss 4.1epss 0.00

    Unprotected Activity in AppLock prior to SMR Mar-2022 Release 1 allows attacker to change the list of locked app without authentication.

  • CVE-2021-25476MedOct 6, 2021
    risk 0.27cvss 4.1epss 0.00

    An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE.

  • CVE-2024-20814MedFeb 6, 2024
    risk 0.26cvss 4.0epss 0.00

    Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows local attackers access unauthorized information.

  • CVE-2024-20804MedJan 4, 2024
    risk 0.26cvss 4.0epss 0.00

    Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file.

  • CVE-2023-42569MedDec 5, 2023
    risk 0.26cvss 4.0epss 0.00

    Improper authorization verification vulnerability in AR Emoji prior to SMR Dec-2023 Release 1 allows attackers to read sandbox data of AR Emoji.

  • CVE-2023-30719MedSep 6, 2023
    risk 0.26cvss 4.0epss 0.00

    Exposure of Sensitive Information vulnerability in InboundSmsHandler prior to SMR Sep-2023 Release 1 allows local attackers to access certain message data.

  • CVE-2023-30718MedSep 6, 2023
    risk 0.26cvss 4.0epss 0.00

    Improper export of android application components vulnerability in WifiApAutoHotspotEnablingActivity prior to SMR Sep-2023 Release 1 allows local attacker to change a Auto Hotspot setting.

  • CVE-2023-30717MedSep 6, 2023
    risk 0.26cvss 4.0epss 0.00

    Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to get unresettable identifiers.

  • CVE-2023-30716MedSep 6, 2023
    risk 0.26cvss 4.0epss 0.00

    Improper access control vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to trigger certain commands.

  • CVE-2023-30715MedSep 6, 2023
    risk 0.26cvss 4.0epss 0.00

    Improper access control vulnerability in Weather prior to SMR Sep-2023 Release 1 allows attackers to access location information set in Weather without permission.

  • CVE-2023-30711MedSep 6, 2023
    risk 0.26cvss 4.0epss 0.00

    Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider.

  • CVE-2023-30707MedSep 6, 2023
    risk 0.26cvss 4.0epss 0.00

    Improper input validation vulnerability in FileProviderStatusReceiver in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows local attackers to delete arbitrary files with Samsung Keyboard privilege.

  • CVE-2023-21495MedMay 4, 2023
    risk 0.26cvss 4.0epss 0.00

    Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device admin is set.

  • CVE-2023-21461MedMar 16, 2023
    risk 0.26cvss 4.0epss 0.00

    Improper authorization vulnerability in AutoPowerOnOffConfirmDialog in Settings prior to SMR Mar-2023 Release 1 allows local attacker to turn device off via unprotected activity.

  • CVE-2023-21449MedMar 16, 2023
    risk 0.26cvss 4.0epss 0.00

    Improper access control vulnerability in Call application prior to SMR Mar-2023 Release 1 allows local attackers to access sensitive information without proper permission.

  • CVE-2023-21437MedFeb 9, 2023
    risk 0.26cvss 4.0epss 0.00

    Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast.

  • CVE-2023-21429MedFeb 9, 2023
    risk 0.26cvss 4.0epss 0.00

    Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID.

  • CVE-2023-21428MedFeb 9, 2023
    risk 0.26cvss 4.0epss 0.00

    Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code.

Page 25 of 46