mobile devices
CVEs (911)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-39914 | Med | 0.26 | 4.0 | 0.00 | Dec 8, 2022 | Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManagerService prior to Android T(13) allows local attacker to access connected DLNA device information. | ||
| CVE-2022-39905 | Med | 0.26 | 4.0 | 0.00 | Dec 8, 2022 | Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit intent. | ||
| CVE-2022-39903 | Med | 0.26 | 4.0 | 0.00 | Dec 8, 2022 | Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local attackers to access RCS incoming call number. | ||
| CVE-2022-39898 | Med | 0.26 | 4.0 | 0.00 | Dec 8, 2022 | Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim. | ||
| CVE-2022-39896 | Med | 0.26 | 4.0 | 0.00 | Dec 8, 2022 | Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent. | ||
| CVE-2022-39895 | Med | 0.26 | 4.0 | 0.00 | Dec 8, 2022 | Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent. | ||
| CVE-2022-39894 | Med | 0.26 | 4.0 | 0.00 | Dec 8, 2022 | Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent. | ||
| CVE-2022-39883 | Med | 0.26 | 4.0 | 0.00 | Nov 9, 2022 | Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API. | ||
| CVE-2022-39856 | Med | 0.26 | 4.0 | 0.00 | Oct 7, 2022 | Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allows local attackers to access call information. | ||
| CVE-2022-39851 | Med | 0.26 | 4.0 | 0.00 | Oct 7, 2022 | Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission. | ||
| CVE-2022-39848 | Med | 0.26 | 4.0 | 0.00 | Oct 7, 2022 | Exposure of sensitive information in AT_Distributor prior to SMR Oct-2022 Release 1 allows local attacker to access SerialNo via log. | ||
| CVE-2022-36856 | Med | 0.26 | 4.0 | 0.00 | Sep 9, 2022 | Improper access control vulnerability in Telecom application prior to SMR Sep-2022 Release 1 allows attacker to start emergency calls via undefined permission. | ||
| CVE-2022-36854 | Med | 0.26 | 4.0 | 0.00 | Sep 9, 2022 | Out of bound read in libapexjni.media.samsung.so prior to SMR Sep-2022 Release 1 allows attacker access unauthorized information. | ||
| CVE-2022-36850 | Med | 0.26 | 4.0 | 0.00 | Sep 9, 2022 | Path traversal vulnerability in CallBGProvider prior to SMR Sep-2022 Release 1 allows attacker to overwrite arbitrary file with phone uid. | ||
| CVE-2022-33728 | Med | 0.26 | 4.0 | 0.00 | Aug 5, 2022 | Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attackers to access connected BT macAddress via Settings.Gloabal. | ||
| CVE-2022-33725 | Med | 0.26 | 4.0 | 0.00 | Aug 5, 2022 | A vulnerability using PendingIntent in Knox VPN prior to SMR Aug-2022 Release 1 allows attackers to access content providers with system privilege. | ||
| CVE-2022-33722 | Med | 0.26 | 4.0 | 0.00 | Aug 5, 2022 | Implicit Intent hijacking vulnerability in Smart View prior to SMR Aug-2022 Release 1 allows attacker to access connected device MAC address. | ||
| CVE-2022-33696 | Med | 0.26 | 4.0 | 0.00 | Jul 12, 2022 | Exposure of Sensitive Information in Telephony service prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log. | ||
| CVE-2022-33694 | Med | 0.26 | 4.0 | 0.00 | Jul 12, 2022 | Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting. | ||
| CVE-2022-33692 | Med | 0.26 | 4.0 | 0.00 | Jul 12, 2022 | Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log. |
- risk 0.26cvss 4.0epss 0.00
Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManagerService prior to Android T(13) allows local attacker to access connected DLNA device information.
- risk 0.26cvss 4.0epss 0.00
Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit intent.
- risk 0.26cvss 4.0epss 0.00
Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local attackers to access RCS incoming call number.
- risk 0.26cvss 4.0epss 0.00
Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim.
- risk 0.26cvss 4.0epss 0.00
Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.
- risk 0.26cvss 4.0epss 0.00
Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent.
- risk 0.26cvss 4.0epss 0.00
Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.
- risk 0.26cvss 4.0epss 0.00
Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API.
- risk 0.26cvss 4.0epss 0.00
Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allows local attackers to access call information.
- risk 0.26cvss 4.0epss 0.00
Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission.
- risk 0.26cvss 4.0epss 0.00
Exposure of sensitive information in AT_Distributor prior to SMR Oct-2022 Release 1 allows local attacker to access SerialNo via log.
- risk 0.26cvss 4.0epss 0.00
Improper access control vulnerability in Telecom application prior to SMR Sep-2022 Release 1 allows attacker to start emergency calls via undefined permission.
- risk 0.26cvss 4.0epss 0.00
Out of bound read in libapexjni.media.samsung.so prior to SMR Sep-2022 Release 1 allows attacker access unauthorized information.
- risk 0.26cvss 4.0epss 0.00
Path traversal vulnerability in CallBGProvider prior to SMR Sep-2022 Release 1 allows attacker to overwrite arbitrary file with phone uid.
- risk 0.26cvss 4.0epss 0.00
Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attackers to access connected BT macAddress via Settings.Gloabal.
- risk 0.26cvss 4.0epss 0.00
A vulnerability using PendingIntent in Knox VPN prior to SMR Aug-2022 Release 1 allows attackers to access content providers with system privilege.
- risk 0.26cvss 4.0epss 0.00
Implicit Intent hijacking vulnerability in Smart View prior to SMR Aug-2022 Release 1 allows attacker to access connected device MAC address.
- risk 0.26cvss 4.0epss 0.00
Exposure of Sensitive Information in Telephony service prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log.
- risk 0.26cvss 4.0epss 0.00
Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting.
- risk 0.26cvss 4.0epss 0.00
Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log.
Page 26 of 46