VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2022-33690MedJul 12, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to access arbitrary file.

  • CVE-2022-33685MedJul 12, 2022
    risk 0.26cvss 4.0epss 0.00

    Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information.

  • CVE-2022-30758MedJul 12, 2022
    risk 0.26cvss 4.0epss 0.00

    Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to access some protected information with privilege of Finder.

  • CVE-2022-30757MedJul 12, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper authorization in isemtelephony prior to SMR Jul-2022 Release 1 allows attacker to obtain CID without ACCESS_FINE_LOCATION permission.

  • CVE-2022-30725MedJun 7, 2022
    risk 0.26cvss 4.0epss 0.00

    Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionError function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.

  • CVE-2022-30724MedJun 7, 2022
    risk 0.26cvss 4.0epss 0.00

    Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionCompleted function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.

  • CVE-2022-30723MedJun 7, 2022
    risk 0.26cvss 4.0epss 0.00

    Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in activateVoiceRecognitionWithDevice function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.

  • CVE-2022-30717MedJun 7, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allows untrusted applications to use some camera functions via deeplink.

  • CVE-2022-30716MedJun 7, 2022
    risk 0.26cvss 4.0epss 0.00

    Unprotected broadcast in sendIntentForToastDumpLog in DisplayToast prior to SMR Jun-2022 Release 1 allows untrusted applications to access toast message information from device.

  • CVE-2022-30715MedJun 7, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper access control vulnerability in DofViewer prior to SMR Jun-2022 Release 1 allows attackers to control floating system alert window.

  • CVE-2022-28788MedMay 3, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.

  • CVE-2022-28787MedMay 3, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper buffer size check logic in wmfextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.

  • CVE-2022-28786MedMay 3, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.

  • CVE-2022-28785MedMay 3, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.

  • CVE-2022-28784MedMay 3, 2022
    risk 0.26cvss 4.0epss 0.00

    Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to list file names in arbitrary directory as system user. The patch addresses incorrect implementation of file path validation check logic.

  • CVE-2022-27832MedApr 11, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper boundary check in media.extractor library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via a crafted media file.

  • CVE-2022-27825MedApr 11, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper size check in sapefd_parse_meta_HEADER function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file.

  • CVE-2022-27824MedApr 11, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper size check of in sapefd_parse_meta_DESCRIPTION function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file

  • CVE-2022-27823MedApr 11, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper size check in sapefd_parse_meta_HEADER_old function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file.

  • CVE-2022-27821MedApr 11, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper boundary check in Quram Agif library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via crafted image file.

Page 27 of 46