VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2022-25832MedApr 11, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to use locked Myfiles app without authentication.

  • CVE-2022-25822MedMar 10, 2022
    risk 0.26cvss 4.0epss 0.00

    An use after free vulnerability in sdp driver prior to SMR Mar-2022 Release 1 allows kernel crash.

  • CVE-2022-25817MedMar 10, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper authentication in One UI Home prior to SMR Mar-2022 Release 1 allows attacker to generate pinned-shortcut without user consent.

  • CVE-2022-22272MedJan 10, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission

  • CVE-2022-22269MedJan 10, 2022
    risk 0.26cvss 4.0epss 0.00

    Keeping sensitive data in unprotected BluetoothSettingsProvider prior to SMR Jan-2022 Release 1 allows untrusted applications to get a local Bluetooth MAC address.

  • CVE-2022-22267MedJan 10, 2022
    risk 0.26cvss 4.0epss 0.00

    Implicit Intent hijacking vulnerability in ActivityMetricsLogger prior to SMR Jan-2022 Release 1 allows attackers to get running application information.

  • CVE-2022-22266MedJan 10, 2022
    risk 0.26cvss 4.0epss 0.00

    (Applicable to China models only) Unprotected WifiEvaluationService in TencentWifiSecurity application prior to SMR Jan-2022 Release 1 allows untrusted applications to get WiFi information without proper permission.

  • CVE-2022-22263MedJan 10, 2022
    risk 0.26cvss 4.0epss 0.00

    Unprotected dynamic receiver in SecSettings prior to SMR Jan-2022 Release 1 allows untrusted applications to launch arbitrary activity.

  • CVE-2021-25519MedDec 8, 2021
    risk 0.26cvss 4.0epss 0.00

    An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission.

  • CVE-2021-25515MedDec 8, 2021
    risk 0.26cvss 4.0epss 0.00

    An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.

  • CVE-2021-25484MedOct 6, 2021
    risk 0.26cvss 4.0epss 0.00

    Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event.

  • CVE-2021-25483MedOct 6, 2021
    risk 0.26cvss 4.0epss 0.00

    Lack of boundary checking of a buffer in livfivextractor library prior to SMR Oct-2021 Release 1 allows OOB read.

  • CVE-2021-25472MedOct 6, 2021
    risk 0.26cvss 4.0epss 0.00

    An improper access control vulnerability in BluetoothSettingsProvider prior to SMR Oct-2021 Release 1 allows untrusted application to overwrite some Bluetooth information.

  • CVE-2021-25461MedSep 9, 2021
    risk 0.26cvss 4.0epss 0.00

    An improper length check in APAService prior to SMR Sep-2021 Release 1 results in stack based Buffer Overflow.

  • CVE-2021-25460MedSep 9, 2021
    risk 0.26cvss 4.0epss 0.00

    An improper access control vulnerability in sspExit() in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to terminate BlockchainTZService.

  • CVE-2021-25459MedSep 9, 2021
    risk 0.26cvss 4.0epss 0.00

    An improper access control vulnerability in sspInit() in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to start BlockchainTZService.

  • CVE-2021-25392MedJun 11, 2021
    risk 0.26cvss 4.0epss 0.00

    Improper protection of backup path configuration in Samsung Dex prior to SMR MAY-2021 Release 1 allows local attackers to get sensitive information via changing the path.

  • CVE-2021-25391MedJun 11, 2021
    risk 0.26cvss 4.0epss 0.00

    Intent redirection vulnerability in Secure Folder prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action.

  • CVE-2021-25390MedJun 11, 2021
    risk 0.26cvss 4.0epss 0.00

    Intent redirection vulnerability in PhotoTable prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action.

  • CVE-2021-25364MedApr 9, 2021
    risk 0.26cvss 4.0epss 0.00

    A pendingIntent hijacking vulnerability in Secure Folder prior to SMR APR-2021 Release 1 allows unprivileged applications to access contact information.

Page 28 of 46