mobile devices
CVEs (911)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-25359 | Med | 0.26 | 4.0 | 0.00 | Apr 9, 2021 | An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP information without proper permissions via untrusted applications. | ||
| CVE-2021-25358 | Med | 0.26 | 4.0 | 0.00 | Apr 9, 2021 | A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1 allows local attackers to access IMSI values without any permission via untrusted applications. | ||
| CVE-2021-25345 | Med | 0.26 | 4.0 | 0.00 | Mar 4, 2021 | Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format. | ||
| CVE-2022-24001 | Low | 0.25 | 3.8 | 0.00 | Feb 11, 2022 | Information disclosure vulnerability in Edge Panel prior to Android S(12) allows physical attackers to access screenshot in clipboard via Edge Panel. | ||
| CVE-2022-24000 | Low | 0.25 | 3.9 | 0.00 | Feb 11, 2022 | PendingIntent hijacking vulnerability in DataUsageReminderReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent. | ||
| CVE-2022-23999 | Low | 0.25 | 3.9 | 0.00 | Feb 11, 2022 | PendingIntent hijacking vulnerability in CpaReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent. | ||
| CVE-2022-23427 | Low | 0.25 | 3.9 | 0.00 | Feb 11, 2022 | PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent. | ||
| CVE-2021-25475 | Low | 0.25 | 3.9 | 0.00 | Oct 6, 2021 | A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | ||
| CVE-2021-25471 | Low | 0.24 | 3.7 | 0.00 | Oct 6, 2021 | A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion. | ||
| CVE-2020-13837 | Low | 0.23 | 3.5 | 0.00 | Jun 4, 2020 | An issue was discovered on Samsung mobile devices with Q(10.0) software. The Lockscreen feature does not block Quick Panel access to Music Share. The Samsung ID is SVE-2020-17145 (June 2020). | ||
| CVE-2024-20810 | Low | 0.21 | 3.3 | 0.00 | Feb 6, 2024 | Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows local attackers to get sensitive information. | ||
| CVE-2024-20805 | Low | 0.21 | 3.3 | 0.00 | Jan 4, 2024 | Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file. | ||
| CVE-2023-42556 | Low | 0.21 | 3.3 | 0.00 | Dec 5, 2023 | Improper usage of implicit intent in Contacts prior to SMR Dec-2023 Release 1 allows attacker to get sensitive information. | ||
| CVE-2023-30648 | Low | 0.21 | 3.3 | 0.00 | Jul 6, 2023 | Stack out-of-bounds write vulnerability in IpcRxImeiUpdateImeiNoti of RILD priro to SMR Jul-2023 Release 1 cause a denial of service on the system. | ||
| CVE-2023-21452 | Low | 0.21 | 3.3 | 0.00 | Mar 16, 2023 | Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device. | ||
| CVE-2023-21436 | Low | 0.21 | 3.3 | 0.00 | Feb 9, 2023 | Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID. | ||
| CVE-2022-39904 | Low | 0.21 | 3.3 | 0.00 | Dec 8, 2022 | Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release 1 allows local attackers to access the Network Access Identifier via log. | ||
| CVE-2022-39850 | Low | 0.21 | 3.3 | 0.00 | Oct 7, 2022 | Improper access control in mum_container_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data. | ||
| CVE-2022-39849 | Low | 0.21 | 3.3 | 0.00 | Oct 7, 2022 | Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data. | ||
| CVE-2022-36853 | Low | 0.21 | 3.3 | 0.00 | Sep 9, 2022 | Intent redirection in Photo Editor prior to SMR Sep-2022 Release 1 allows attacker to get sensitive information. |
- risk 0.26cvss 4.0epss 0.00
An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP information without proper permissions via untrusted applications.
- risk 0.26cvss 4.0epss 0.00
A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1 allows local attackers to access IMSI values without any permission via untrusted applications.
- risk 0.26cvss 4.0epss 0.00
Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format.
- risk 0.25cvss 3.8epss 0.00
Information disclosure vulnerability in Edge Panel prior to Android S(12) allows physical attackers to access screenshot in clipboard via Edge Panel.
- risk 0.25cvss 3.9epss 0.00
PendingIntent hijacking vulnerability in DataUsageReminderReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent.
- risk 0.25cvss 3.9epss 0.00
PendingIntent hijacking vulnerability in CpaReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent.
- risk 0.25cvss 3.9epss 0.00
PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent.
- risk 0.25cvss 3.9epss 0.00
A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.
- risk 0.24cvss 3.7epss 0.00
A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion.
- risk 0.23cvss 3.5epss 0.00
An issue was discovered on Samsung mobile devices with Q(10.0) software. The Lockscreen feature does not block Quick Panel access to Music Share. The Samsung ID is SVE-2020-17145 (June 2020).
- risk 0.21cvss 3.3epss 0.00
Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows local attackers to get sensitive information.
- risk 0.21cvss 3.3epss 0.00
Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file.
- risk 0.21cvss 3.3epss 0.00
Improper usage of implicit intent in Contacts prior to SMR Dec-2023 Release 1 allows attacker to get sensitive information.
- risk 0.21cvss 3.3epss 0.00
Stack out-of-bounds write vulnerability in IpcRxImeiUpdateImeiNoti of RILD priro to SMR Jul-2023 Release 1 cause a denial of service on the system.
- risk 0.21cvss 3.3epss 0.00
Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device.
- risk 0.21cvss 3.3epss 0.00
Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID.
- risk 0.21cvss 3.3epss 0.00
Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release 1 allows local attackers to access the Network Access Identifier via log.
- risk 0.21cvss 3.3epss 0.00
Improper access control in mum_container_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.
- risk 0.21cvss 3.3epss 0.00
Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.
- risk 0.21cvss 3.3epss 0.00
Intent redirection in Photo Editor prior to SMR Sep-2022 Release 1 allows attacker to get sensitive information.
Page 29 of 46