VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2022-33726LowAug 5, 2022
    risk 0.21cvss 3.3epss 0.00

    Unprotected dynamic receiver in Samsung Galaxy Friends prior to SMR Aug-2022 Release 1 allows attacker to launch activity.

  • CVE-2022-33724LowAug 5, 2022
    risk 0.21cvss 3.3epss 0.00

    Exposure of Sensitive Information in Samsung Dialer application?prior to SMR Aug-2022 Release 1 allows local attackers to access ICCID via log.

  • CVE-2022-33701LowJul 12, 2022
    risk 0.21cvss 3.3epss 0.00

    Improper access control vulnerability in KnoxCustomManagerService prior to SMR Jul-2022 Release 1 allows attacker to call PowerManaer.goToSleep method which is protected by system permission by sending braodcast intent.

  • CVE-2022-33698LowJul 12, 2022
    risk 0.21cvss 3.3epss 0.00

    Exposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows local attackers to access ICCID via log.

  • CVE-2022-33697LowJul 12, 2022
    risk 0.21cvss 3.3epss 0.00

    Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log.

  • CVE-2022-33688LowJul 12, 2022
    risk 0.21cvss 3.3epss 0.00

    Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log.

  • CVE-2022-33687LowJul 12, 2022
    risk 0.21cvss 3.3epss 0.00

    Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows local attackers to access IMSI via log.

  • CVE-2022-30753LowJul 12, 2022
    risk 0.21cvss 3.3epss 0.00

    Improper use of a unique device ID in unprotected SecSoterService prior to SMR Jul-2022 Release 1 allows local attackers to get the device ID without permission.

  • CVE-2022-30752LowJul 12, 2022
    risk 0.21cvss 3.3epss 0.00

    Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected by using WIFI_AP_STA_STATE_CHANGED action.

  • CVE-2022-30751LowJul 12, 2022
    risk 0.21cvss 3.3epss 0.00

    Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected by using WIFI_AP_STA_DHCPACK_EVENT action.

  • CVE-2022-30750LowJul 12, 2022
    risk 0.21cvss 3.3epss 0.00

    Improper access control vulnerability in updateLastConnectedClientInfo function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected.

  • CVE-2022-30729LowJun 7, 2022
    risk 0.21cvss 3.3epss 0.00

    Implicit Intent hijacking vulnerability in Settings prior to SMR Jun-2022 Release 1 allows attackers to get Wi-Fi SSID and password via a malicious QR code scanner.

  • CVE-2022-27576LowApr 11, 2022
    risk 0.21cvss 3.3epss 0.00

    Information exposure vulnerability in Samsung DeX Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission

  • CVE-2022-27575LowApr 11, 2022
    risk 0.21cvss 3.3epss 0.00

    Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission.

  • CVE-2022-25833LowApr 11, 2022
    risk 0.21cvss 3.3epss 0.00

    Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission.

  • CVE-2022-25821LowMar 10, 2022
    risk 0.21cvss 3.3epss 0.00

    Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read.

  • CVE-2021-25514LowDec 8, 2021
    risk 0.21cvss 3.3epss 0.00

    An improper intent redirection handling in Tags prior to SMR Dec-2021 Release 1 allows attackers to access sensitive information.

  • CVE-2021-25462LowSep 9, 2021
    risk 0.21cvss 3.3epss 0.00

    NULL pointer dereference vulnerability in NPU driver prior to SMR Sep-2021 Release 1 allows attackers to cause memory corruption.

  • CVE-2021-25458LowSep 9, 2021
    risk 0.21cvss 3.3epss 0.00

    NULL pointer dereference vulnerability in ION driver prior to SMR Sep-2021 Release 1 allows attackers to cause memory corruption.

  • CVE-2021-25455LowSep 9, 2021
    risk 0.21cvss 3.3epss 0.00

    OOB read vulnerability in libsaviextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to access arbitrary address through pointer via forged avi file.

Page 30 of 46