VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2021-25451LowSep 9, 2021
    risk 0.21cvss 3.3epss 0.00

    A PendingIntent hijacking in NetworkPolicyManagerService prior to SMR Sep-2021 Release 1 allows attackers to get IMSI data.

  • CVE-2018-21074LowApr 8, 2020
    risk 0.21cvss 3.3epss 0.00

    An issue was discovered on Samsung mobile devices with M(6.x) (Exynos or Qualcomm chipsets) software. There is information disclosure from a Trustlet via the debug log. The Samsung ID is SVE-2017-10638 (April 2018).

  • CVE-2019-20625LowMar 24, 2020
    risk 0.21cvss 3.3epss 0.00

    An issue was discovered on Samsung mobile devices with N(7.1) and O(8.x) (Exynos chipsets) software. The ion debugfs driver allows information disclosure. The Samsung ID is SVE-2018-13427 (February 2019).

  • CVE-2021-25454LowSep 9, 2021
    risk 0.20cvss 3.1epss 0.00

    OOB read vulnerability in libsaacextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute remote DoS via forged aac file.

  • CVE-2022-27834LowApr 11, 2022
    risk 0.19cvss 2.9epss 0.00

    Use after free vulnerability in dsp_context_unload_graph function of DSP driver prior to SMR Apr-2022 Release 1 allows attackers to perform malicious actions.

  • CVE-2022-27831LowApr 11, 2022
    risk 0.19cvss 2.9epss 0.00

    Improper boundary check in sflvd_rdbuf_bits of libsflvextractor prior to SMR Apr-2022 Release 1 allows attackers to read out of bounds memory.

  • CVE-2021-25336LowMar 4, 2021
    risk 0.18cvss 2.8epss 0.00

    Improper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to acquire notification access via sending a crafted malicious intent.

  • CVE-2023-21512LowJun 28, 2023
    risk 0.16cvss 2.4epss 0.00

    Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission.

  • CVE-2023-21454LowMar 16, 2023
    risk 0.16cvss 2.4epss 0.00

    Improper authorization in Samsung Keyboard prior to SMR Mar-2023 Release 1 allows physical attacker to access users text history on the lockscreen.

  • CVE-2022-33720LowAug 5, 2022
    risk 0.16cvss 2.4epss 0.00

    Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut.

  • CVE-2022-30721LowJun 7, 2022
    risk 0.16cvss 2.5epss 0.00

    Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.

  • CVE-2022-30720LowJun 7, 2022
    risk 0.16cvss 2.5epss 0.00

    Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.

  • CVE-2022-30719LowJun 7, 2022
    risk 0.16cvss 2.5epss 0.00

    Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.

  • CVE-2022-30709LowJun 7, 2022
    risk 0.16cvss 2.5epss 0.00

    Improper input validation check logic vulnerability in SECRIL prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.

  • CVE-2021-25513LowDec 8, 2021
    risk 0.16cvss 2.4epss 0.00

    An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen.

  • CVE-2021-25486LowOct 6, 2021
    risk 0.16cvss 2.5epss 0.00

    Exposure of information vulnerability in ipcdump prior to SMR Oct-2021 Release 1 allows an attacker detect device information via analyzing packet in log.

  • CVE-2021-25409LowJun 11, 2021
    risk 0.16cvss 2.4epss 0.00

    Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device.

  • CVE-2021-25335LowMar 4, 2021
    risk 0.16cvss 2.5epss 0.00

    Improper lockscreen status check in cocktailbar service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows unauthenticated users to access hidden notification contents over the lockscreen in specific condition.

  • CVE-2018-21077LowApr 8, 2020
    risk 0.16cvss 2.4epss 0.00

    An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) software. There is a Clipboard content disclosure in the locked state because the keyboard may be used during an emergency call. The Samsung ID is SVE-2017-11107 (April 2018).

  • CVE-2020-11606LowApr 8, 2020
    risk 0.16cvss 2.4epss 0.00

    An issue was discovered on Samsung mobile devices with Q(10.0) software. Information about application preview (in the Secure Folder) leaks on a locked device. The Samsung ID is SVE-2019-16463 (April 2020).

Page 31 of 46