VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2017-18673LowApr 7, 2020
    risk 0.16cvss 2.4epss 0.00

    An issue was discovered on Samsung mobile devices with N(7.x) software. An attacker can disable the Location service on a locked device, making it impossible for the rightful owner to find a stolen device. The Samsung ID is SVE-2017-8524 (May 2017).

  • CVE-2019-20598LowMar 24, 2020
    risk 0.16cvss 2.4epss 0.00

    An issue was discovered on Samsung mobile devices with O(8.x) software. Bixby leaks the keyboard's learned words, and the clipboard contents, via the lock screen. The Samsung IDs are SVE-2018-12896, SVE-2018-12897 (May 2019).

  • CVE-2020-10830LowMar 24, 2020
    risk 0.16cvss 2.4epss 0.00

    An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Attackers can view notifications by entering many PINs in Lockdown mode. The Samsung ID is SVE-2019-16590 (March 2020).

  • CVE-2022-39906LowDec 8, 2022
    risk 0.15cvss 2.3epss 0.00

    Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information.

  • CVE-2022-33716LowAug 5, 2022
    risk 0.15cvss 2.3epss 0.00

    An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local attacker to read uninitialized memory.

  • CVE-2022-33686LowJul 12, 2022
    risk 0.15cvss 2.3epss 0.00

    Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.

  • CVE-2021-25491LowOct 6, 2021
    risk 0.15cvss 2.3epss 0.00

    A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference.

  • CVE-2021-25389LowJun 11, 2021
    risk 0.15cvss 2.3epss 0.00

    Improper running task check in S Secure prior to SMR MAY-2021 Release 1 allows attackers to use locked app without authentication.

  • CVE-2023-21438LowFeb 9, 2023
    risk 0.14cvss 2.1epss 0.00

    Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder.

  • CVE-2022-28794LowJun 7, 2022
    risk 0.14cvss 2.2epss 0.00

    Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows local attackers to get SIM card information.

  • CVE-2022-33700LowJul 12, 2022
    risk 0.13cvss 2.0epss 0.00

    Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.

  • CVE-2022-33699LowJul 12, 2022
    risk 0.13cvss 2.0epss 0.00

    Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.

  • CVE-2022-33693LowJul 12, 2022
    risk 0.13cvss 2.0epss 0.00

    Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.

  • CVE-2022-25831LowApr 11, 2022
    risk 0.13cvss 2.0epss 0.00

    Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to access secured data in certain conditions.

  • CVE-2025-21043KEVSep 12, 2025
    risk 0.12cvss epss 0.01

    Out-of-bounds write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code.

  • CVE-2025-21042KEVSep 12, 2025
    risk 0.12cvss epss 0.12

    Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitrary code.

  • CVE-2022-36857LowSep 9, 2022
    risk 0.12cvss 1.9epss 0.00

    Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data.

  • CVE-2022-36852LowSep 9, 2022
    risk 0.12cvss 1.9epss 0.00

    Improper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local attacker to access internal application data.

  • CVE-2022-30728LowJun 7, 2022
    risk 0.12cvss 1.9epss 0.00

    Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.

  • CVE-2022-30714LowJun 7, 2022
    risk 0.12cvss 1.9epss 0.00

    Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.

Page 32 of 46