VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2025-21033Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper access control in ContactProvider prior to SMR Sep-2025 Release 1 allows local attackers to access sensitive information.

  • CVE-2025-21032Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper access control in One UI Home prior to SMR Sep-2025 Release 1 allows physical attackers to bypass Kiosk mode under limited conditions.

  • CVE-2025-21031Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper access control in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to use the privileged APIs.

  • CVE-2025-21029Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper handling of insufficient permission in System UI prior to SMR Sep-2025 Release 1 allows local attackers to send arbitrary replies to messages from the cover display.

  • CVE-2025-21028Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper privilege management in ThemeManager prior to SMR Sep-2025 Release 1 allows local privileged attackers to reuse trial items.

  • CVE-2025-21027Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper verification of intent by broadcast receiver in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to temporarily disable the SIM.

  • CVE-2025-21026Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper handling of insufficient permission in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to interrupt the call.

  • CVE-2025-21025Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper access control in MARsExemptionManager prior to SMR Sep-2025 Release 1 allows local attackers to be excluded from background execution management.

  • CVE-2023-21474Sep 3, 2025
    risk 0.00cvss epss 0.00

    Intent redirection vulnerability in SecSettings prior to SMR Apr-2022 Release 1 allows attackers to access arbitrary file with system privilege.

  • CVE-2023-21480Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper input validation vulnerability in CertByte prior to SMR Apr-2023 Release 1 allows local attackers to launch privileged activities.

  • CVE-2023-21479Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper authorization in Smart suggestions prior to SMR Apr-2023 Release 1 in Android 13 and 4.1.01.0 in Android 12 allows remote attackers to register a schedule.

  • CVE-2023-21478Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper input validation vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data.

  • CVE-2023-21477Sep 3, 2025
    risk 0.00cvss epss 0.00

    Access of Memory Location After End of Buffer vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data.

  • CVE-2023-21476Sep 3, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code.

  • CVE-2023-21475Sep 3, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code.

  • CVE-2023-21473Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader.

  • CVE-2023-21472Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader.

  • CVE-2023-21471Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper access control vulnerability in SemClipboard prior to SMR Apr-2023 Release 1 allows attackers to read arbitrary files with system permission.

  • CVE-2023-21470Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.NETWORK_LOCATION action.

  • CVE-2023-21469Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.GEOFENCE action.

Page 4 of 46