mobile devices
CVEs (911)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-21033 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper access control in ContactProvider prior to SMR Sep-2025 Release 1 allows local attackers to access sensitive information. | |||
| CVE-2025-21032 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper access control in One UI Home prior to SMR Sep-2025 Release 1 allows physical attackers to bypass Kiosk mode under limited conditions. | |||
| CVE-2025-21031 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper access control in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to use the privileged APIs. | |||
| CVE-2025-21029 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper handling of insufficient permission in System UI prior to SMR Sep-2025 Release 1 allows local attackers to send arbitrary replies to messages from the cover display. | |||
| CVE-2025-21028 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper privilege management in ThemeManager prior to SMR Sep-2025 Release 1 allows local privileged attackers to reuse trial items. | |||
| CVE-2025-21027 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper verification of intent by broadcast receiver in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to temporarily disable the SIM. | |||
| CVE-2025-21026 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper handling of insufficient permission in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to interrupt the call. | |||
| CVE-2025-21025 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper access control in MARsExemptionManager prior to SMR Sep-2025 Release 1 allows local attackers to be excluded from background execution management. | |||
| CVE-2023-21474 | 0.00 | — | 0.00 | Sep 3, 2025 | Intent redirection vulnerability in SecSettings prior to SMR Apr-2022 Release 1 allows attackers to access arbitrary file with system privilege. | |||
| CVE-2023-21480 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper input validation vulnerability in CertByte prior to SMR Apr-2023 Release 1 allows local attackers to launch privileged activities. | |||
| CVE-2023-21479 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper authorization in Smart suggestions prior to SMR Apr-2023 Release 1 in Android 13 and 4.1.01.0 in Android 12 allows remote attackers to register a schedule. | |||
| CVE-2023-21478 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper input validation vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data. | |||
| CVE-2023-21477 | 0.00 | — | 0.00 | Sep 3, 2025 | Access of Memory Location After End of Buffer vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data. | |||
| CVE-2023-21476 | 0.00 | — | 0.00 | Sep 3, 2025 | Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code. | |||
| CVE-2023-21475 | 0.00 | — | 0.00 | Sep 3, 2025 | Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code. | |||
| CVE-2023-21473 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader. | |||
| CVE-2023-21472 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader. | |||
| CVE-2023-21471 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper access control vulnerability in SemClipboard prior to SMR Apr-2023 Release 1 allows attackers to read arbitrary files with system permission. | |||
| CVE-2023-21470 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.NETWORK_LOCATION action. | |||
| CVE-2023-21469 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.GEOFENCE action. |
- CVE-2025-21033Sep 3, 2025risk 0.00cvss —epss 0.00
Improper access control in ContactProvider prior to SMR Sep-2025 Release 1 allows local attackers to access sensitive information.
- CVE-2025-21032Sep 3, 2025risk 0.00cvss —epss 0.00
Improper access control in One UI Home prior to SMR Sep-2025 Release 1 allows physical attackers to bypass Kiosk mode under limited conditions.
- CVE-2025-21031Sep 3, 2025risk 0.00cvss —epss 0.00
Improper access control in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to use the privileged APIs.
- CVE-2025-21029Sep 3, 2025risk 0.00cvss —epss 0.00
Improper handling of insufficient permission in System UI prior to SMR Sep-2025 Release 1 allows local attackers to send arbitrary replies to messages from the cover display.
- CVE-2025-21028Sep 3, 2025risk 0.00cvss —epss 0.00
Improper privilege management in ThemeManager prior to SMR Sep-2025 Release 1 allows local privileged attackers to reuse trial items.
- CVE-2025-21027Sep 3, 2025risk 0.00cvss —epss 0.00
Improper verification of intent by broadcast receiver in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to temporarily disable the SIM.
- CVE-2025-21026Sep 3, 2025risk 0.00cvss —epss 0.00
Improper handling of insufficient permission in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to interrupt the call.
- CVE-2025-21025Sep 3, 2025risk 0.00cvss —epss 0.00
Improper access control in MARsExemptionManager prior to SMR Sep-2025 Release 1 allows local attackers to be excluded from background execution management.
- CVE-2023-21474Sep 3, 2025risk 0.00cvss —epss 0.00
Intent redirection vulnerability in SecSettings prior to SMR Apr-2022 Release 1 allows attackers to access arbitrary file with system privilege.
- CVE-2023-21480Sep 3, 2025risk 0.00cvss —epss 0.00
Improper input validation vulnerability in CertByte prior to SMR Apr-2023 Release 1 allows local attackers to launch privileged activities.
- CVE-2023-21479Sep 3, 2025risk 0.00cvss —epss 0.00
Improper authorization in Smart suggestions prior to SMR Apr-2023 Release 1 in Android 13 and 4.1.01.0 in Android 12 allows remote attackers to register a schedule.
- CVE-2023-21478Sep 3, 2025risk 0.00cvss —epss 0.00
Improper input validation vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data.
- CVE-2023-21477Sep 3, 2025risk 0.00cvss —epss 0.00
Access of Memory Location After End of Buffer vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data.
- CVE-2023-21476Sep 3, 2025risk 0.00cvss —epss 0.00
Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code.
- CVE-2023-21475Sep 3, 2025risk 0.00cvss —epss 0.00
Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code.
- CVE-2023-21473Sep 3, 2025risk 0.00cvss —epss 0.00
Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader.
- CVE-2023-21472Sep 3, 2025risk 0.00cvss —epss 0.00
Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader.
- CVE-2023-21471Sep 3, 2025risk 0.00cvss —epss 0.00
Improper access control vulnerability in SemClipboard prior to SMR Apr-2023 Release 1 allows attackers to read arbitrary files with system permission.
- CVE-2023-21470Sep 3, 2025risk 0.00cvss —epss 0.00
Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.NETWORK_LOCATION action.
- CVE-2023-21469Sep 3, 2025risk 0.00cvss —epss 0.00
Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.GEOFENCE action.
Page 4 of 46