Samsung Mobile
CVEs (15)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-20813 | 0.00 | — | 0.00 | Feb 6, 2024 | Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | |||
| CVE-2023-42534 | 0.00 | — | 0.00 | Nov 7, 2023 | Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows local attackers to read arbitrary files with system privilege. | |||
| CVE-2023-30731 | 0.00 | — | 0.00 | Oct 4, 2023 | Logic error in package installation via debugger command prior to SMR Oct-2023 Release 1 allows physical attacker to install an application that has different build type. | |||
| CVE-2023-30700 | 0.00 | — | 0.00 | Aug 10, 2023 | PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in framework prior to SMR Aug-2023 Release 1 allows local attackers to access ContentProvider without proper permission. | |||
| CVE-2022-39897 | 0.00 | — | 0.00 | Dec 8, 2022 | Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log. | |||
| CVE-2022-33728 | 0.00 | — | 0.00 | Aug 5, 2022 | Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attackers to access connected BT macAddress via Settings.Gloabal. | |||
| CVE-2022-30720 | 0.00 | — | 0.00 | Jun 7, 2022 | Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash. | |||
| CVE-2022-30710 | 0.00 | — | 0.00 | Jun 7, 2022 | Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities. | |||
| CVE-2022-25822 | 0.00 | — | 0.00 | Mar 8, 2022 | An use after free vulnerability in sdp driver prior to SMR Mar-2022 Release 1 allows kernel crash. | |||
| CVE-2018-21048 | 0.00 | — | 0.00 | Apr 8, 2020 | An issue was discovered on Samsung mobile devices with O(8.x) software. There is a Notification leak on a locked device in Standalone Dex mode. The Samsung ID is SVE-2018-12925 (November 2018). | |||
| CVE-2017-18662 | 0.00 | — | 0.00 | Apr 7, 2020 | An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. Data outside of the rkp log buffer boundary is read, causing an information leak. The Samsung ID is SVE-2017-9109 (July 2017). | |||
| CVE-2019-20582 | 0.00 | — | 0.00 | Mar 24, 2020 | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) devices (Exynos9810 chipsets) software. There is a use after free in the ion driver. The Samsung ID is SVE-2019-14837 (August 2019). | |||
| CVE-2019-20581 | 0.00 | — | 0.00 | Mar 24, 2020 | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A stack overflow in the HDCP Trustlet causes arbitrary code execution. The Samsung ID is SVE-2019-14665 (August 2019). | |||
| CVE-2019-20580 | 0.00 | — | 0.00 | Mar 24, 2020 | An issue was discovered on Samsung mobile devices with P(9.0) software. The Motion photo player allows attackers to bypass the Secure Folder feature to view images. The Samsung ID is SVE-2019-14653 (August 2019). | |||
| CVE-2018-9139 | 0.00 | — | 0.01 | Mar 30, 2018 | On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165. |
- CVE-2024-20813Feb 6, 2024risk 0.00cvss —epss 0.00
Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.
- CVE-2023-42534Nov 7, 2023risk 0.00cvss —epss 0.00
Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows local attackers to read arbitrary files with system privilege.
- CVE-2023-30731Oct 4, 2023risk 0.00cvss —epss 0.00
Logic error in package installation via debugger command prior to SMR Oct-2023 Release 1 allows physical attacker to install an application that has different build type.
- CVE-2023-30700Aug 10, 2023risk 0.00cvss —epss 0.00
PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in framework prior to SMR Aug-2023 Release 1 allows local attackers to access ContentProvider without proper permission.
- CVE-2022-39897Dec 8, 2022risk 0.00cvss —epss 0.00
Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log.
- CVE-2022-33728Aug 5, 2022risk 0.00cvss —epss 0.00
Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attackers to access connected BT macAddress via Settings.Gloabal.
- CVE-2022-30720Jun 7, 2022risk 0.00cvss —epss 0.00
Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.
- CVE-2022-30710Jun 7, 2022risk 0.00cvss —epss 0.00
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.
- CVE-2022-25822Mar 8, 2022risk 0.00cvss —epss 0.00
An use after free vulnerability in sdp driver prior to SMR Mar-2022 Release 1 allows kernel crash.
- CVE-2018-21048Apr 8, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with O(8.x) software. There is a Notification leak on a locked device in Standalone Dex mode. The Samsung ID is SVE-2018-12925 (November 2018).
- CVE-2017-18662Apr 7, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. Data outside of the rkp log buffer boundary is read, causing an information leak. The Samsung ID is SVE-2017-9109 (July 2017).
- CVE-2019-20582Mar 24, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) devices (Exynos9810 chipsets) software. There is a use after free in the ion driver. The Samsung ID is SVE-2019-14837 (August 2019).
- CVE-2019-20581Mar 24, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A stack overflow in the HDCP Trustlet causes arbitrary code execution. The Samsung ID is SVE-2019-14665 (August 2019).
- CVE-2019-20580Mar 24, 2020risk 0.00cvss —epss 0.00
An issue was discovered on Samsung mobile devices with P(9.0) software. The Motion photo player allows attackers to bypass the Secure Folder feature to view images. The Samsung ID is SVE-2019-14653 (August 2019).
- CVE-2018-9139Mar 30, 2018risk 0.00cvss —epss 0.01
On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165.