Vendor CVEs
Samsung Mobile
All CVEs
2,204 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-21515 | 0.00 | — | 0.01 | May 26, 2023 | InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store. | |||
| CVE-2023-29092 | 0.00 | — | 0.00 | May 9, 2023 | An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, and Exynos 1080. Binding of a wrong resource can occur due to improper handling of parameters while binding a network interface. | |||
| CVE-2023-21506 | 0.00 | — | 0.00 | May 4, 2023 | Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code. | |||
| CVE-2023-21505 | 0.00 | — | 0.00 | May 4, 2023 | Improper access control in Samsung Core Service prior to version 2.1.00.36 allows attacker to write arbitrary file in sandbox. | |||
| CVE-2023-21503 | 0.00 | — | 0.01 | May 4, 2023 | Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. | |||
| CVE-2023-21502 | 0.00 | — | 0.00 | May 4, 2023 | Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1 allows local attackers to get privilege escalation via debugging commands. | |||
| CVE-2023-21501 | 0.00 | — | 0.00 | May 4, 2023 | Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code. | |||
| CVE-2023-21500 | 0.00 | — | 0.00 | May 4, 2023 | Double free validation vulnerability in setPinPadImages in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the trustlet memory. | |||
| CVE-2023-21499 | 0.00 | — | 0.00 | May 4, 2023 | Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code. | |||
| CVE-2023-21498 | 0.00 | — | 0.00 | May 4, 2023 | Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to overwrite the trustlet memory. | |||
| CVE-2023-21497 | 0.00 | — | 0.00 | May 4, 2023 | Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address. | |||
| CVE-2023-21496 | 0.00 | — | 0.00 | May 4, 2023 | Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level. | |||
| CVE-2023-21495 | 0.00 | — | 0.00 | May 4, 2023 | Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device admin is set. | |||
| CVE-2023-21494 | 0.00 | — | 0.01 | May 4, 2023 | Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. | |||
| CVE-2023-21493 | 0.00 | — | 0.00 | May 4, 2023 | Improper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected data. | |||
| CVE-2023-21491 | 0.00 | — | 0.00 | May 4, 2023 | Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with system privilege. | |||
| CVE-2023-21490 | 0.00 | — | 0.00 | May 4, 2023 | Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager. | |||
| CVE-2023-21489 | 0.00 | — | 0.00 | May 4, 2023 | Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code. | |||
| CVE-2023-21488 | 0.00 | — | 0.00 | May 4, 2023 | Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips. | |||
| CVE-2023-21487 | 0.00 | — | 0.00 | May 4, 2023 | Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call setting. | |||
| CVE-2023-21486 | 0.00 | — | 0.00 | May 4, 2023 | Improper export of android application components vulnerability in ImagePreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox. | |||
| CVE-2023-21485 | 0.00 | — | 0.00 | May 4, 2023 | Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox. | |||
| CVE-2023-21484 | 0.00 | — | 0.00 | May 4, 2023 | Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation. | |||
| CVE-2023-21504 | 0.00 | — | 0.01 | May 4, 2023 | Potential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. | |||
| CVE-2023-21511 | 0.00 | — | 0.00 | May 4, 2023 | Out-of-bounds Read vulnerability while processing CMD_COLDWALLET_BTC_SET_PRV_UTXO in bc_core trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory. | |||
| CVE-2023-21510 | 0.00 | — | 0.00 | May 4, 2023 | Out-of-bounds Read vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory. | |||
| CVE-2023-21509 | 0.00 | — | 0.00 | May 4, 2023 | Out-of-bounds Write vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code. | |||
| CVE-2023-21508 | 0.00 | — | 0.00 | May 4, 2023 | Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code. | |||
| CVE-2023-21507 | 0.00 | — | 0.00 | May 4, 2023 | Out-of-bounds Read vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory. | |||
| CVE-2023-29086 | 0.00 | — | 0.01 | Apr 14, 2023 | An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding… | |||
| CVE-2023-29085 | 0.00 | — | 0.01 | Apr 14, 2023 | An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding… | |||
| CVE-2023-29090 | 0.00 | — | 0.01 | Apr 14, 2023 | An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding… | |||
| CVE-2023-29089 | 0.00 | — | 0.01 | Apr 14, 2023 | An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding… | |||
| CVE-2023-29088 | 0.00 | — | 0.01 | Apr 14, 2023 | An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding… | |||
| CVE-2023-29087 | 0.00 | — | 0.01 | Apr 14, 2023 | An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding… | |||
| CVE-2023-29091 | 0.00 | — | 0.01 | Apr 14, 2023 | An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding… | |||
| CVE-2023-20665 | 0.00 | — | 0.00 | Apr 6, 2023 | In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628604; Issue ID: ALPS07628604. | |||
| CVE-2023-28613 | 0.00 | — | 0.01 | Apr 4, 2023 | An issue was discovered in Samsung Exynos Mobile Processor and Baseband Modem Processor for Exynos 1280, Exynos 2200, and Exynos Modem 5300. An integer overflow in IPv4 fragment handling can occur due to insufficient parameter validation when reassembling these fragments. | |||
| CVE-2022-1230 | 0.00 | — | 0.00 | Mar 28, 2023 | This vulnerability allows local attackers to execute arbitrary code on affected installations of Samsung Galaxy S21 prior to 4.5.40.5 phones. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The… | |||
| CVE-2023-26498 | 0.00 | — | 0.24 | Mar 23, 2023 | An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos Auto T5126. Memory corruption can occur due to improper checking of the number of properties while parsing the chatroom attribute in the SDP… | |||
| CVE-2023-26496 | 0.00 | — | 0.24 | Mar 23, 2023 | An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5124. Memory corruption can occur due to improper checking of the parameter length while parsing the fmtp attribute in the SDP (Session… | |||
| CVE-2023-26497 | 0.00 | — | 0.24 | Mar 21, 2023 | An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5125. Memory corruption can occur when processing Session Description Negotiation for Video Configuration Attribute. | |||
| CVE-2023-21459 | 0.00 | — | 0.00 | Mar 16, 2023 | Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault. | |||
| CVE-2023-21458 | 0.00 | — | 0.00 | Mar 16, 2023 | Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent. | |||
| CVE-2023-21457 | 0.00 | — | 0.00 | Mar 16, 2023 | Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1 allows attackers to send file via Bluetooth without related permission. | |||
| CVE-2023-21456 | 0.00 | — | 0.00 | Mar 16, 2023 | Path traversal vulnerability in Galaxy Themes Service prior to SMR Mar-2023 Release 1 allows attacker to access arbitrary file with system uid. | |||
| CVE-2023-21455 | 0.00 | — | 0.00 | Mar 16, 2023 | Improper authorization implementation in Exynos baseband prior to SMR Mar-2023 Release 1 allows incorrect handling of unencrypted message. | |||
| CVE-2023-21454 | 0.00 | — | 0.00 | Mar 16, 2023 | Improper authorization in Samsung Keyboard prior to SMR Mar-2023 Release 1 allows physical attacker to access users text history on the lockscreen. | |||
| CVE-2023-21453 | 0.00 | — | 0.00 | Mar 16, 2023 | Improper input validation vulnerability in SoftSim TA prior to SMR Mar-2023 Release 1 allows local attackers access to protected data. | |||
| CVE-2023-21452 | 0.00 | — | 0.00 | Mar 16, 2023 | Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device. |
- CVE-2023-21515May 26, 2023risk 0.00cvss —epss 0.01
InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.
- CVE-2023-29092May 9, 2023risk 0.00cvss —epss 0.00
An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, and Exynos 1080. Binding of a wrong resource can occur due to improper handling of parameters while binding a network interface.
- CVE-2023-21506May 4, 2023risk 0.00cvss —epss 0.00
Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.
- CVE-2023-21505May 4, 2023risk 0.00cvss —epss 0.00
Improper access control in Samsung Core Service prior to version 2.1.00.36 allows attacker to write arbitrary file in sandbox.
- CVE-2023-21503May 4, 2023risk 0.00cvss —epss 0.01
Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.
- CVE-2023-21502May 4, 2023risk 0.00cvss —epss 0.00
Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1 allows local attackers to get privilege escalation via debugging commands.
- CVE-2023-21501May 4, 2023risk 0.00cvss —epss 0.00
Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code.
- CVE-2023-21500May 4, 2023risk 0.00cvss —epss 0.00
Double free validation vulnerability in setPinPadImages in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the trustlet memory.
- CVE-2023-21499May 4, 2023risk 0.00cvss —epss 0.00
Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code.
- CVE-2023-21498May 4, 2023risk 0.00cvss —epss 0.00
Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to overwrite the trustlet memory.
- CVE-2023-21497May 4, 2023risk 0.00cvss —epss 0.00
Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address.
- CVE-2023-21496May 4, 2023risk 0.00cvss —epss 0.00
Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level.
- CVE-2023-21495May 4, 2023risk 0.00cvss —epss 0.00
Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device admin is set.
- CVE-2023-21494May 4, 2023risk 0.00cvss —epss 0.01
Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.
- CVE-2023-21493May 4, 2023risk 0.00cvss —epss 0.00
Improper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected data.
- CVE-2023-21491May 4, 2023risk 0.00cvss —epss 0.00
Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with system privilege.
- CVE-2023-21490May 4, 2023risk 0.00cvss —epss 0.00
Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager.
- CVE-2023-21489May 4, 2023risk 0.00cvss —epss 0.00
Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code.
- CVE-2023-21488May 4, 2023risk 0.00cvss —epss 0.00
Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips.
- CVE-2023-21487May 4, 2023risk 0.00cvss —epss 0.00
Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call setting.
- CVE-2023-21486May 4, 2023risk 0.00cvss —epss 0.00
Improper export of android application components vulnerability in ImagePreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox.
- CVE-2023-21485May 4, 2023risk 0.00cvss —epss 0.00
Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox.
- CVE-2023-21484May 4, 2023risk 0.00cvss —epss 0.00
Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation.
- CVE-2023-21504May 4, 2023risk 0.00cvss —epss 0.01
Potential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.
- CVE-2023-21511May 4, 2023risk 0.00cvss —epss 0.00
Out-of-bounds Read vulnerability while processing CMD_COLDWALLET_BTC_SET_PRV_UTXO in bc_core trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.
- CVE-2023-21510May 4, 2023risk 0.00cvss —epss 0.00
Out-of-bounds Read vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.
- CVE-2023-21509May 4, 2023risk 0.00cvss —epss 0.00
Out-of-bounds Write vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.
- CVE-2023-21508May 4, 2023risk 0.00cvss —epss 0.00
Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code.
- CVE-2023-21507May 4, 2023risk 0.00cvss —epss 0.00
Out-of-bounds Read vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA_ARRAY command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory.
- CVE-2023-29086Apr 14, 2023risk 0.00cvss —epss 0.01
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding…
- CVE-2023-29085Apr 14, 2023risk 0.00cvss —epss 0.01
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding…
- CVE-2023-29090Apr 14, 2023risk 0.00cvss —epss 0.01
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding…
- CVE-2023-29089Apr 14, 2023risk 0.00cvss —epss 0.01
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding…
- CVE-2023-29088Apr 14, 2023risk 0.00cvss —epss 0.01
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding…
- CVE-2023-29087Apr 14, 2023risk 0.00cvss —epss 0.01
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding…
- CVE-2023-29091Apr 14, 2023risk 0.00cvss —epss 0.01
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding…
- CVE-2023-20665Apr 6, 2023risk 0.00cvss —epss 0.00
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628604; Issue ID: ALPS07628604.
- CVE-2023-28613Apr 4, 2023risk 0.00cvss —epss 0.01
An issue was discovered in Samsung Exynos Mobile Processor and Baseband Modem Processor for Exynos 1280, Exynos 2200, and Exynos Modem 5300. An integer overflow in IPv4 fragment handling can occur due to insufficient parameter validation when reassembling these fragments.
- CVE-2022-1230Mar 28, 2023risk 0.00cvss —epss 0.00
This vulnerability allows local attackers to execute arbitrary code on affected installations of Samsung Galaxy S21 prior to 4.5.40.5 phones. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The…
- CVE-2023-26498Mar 23, 2023risk 0.00cvss —epss 0.24
An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos Auto T5126. Memory corruption can occur due to improper checking of the number of properties while parsing the chatroom attribute in the SDP…
- CVE-2023-26496Mar 23, 2023risk 0.00cvss —epss 0.24
An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5124. Memory corruption can occur due to improper checking of the parameter length while parsing the fmtp attribute in the SDP (Session…
- CVE-2023-26497Mar 21, 2023risk 0.00cvss —epss 0.24
An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5125. Memory corruption can occur when processing Session Description Negotiation for Video Configuration Attribute.
- CVE-2023-21459Mar 16, 2023risk 0.00cvss —epss 0.00
Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault.
- CVE-2023-21458Mar 16, 2023risk 0.00cvss —epss 0.00
Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent.
- CVE-2023-21457Mar 16, 2023risk 0.00cvss —epss 0.00
Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1 allows attackers to send file via Bluetooth without related permission.
- CVE-2023-21456Mar 16, 2023risk 0.00cvss —epss 0.00
Path traversal vulnerability in Galaxy Themes Service prior to SMR Mar-2023 Release 1 allows attacker to access arbitrary file with system uid.
- CVE-2023-21455Mar 16, 2023risk 0.00cvss —epss 0.00
Improper authorization implementation in Exynos baseband prior to SMR Mar-2023 Release 1 allows incorrect handling of unencrypted message.
- CVE-2023-21454Mar 16, 2023risk 0.00cvss —epss 0.00
Improper authorization in Samsung Keyboard prior to SMR Mar-2023 Release 1 allows physical attacker to access users text history on the lockscreen.
- CVE-2023-21453Mar 16, 2023risk 0.00cvss —epss 0.00
Improper input validation vulnerability in SoftSim TA prior to SMR Mar-2023 Release 1 allows local attackers access to protected data.
- CVE-2023-21452Mar 16, 2023risk 0.00cvss —epss 0.00
Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device.
Page 24 of 45