Filtered by vendor Samsung
Subscribe
Total
1176 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21438 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 2.1 LOW |
| Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder. | |||||
| CVE-2023-21437 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
| Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast. | |||||
| CVE-2023-21436 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
| Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID. | |||||
| CVE-2023-21435 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
| Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log. | |||||
| CVE-2023-21434 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | N/A | 6.2 MEDIUM |
| Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page. | |||||
| CVE-2023-21433 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | N/A | 7.8 HIGH |
| Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store. | |||||
| CVE-2023-21432 | 1 Samsung | 1 Smart Things | 2024-11-21 | N/A | 4.2 MEDIUM |
| Improper access control vulnerabilities in Smart Things prior to 1.7.93 allows to attacker to invite others without authorization of the owner. | |||||
| CVE-2023-21431 | 1 Samsung | 1 Bixby Vision | 2024-11-21 | N/A | 3.3 LOW |
| Improper input validation in Bixby Vision prior to version 3.7.70.17 allows attacker to access data of Bixby Vision. | |||||
| CVE-2023-21430 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
| An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault. | |||||
| CVE-2023-21429 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
| Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID. | |||||
| CVE-2023-21428 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
| Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code. | |||||
| CVE-2023-21427 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.4 MEDIUM |
| Improper access control vulnerability in NfcTile prior to SMR Jan-2023 Release 1 allows to attacker to use NFC without user recognition. | |||||
| CVE-2023-21426 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 4.3 MEDIUM |
| Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows attackers to access cardemulation PIN. | |||||
| CVE-2023-21425 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 4.3 MEDIUM |
| Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information. | |||||
| CVE-2023-21424 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.1 MEDIUM |
| Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper prior to SMR Jan-2023 Release 1 allows attacker to modify network related values, network code, carrier id and operator brand. | |||||
| CVE-2023-21423 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.1 MEDIUM |
| Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action. | |||||
| CVE-2023-21422 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.7 MEDIUM |
| Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService. | |||||
| CVE-2023-21421 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.9 MEDIUM |
| Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN. | |||||
| CVE-2023-21420 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 7.3 HIGH |
| Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution. | |||||
| CVE-2022-4894 | 2 Hp, Samsung | 2046 1vr14a, 1vr14a Firmware, 209u7a and 2043 more | 2024-11-21 | N/A | 7.3 HIGH |
| Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element. | |||||