Filtered by vendor Samsung
Subscribe
Total
932 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-30686 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Out-of-bounds Write in ReqDataRaw of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
CVE-2023-30693 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Out-of-bounds Write in DoOemFactorySendFactoryBypassCommand of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
CVE-2023-42547 | 1 Samsung | 1 Account | 2023-12-10 | N/A | 6.5 MEDIUM |
Use of implicit intent for sensitive communication vulnerability in startEmailValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege. | |||||
CVE-2023-42549 | 1 Samsung | 1 Account | 2023-12-10 | N/A | 6.5 MEDIUM |
Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege. | |||||
CVE-2023-42541 | 1 Samsung | 1 Push Service | 2023-12-10 | N/A | 5.3 MEDIUM |
Improper authorization in PushClientProvider of Samsung Push Service prior to version 3.4.10 allows attacker to access unique id. | |||||
CVE-2023-30703 | 1 Samsung | 1 Members | 2023-12-10 | N/A | 4.3 MEDIUM |
Improper URL validation vulnerability in Samsung Members prior to version 14.0.07.1 allows attackers to access sensitive information. | |||||
CVE-2021-35309 | 1 Samsung | 1 Syncthru Web Service | 2023-12-10 | N/A | 7.5 HIGH |
An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain escalated privileges via MITM attacks. | |||||
CVE-2023-30732 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
Improper access control in system property prior to SMR Oct-2023 Release 1 allows local attacker to get CPU serial number. | |||||
CVE-2023-37367 | 1 Samsung | 24 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 21 more | 2023-12-10 | N/A | 5.3 MEDIUM |
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. In the NAS Task, an improperly implemented security check for standard can disallow desired services for a while via consecutive NAS messages. | |||||
CVE-2023-42555 | 1 Samsung | 1 Easysetup | 2023-12-10 | N/A | 5.5 MEDIUM |
Use of implicit intent for sensitive communication vulnerability in EasySetup prior to version 11.1.13 allows attackers to get the bluetooth address of user device. | |||||
CVE-2023-30691 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to privilege escalation. | |||||
CVE-2023-30687 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Out-of-bounds Write in RmtUimApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
CVE-2023-30702 | 1 Samsung | 8 Galaxy Book2 Go, Galaxy Book2 Go Firmware, Galaxy Book2 Pro 360 and 5 more | 2023-12-10 | N/A | 7.8 HIGH |
Stack overflow vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code. | |||||
CVE-2023-30731 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 4.6 MEDIUM |
Logic error in package installation via debugger command prior to SMR Oct-2023 Release 1 allows physical attacker to install an application that has different build type. | |||||
CVE-2023-42542 | 1 Samsung | 1 Push Service | 2023-12-10 | N/A | 3.3 LOW |
Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID to identify the device. | |||||
CVE-2023-30681 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write. | |||||
CVE-2023-30696 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write. | |||||
CVE-2023-42532 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.5 HIGH |
Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote attacker to intercept the network traffic including Firmware information. | |||||
CVE-2023-30684 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
Improper access control in Samsung Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call acceptRingingCall API without permission. | |||||
CVE-2023-42482 | 1 Samsung | 2 Exynos 2200, Exynos 2200 Firmware | 2023-12-10 | N/A | 7.5 HIGH |
Samsung Mobile Processor Exynos 2200 allows a GPU Use After Free. |