Filtered by vendor Samsung
Subscribe
Total
932 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-30720 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 5.5 MEDIUM |
PendingIntent hijacking in LmsAssemblyTrackerCTC prior to SMR Sep-2023 Release 1 allows local attacker to gain arbitrary file access. | |||||
CVE-2023-40291 | 1 Samsung | 1 Harman Infotainment | 2023-12-10 | N/A | 6.8 MEDIUM |
Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name. | |||||
CVE-2023-42527 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 5.5 MEDIUM |
Improper input validation vulnerability in ProcessWriteFile of libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to expose sensitive information. | |||||
CVE-2023-30738 | 1 Samsung | 8 Galaxy Book, Galaxy Book Firmware, Galaxy Book Odyssey and 5 more | 2023-12-10 | N/A | 7.8 HIGH |
An improper input validation in UEFI Firmware prior to Firmware update Oct-2023 Release in Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360 and Galaxy Book Odyssey allows local attacker to execute SMM memory corruption. | |||||
CVE-2023-30719 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
Exposure of Sensitive Information vulnerability in InboundSmsHandler prior to SMR Sep-2023 Release 1 allows local attackers to access certain message data. | |||||
CVE-2023-30736 | 1 Samsung | 1 Samsung Assistant | 2023-12-10 | N/A | 5.4 MEDIUM |
Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows attacker to execute javascript interface. To trigger this vulnerability, user interaction is required. | |||||
CVE-2023-30726 | 1 Samsung | 1 Gamelauncher | 2023-12-10 | N/A | 5.5 MEDIUM |
PendingIntent hijacking vulnerability in GameLauncher prior to version 4.2.59.5 allows local attackers to access data. | |||||
CVE-2023-30708 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.5 HIGH |
Improper authentication in SecSettings prior to SMR Sep-2023 Release 1 allows attacker to access Captive Portal Wi-Fi in Reactivation Lock status. | |||||
CVE-2023-30706 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 4.9 MEDIUM |
Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to read arbitrary file with system privilege. | |||||
CVE-2023-30735 | 1 Samsung | 1 Sassistant | 2023-12-10 | N/A | 3.3 LOW |
Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant. | |||||
CVE-2023-42552 | 1 Samsung | 2 Android, Firewall | 2023-12-10 | N/A | 3.3 LOW |
Implicit intent hijacking vulnerability in Firewall application prior to versions 12.1.00.24 in Android 11, 13.1.00.16 in Android 12 and 14.1.00.7 in Android 13 allows 3rd party application to tamper the database of Firewall. | |||||
CVE-2023-30654 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 5.5 MEDIUM |
Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location. | |||||
CVE-2023-30699 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 9.8 CRITICAL |
Out-of-bounds write vulnerability in parser_hvcC function of libsimba library prior to SMR Aug-2023 Release 1 allows code execution by remote attackers. | |||||
CVE-2023-30679 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Improper access control in HDCP trustlet prior to SMR Aug-2023 Release 1 allows local attackers to execute arbitrary code. | |||||
CVE-2023-30723 | 1 Samsung | 1 Health | 2023-12-10 | N/A | 9.8 CRITICAL |
Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows attackers to write arbitrary file with Samsung Health privilege. | |||||
CVE-2023-40292 | 1 Samsung | 1 Harman Infotainment | 2023-12-10 | N/A | 4.3 MEDIUM |
Harman Infotainment 20190525031613 and later discloses the IP address via CarPlay CTRL packets. | |||||
CVE-2023-42545 | 1 Samsung | 2 Android, Phone | 2023-12-10 | N/A | 7.5 HIGH |
Use of implicit intent for sensitive communication vulnerability in Phone prior to versions 12.7.20.12 in Android 11, 13.1.48, 13.5.28 in Android 12, and 14.7.38 in Android 13 allows attackers to access location data. | |||||
CVE-2023-42540 | 1 Samsung | 1 Account | 2023-12-10 | N/A | 5.5 MEDIUM |
Improper access control vulnerability in Samsung Account prior to version 14.5.01.1 allows attackers to access sensitive information via implicit intent. | |||||
CVE-2023-42554 | 1 Samsung | 1 Pass | 2023-12-10 | N/A | 6.8 MEDIUM |
Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication. | |||||
CVE-2023-30707 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.1 HIGH |
Improper input validation vulnerability in FileProviderStatusReceiver in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows local attackers to delete arbitrary files with Samsung Keyboard privilege. |