Filtered by vendor Samsung
Subscribe
Total
932 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-30698 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 5.5 MEDIUM |
Improper access control vulnerability in TelephonyUI prior to SMR Aug-2023 Release 1 allows local attacker to connect BLE without privilege. | |||||
CVE-2023-30680 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Improper privilege management vulnerability in MMIGroup prior to SMR Aug-2023 Release 1 allows code execution with privilege. | |||||
CVE-2022-4894 | 2 Hp, Samsung | 2046 1vr14a, 1vr14a Firmware, 209u7a and 2043 more | 2023-12-10 | N/A | 7.3 HIGH |
Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element. | |||||
CVE-2023-30705 | 1 Samsung | 1 Galaxy Store | 2023-12-10 | N/A | 5.5 MEDIUM |
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission. | |||||
CVE-2023-30721 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 4.4 MEDIUM |
Insertion of sensitive information into log vulnerability in Locksettings prior to SMR Sep-2023 Release 1 allows a privileged local attacker to get lock screen match information from the log. | |||||
CVE-2023-30709 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 6.7 MEDIUM |
Improper access control in Dual Messenger prior to SMR Sep-2023 Release 1 allows local attackers launch activity with system privilege. | |||||
CVE-2023-30727 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.5 HIGH |
Improper access control vulnerability in SecSettings prior to SMR Oct-2023 Release 1 allows attackers to enable Wi-Fi and connect arbitrary Wi-Fi without User Interaction. | |||||
CVE-2023-30688 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
CVE-2023-30739 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Arbitrary File Descriptor Write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
CVE-2023-37368 | 1 Samsung | 32 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 29 more | 2023-12-10 | N/A | 7.5 HIGH |
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet. | |||||
CVE-2023-30730 | 2 Google, Samsung | 2 Android, Camera | 2023-12-10 | N/A | 5.5 MEDIUM |
Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file. | |||||
CVE-2023-41929 | 1 Samsung | 1 Memory Card \& Ufd Authentication | 2023-12-10 | N/A | 7.3 HIGH |
A DLL hijacking vulnerability in Samsung Memory Card & UFD Authentication Utility PC Software before 1.0.1 could allow a local attacker to escalate privileges. (An attacker must already have user privileges on Windows to exploit this vulnerability.) | |||||
CVE-2023-40293 | 1 Samsung | 1 Harman Infotainment | 2023-12-10 | N/A | 6.8 MEDIUM |
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object. | |||||
CVE-2023-36481 | 1 Samsung | 26 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 23 more | 2023-12-10 | N/A | 7.5 HIGH |
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop. | |||||
CVE-2023-42535 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Out-of-bounds Write in read_block of vold prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
CVE-2023-30716 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 5.5 MEDIUM |
Improper access control vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to trigger certain commands. | |||||
CVE-2023-30701 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 5.5 MEDIUM |
PendingIntent hijacking in WifiGeofenceManager prior to SMR Aug-2023 Release 1 allows local attacker to arbitrary file access. | |||||
CVE-2023-30704 | 1 Samsung | 1 Internet | 2023-12-10 | N/A | 4.6 MEDIUM |
Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication. | |||||
CVE-2023-42543 | 1 Samsung | 1 Bixby Voice | 2023-12-10 | N/A | 7.5 HIGH |
Improper verification of intent by broadcast receiver vulnerability in Bixby Voice prior to version 3.3.35.12 allows attackers to access arbitrary data with Bixby Voice privilege. | |||||
CVE-2023-30712 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity. |