Total
175 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-30658 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Improper input validation vulnerability in DataProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities. | |||||
CVE-2023-21513 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 6.8 MEDIUM |
Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition. | |||||
CVE-2023-30657 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Improper input validation vulnerability in EnhancedAttestationResult prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities. | |||||
CVE-2023-21496 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 5.5 MEDIUM |
Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level. | |||||
CVE-2023-30661 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 5.5 MEDIUM |
Exposure of Sensitive Information vulnerability in getChipInfos in UwbAospAdapterService prior to SMR Jul-2023 Release 1 allows local attackers to access the UWB chipset Identifier. | |||||
CVE-2023-30663 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Improper input validation vulnerability in OemPersonalizationSetLock in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write. | |||||
CVE-2023-30670 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Out-of-bounds Write in BuildIpcFactoryDeviceTestEvent of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
CVE-2023-21495 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 5.5 MEDIUM |
Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device admin is set. | |||||
CVE-2023-21500 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 5.5 MEDIUM |
Double free validation vulnerability in setPinPadImages in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the trustlet memory. | |||||
CVE-2023-21485 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 4.6 MEDIUM |
Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox. | |||||
CVE-2023-21502 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Improper input validation vulnerability in FactoryTest application prior to SMR May-2023 Release 1 allows local attackers to get privilege escalation via debugging commands. | |||||
CVE-2023-30671 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 5.5 MEDIUM |
Logic error in package installation via adb command prior to SMR Jul-2023 Release 1 allows local attackers to downgrade installed application. | |||||
CVE-2023-30667 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
Improper access control in Audio system service prior to SMR Jul-2023 Release 1 allows attacker to send broadcast with system privilege. | |||||
CVE-2023-21489 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 6.8 MEDIUM |
Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code. | |||||
CVE-2023-21492 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 4.4 MEDIUM |
Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. | |||||
CVE-2023-21486 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 4.6 MEDIUM |
Improper export of android application components vulnerability in ImagePreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox. | |||||
CVE-2023-30650 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Out of bounds read and write in callrunTspCmd of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code. | |||||
CVE-2023-30647 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 7.8 HIGH |
Heap out of bound write vulnerability in IpcRxUsimPhoneBookCapa of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code. | |||||
CVE-2023-30648 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 5.5 MEDIUM |
Stack out-of-bounds write vulnerability in IpcRxImeiUpdateImeiNoti of RILD priro to SMR Jul-2023 Release 1 cause a denial of service on the system. | |||||
CVE-2023-30640 | 1 Samsung | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
Improper access control vulnerability in PersonaManagerService prior to SMR Jul-2023 Release 1 allows local attackers to change confiugration. |