Total
243 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21503 | 1 Samsung | 2 Android, Exynos | 2024-02-28 | N/A | 9.8 CRITICAL |
| Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. | |||||
| CVE-2023-30642 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 5.5 MEDIUM |
| Improper privilege management vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to call privilege function. | |||||
| CVE-2023-21485 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 4.6 MEDIUM |
| Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox. | |||||
| CVE-2023-30648 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 5.5 MEDIUM |
| Stack out-of-bounds write vulnerability in IpcRxImeiUpdateImeiNoti of RILD priro to SMR Jul-2023 Release 1 cause a denial of service on the system. | |||||
| CVE-2023-21494 | 1 Samsung | 2 Android, Exynos | 2024-02-28 | N/A | 9.8 CRITICAL |
| Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. | |||||
| CVE-2023-30643 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 7.1 HIGH |
| Missing authentication vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to delete arbitrary non-preloaded applications. | |||||
| CVE-2023-30665 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 4.4 MEDIUM |
| Improper input validation vulnerability in OnOemServiceMode in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds read. | |||||
| CVE-2023-30650 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 7.8 HIGH |
| Out of bounds read and write in callrunTspCmd of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code. | |||||
| CVE-2023-30662 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 5.5 MEDIUM |
| Exposure of Sensitive Information vulnerability in getChipIds in UwbAospAdapterService prior to SMR Jul-2023 Release 1 allows local attackers to access the UWB chipset Identifier. | |||||
| CVE-2023-30647 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 7.8 HIGH |
| Heap out of bound write vulnerability in IpcRxUsimPhoneBookCapa of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code. | |||||
| CVE-2023-30668 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 7.8 HIGH |
| Out-of-bounds Write in BuildOemSecureSimLockResponse of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2023-21426 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 5.5 MEDIUM |
| Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows attackers to access cardemulation PIN. | |||||
| CVE-2023-21452 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 3.3 LOW |
| Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device. | |||||
| CVE-2023-21458 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 3.3 LOW |
| Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent. | |||||
| CVE-2023-21420 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 7.8 HIGH |
| Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution. | |||||
| CVE-2023-21428 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 3.3 LOW |
| Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code. | |||||
| CVE-2023-21461 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 5.5 MEDIUM |
| Improper authorization vulnerability in AutoPowerOnOffConfirmDialog in Settings prior to SMR Mar-2023 Release 1 allows local attacker to turn device off via unprotected activity. | |||||
| CVE-2023-21425 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information. | |||||
| CVE-2023-21422 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 5.5 MEDIUM |
| Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService. | |||||
| CVE-2023-21436 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 3.3 LOW |
| Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID. | |||||