Filtered by vendor Samsung
Subscribe
Total
1089 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21464 | 2 Google, Samsung | 2 Android, Calendar | 2024-02-28 | N/A | 3.3 LOW |
| Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08.2000 in Android 12 allows local attacker to configure improper status. | |||||
| CVE-2023-21420 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 7.8 HIGH |
| Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution. | |||||
| CVE-2023-21428 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 3.3 LOW |
| Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code. | |||||
| CVE-2023-26075 | 1 Samsung | 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more | 2024-02-28 | N/A | 9.8 CRITICAL |
| An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Service Area List. | |||||
| CVE-2023-21433 | 1 Samsung | 1 Galaxy Store | 2024-02-28 | N/A | 7.8 HIGH |
| Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store. | |||||
| CVE-2023-21434 | 1 Samsung | 1 Galaxy Store | 2024-02-28 | N/A | 6.1 MEDIUM |
| Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page. | |||||
| CVE-2023-21461 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 5.5 MEDIUM |
| Improper authorization vulnerability in AutoPowerOnOffConfirmDialog in Settings prior to SMR Mar-2023 Release 1 allows local attacker to turn device off via unprotected activity. | |||||
| CVE-2023-21425 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information. | |||||
| CVE-2023-21443 | 1 Samsung | 1 Flow | 2024-02-28 | N/A | 8.8 HIGH |
| Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands. | |||||
| CVE-2023-21422 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 5.5 MEDIUM |
| Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService. | |||||
| CVE-2023-21462 | 2 Google, Samsung | 2 Android, Quick Share | 2024-02-28 | N/A | 3.3 LOW |
| The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in Android 12 and 3.5.16.20 in Android 13 allows to local attacker to access MAC address without related permission. | |||||
| CVE-2023-21436 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 3.3 LOW |
| Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID. | |||||
| CVE-2023-21429 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 3.3 LOW |
| Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID. | |||||
| CVE-2023-21435 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 5.5 MEDIUM |
| Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log. | |||||
| CVE-2023-21423 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 5.5 MEDIUM |
| Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action. | |||||
| CVE-2023-21446 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 5.5 MEDIUM |
| Improper input validation in MyFiles prior to version 12.2.09 in Android R(11), 13.1.03.501 in Android S( 12) and 14.1.00.422 in Android T(13) allows local attacker to access data of MyFiles. | |||||
| CVE-2023-26073 | 1 Samsung | 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more | 2024-02-28 | N/A | 9.8 CRITICAL |
| An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the extended emergency number list. | |||||
| CVE-2023-21449 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in Call application prior to SMR Mar-2023 Release 1 allows local attackers to access sensitive information without proper permission. | |||||
| CVE-2023-21454 | 1 Samsung | 1 Android | 2024-02-28 | N/A | 2.4 LOW |
| Improper authorization in Samsung Keyboard prior to SMR Mar-2023 Release 1 allows physical attacker to access users text history on the lockscreen. | |||||
| CVE-2023-21447 | 1 Samsung | 1 Cloud | 2024-02-28 | N/A | 3.3 LOW |
| Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent. | |||||