Filtered by vendor Samsung
Subscribe
Total
1188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-30649 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| Heap out of bound write vulnerability in RmtUimNeedApdu of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code. | |||||
| CVE-2023-30648 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
| Stack out-of-bounds write vulnerability in IpcRxImeiUpdateImeiNoti of RILD priro to SMR Jul-2023 Release 1 cause a denial of service on the system. | |||||
| CVE-2023-30647 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| Heap out of bound write vulnerability in IpcRxUsimPhoneBookCapa of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code. | |||||
| CVE-2023-30646 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| Heap out of bound write vulnerability in BroadcastSmsConfig of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code. | |||||
| CVE-2023-30645 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| Heap out of bound write vulnerability in IpcRxIncomingCBMsg of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code. | |||||
| CVE-2023-30644 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| Stack out of bound write vulnerability in CdmaSmsParser of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code. | |||||
| CVE-2023-30643 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 7.7 HIGH |
| Missing authentication vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to delete arbitrary non-preloaded applications. | |||||
| CVE-2023-30642 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 6.2 MEDIUM |
| Improper privilege management vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to call privilege function. | |||||
| CVE-2023-30641 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 4.3 MEDIUM |
| Improper access control vulnerability in Settings prior to SMR Jul-2023 Release 1 allows physical attacker to use restricted user profile to access device owner's google account data. | |||||
| CVE-2023-30640 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 4.3 MEDIUM |
| Improper access control vulnerability in PersonaManagerService prior to SMR Jul-2023 Release 1 allows local attackers to change confiugration. | |||||
| CVE-2023-26498 | 1 Samsung | 10 Exynos 1080, Exynos 1080 Firmware, Exynos 980 and 7 more | 2024-11-21 | N/A | 8.6 HIGH |
| An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos Auto T5126. Memory corruption can occur due to improper checking of the number of properties while parsing the chatroom attribute in the SDP (Session Description Protocol) module. | |||||
| CVE-2023-26496 | 1 Samsung | 10 Exynos 1080, Exynos 1080 Firmware, Exynos 980 and 7 more | 2024-11-21 | N/A | 8.6 HIGH |
| An issue was discovered in Samsung Baseband Modem Chipset for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5124. Memory corruption can occur due to improper checking of the parameter length while parsing the fmtp attribute in the SDP (Session Description Protocol) module. | |||||
| CVE-2023-21518 | 1 Samsung | 1 Searchwidget | 2024-11-21 | N/A | 4.4 MEDIUM |
| Improper access control vulnerability in SearchWidget prior to version 3.3 in China models allows untrusted applications to start arbitrary activity. | |||||
| CVE-2023-21517 | 1 Samsung | 1 Exynos | 2024-11-21 | N/A | 8.8 HIGH |
| Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code. | |||||
| CVE-2023-21516 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | N/A | 7.5 HIGH |
| XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store. | |||||
| CVE-2023-21515 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | N/A | 7.5 HIGH |
| InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store. | |||||
| CVE-2023-21514 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | N/A | 7.5 HIGH |
| Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store. | |||||
| CVE-2023-21512 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 2.4 LOW |
| Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission. | |||||
| CVE-2023-21511 | 1 Samsung | 1 Samsung Blockchain Keystore | 2024-11-21 | N/A | 4.4 MEDIUM |
| Out-of-bounds Read vulnerability while processing CMD_COLDWALLET_BTC_SET_PRV_UTXO in bc_core trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory. | |||||
| CVE-2023-21510 | 1 Samsung | 1 Samsung Blockchain Keystore | 2024-11-21 | N/A | 4.4 MEDIUM |
| Out-of-bounds Read vulnerability while processing BC_TUI_CMD_UPDATE_SCREEN in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory. | |||||