Filtered by vendor Samsung
Subscribe
Total
1332 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21434 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | N/A | 6.2 MEDIUM |
| Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page. | |||||
| CVE-2023-21433 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | N/A | 7.8 HIGH |
| Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store. | |||||
| CVE-2023-21432 | 1 Samsung | 1 Smart Things | 2024-11-21 | N/A | 4.2 MEDIUM |
| Improper access control vulnerabilities in Smart Things prior to 1.7.93 allows to attacker to invite others without authorization of the owner. | |||||
| CVE-2023-21431 | 1 Samsung | 1 Bixby Vision | 2024-11-21 | N/A | 3.3 LOW |
| Improper input validation in Bixby Vision prior to version 3.7.70.17 allows attacker to access data of Bixby Vision. | |||||
| CVE-2023-21430 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
| An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault. | |||||
| CVE-2023-21429 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
| Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID. | |||||
| CVE-2023-21428 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
| Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code. | |||||
| CVE-2023-21427 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.4 MEDIUM |
| Improper access control vulnerability in NfcTile prior to SMR Jan-2023 Release 1 allows to attacker to use NFC without user recognition. | |||||
| CVE-2023-21426 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 4.3 MEDIUM |
| Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows attackers to access cardemulation PIN. | |||||
| CVE-2023-21425 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 4.3 MEDIUM |
| Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information. | |||||
| CVE-2023-21424 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.1 MEDIUM |
| Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper prior to SMR Jan-2023 Release 1 allows attacker to modify network related values, network code, carrier id and operator brand. | |||||
| CVE-2023-21423 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.1 MEDIUM |
| Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action. | |||||
| CVE-2023-21422 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.7 MEDIUM |
| Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService. | |||||
| CVE-2023-21421 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.9 MEDIUM |
| Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN. | |||||
| CVE-2023-21420 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 7.3 HIGH |
| Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution. | |||||
| CVE-2022-4894 | 2 Hp, Samsung | 2046 1vr14a, 1vr14a Firmware, 209u7a and 2043 more | 2024-11-21 | N/A | 7.3 HIGH |
| Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element. | |||||
| CVE-2022-40762 | 1 Samsung | 1 Mtower | 2024-11-21 | N/A | 7.5 HIGH |
| A Memory Allocation with Excessive Size Value vulnerablity in the TEE_Realloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_Realloc with an excessive number for the parameter len. | |||||
| CVE-2022-40761 | 1 Samsung | 1 Mtower | 2024-11-21 | N/A | 7.5 HIGH |
| The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc. | |||||
| CVE-2022-40760 | 1 Samsung | 1 Mtower | 2024-11-21 | N/A | 7.5 HIGH |
| A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACUpdate with an excessive size value of chunkSize. | |||||
| CVE-2022-40759 | 1 Samsung | 1 Mtower | 2024-11-21 | N/A | 7.5 HIGH |
| A NULL pointer dereference issue in the TEE_MACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACCompareFinal with a NULL pointer for the parameter operation. | |||||