Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Samsung Security Vulnerabilities

cve
cve

CVE-2023-21452

Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected...

3.3CVSS

4.1AI Score

0.0004EPSS

2023-03-16 09:15 PM
15
cve
cve

CVE-2023-21451

A Stack-based overflow vulnerability in IpcRxEmbmsSessionList in SECRIL prior to Android S(12) allows attacker to cause memory...

7.8CVSS

7.4AI Score

0.0004EPSS

2023-02-09 07:15 PM
21
cve
cve

CVE-2023-21438

Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure...

2.4CVSS

3.7AI Score

0.0004EPSS

2023-02-09 07:15 PM
25
cve
cve

CVE-2023-21439

Improper input validation vulnerability in UwbDataTxStatusEvent prior to SMR Feb-2023 Release 1 allows attackers to launch certain...

8.5CVSS

7.5AI Score

0.0004EPSS

2023-02-09 07:15 PM
20
cve
cve

CVE-2023-21436

Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account...

3.3CVSS

4.1AI Score

0.0004EPSS

2023-02-09 07:15 PM
18
cve
cve

CVE-2023-21440

Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen...

6.2CVSS

5.4AI Score

0.001EPSS

2023-02-09 07:15 PM
28
cve
cve

CVE-2023-21444

Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers to decrypt encrypted messages or inject...

8.8CVSS

8.5AI Score

0.001EPSS

2023-02-09 07:15 PM
23
cve
cve

CVE-2023-21437

Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit...

5.5CVSS

5.2AI Score

0.0004EPSS

2023-02-09 07:15 PM
21
cve
cve

CVE-2023-21443

Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject...

8.8CVSS

8.4AI Score

0.001EPSS

2023-02-09 07:15 PM
27
cve
cve

CVE-2023-21447

Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit...

4CVSS

4.2AI Score

0.0004EPSS

2023-02-09 07:15 PM
17
cve
cve

CVE-2023-21448

Path traversal vulnerability in Samsung Cloud prior to version 5.3.0.32 allows attacker to access specific png...

5.7CVSS

4.1AI Score

0.0004EPSS

2023-02-09 07:15 PM
18
cve
cve

CVE-2023-21424

Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper prior to SMR Jan-2023 Release 1 allows attacker to modify network related values, network code, carrier id and operator...

5.1CVSS

4.1AI Score

0.0004EPSS

2023-02-09 07:15 PM
18
cve
cve

CVE-2023-21425

Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive...

5.5CVSS

5.3AI Score

0.0004EPSS

2023-02-09 07:15 PM
14
cve
cve

CVE-2023-21427

Improper access control vulnerability in NfcTile prior to SMR Jan-2023 Release 1 allows to attacker to use NFC without user...

6.5CVSS

6.3AI Score

0.0004EPSS

2023-02-09 07:15 PM
22
cve
cve

CVE-2023-21428

Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused...

4CVSS

4.1AI Score

0.0004EPSS

2023-02-09 07:15 PM
15
cve
cve

CVE-2023-21435

Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via...

5.5CVSS

5.3AI Score

0.0004EPSS

2023-02-09 07:15 PM
18
cve
cve

CVE-2023-21423

Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected...

5.5CVSS

5.4AI Score

0.0004EPSS

2023-02-09 07:15 PM
16
cve
cve

CVE-2023-21426

Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows attackers to access cardemulation...

5.5CVSS

5.4AI Score

0.0004EPSS

2023-02-09 07:15 PM
21
cve
cve

CVE-2023-21429

Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access...

4CVSS

4.1AI Score

0.0004EPSS

2023-02-09 07:15 PM
14
cve
cve

CVE-2023-21430

An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access...

7.8CVSS

7.3AI Score

0.0004EPSS

2023-02-09 07:15 PM
14
cve
cve

CVE-2023-21421

Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM...

7.8CVSS

7.5AI Score

0.0004EPSS

2023-02-09 07:15 PM
14
cve
cve

CVE-2023-21420

Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code...

7.8CVSS

8AI Score

0.0004EPSS

2023-02-09 07:15 PM
16
cve
cve

CVE-2023-21419

An improper implementation logic in Secure Folder prior to SMR Jan-2023 Release 1 allows the Secure Folder container remain unlocked under certain...

7.5CVSS

7.4AI Score

0.001EPSS

2023-02-09 07:15 PM
32
cve
cve

CVE-2023-21422

Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding...

5.7CVSS

5.4AI Score

0.0004EPSS

2023-02-09 07:15 PM
14
cve
cve

CVE-2022-39914

Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManagerService prior to Android T(13) allows local attacker to access connected DLNA device...

4CVSS

3.9AI Score

0.0004EPSS

2022-12-08 04:15 PM
34
cve
cve

CVE-2022-39915

Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q(10), 12.2.11.3000 in Android R(11), 12.3.07.2000 in Android S(12), and 12.4.02.0 in Android T(13) allows attackers to access sensitive information via implicit...

5.5CVSS

5.8AI Score

0.0004EPSS

2022-12-08 04:15 PM
25
cve
cve

CVE-2022-39913

Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T(13) allows local attacker to access user profiles...

6.8CVSS

3.9AI Score

0.0004EPSS

2022-12-08 04:15 PM
30
cve
cve

CVE-2022-39912

Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure...

6.2CVSS

3.9AI Score

0.0004EPSS

2022-12-08 04:15 PM
27
cve
cve

CVE-2022-39903

Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local attackers to access RCS incoming call...

4CVSS

4AI Score

0.0004EPSS

2022-12-08 04:15 PM
39
cve
cve

CVE-2022-39897

Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via...

5.5CVSS

5.2AI Score

0.0004EPSS

2022-12-08 04:15 PM
28
cve
cve

CVE-2022-39907

Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds...

7.8CVSS

7.5AI Score

0.0004EPSS

2022-12-08 04:15 PM
25
cve
cve

CVE-2022-39901

Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and...

6.5CVSS

6.6AI Score

0.001EPSS

2022-12-08 04:15 PM
29
cve
cve

CVE-2022-39911

Improper check or handling of exceptional conditions vulnerability in Samsung Pass prior to version 4.0.06.1 allows attacker to access Samsung...

6.8CVSS

6.5AI Score

0.001EPSS

2022-12-08 04:15 PM
32
cve
cve

CVE-2022-39902

Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency...

7.5CVSS

7.3AI Score

0.001EPSS

2022-12-08 04:15 PM
26
cve
cve

CVE-2022-39905

Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit...

5.5CVSS

5.2AI Score

0.0004EPSS

2022-12-08 04:15 PM
26
cve
cve

CVE-2022-39906

Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message...

3.3CVSS

4.1AI Score

0.0004EPSS

2022-12-08 04:15 PM
27
cve
cve

CVE-2022-39908

TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds...

7.4CVSS

7.2AI Score

0.0005EPSS

2022-12-08 04:15 PM
33
cve
cve

CVE-2022-39909

Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager prior to version 2.1.221019.51 allows local attackers to create arbitrary file using symbolic...

7.1CVSS

5.4AI Score

0.0004EPSS

2022-12-08 04:15 PM
31
cve
cve

CVE-2022-39910

Improper access control vulnerability in Samsung Pass prior to version 4.0.06.7 allow physical attackers to access data of Samsung Pass on a certain state of an unlocked device using pop-up...

4.2CVSS

4.4AI Score

0.001EPSS

2022-12-08 04:15 PM
30
cve
cve

CVE-2022-39898

Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of...

4CVSS

4AI Score

0.0004EPSS

2022-12-08 04:15 PM
24
cve
cve

CVE-2022-39899

Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen...

5.7CVSS

4.7AI Score

0.0005EPSS

2022-12-08 04:15 PM
27
cve
cve

CVE-2022-39904

Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release 1 allows local attackers to access the Network Access Identifier via...

3.3CVSS

4AI Score

0.0004EPSS

2022-12-08 04:15 PM
27
cve
cve

CVE-2022-39900

Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice...

4.6CVSS

4.5AI Score

0.0005EPSS

2022-12-08 04:15 PM
32
cve
cve

CVE-2022-39894

Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit...

4CVSS

3.9AI Score

0.0004EPSS

2022-12-08 04:15 PM
22
cve
cve

CVE-2022-39895

Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit...

4CVSS

4AI Score

0.0004EPSS

2022-12-08 04:15 PM
26
cve
cve

CVE-2022-39896

Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit...

4CVSS

4.1AI Score

0.0004EPSS

2022-12-08 04:15 PM
24
cve
cve

CVE-2022-39883

Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged...

7.8CVSS

7.3AI Score

0.0004EPSS

2022-11-09 10:15 PM
29
6
cve
cve

CVE-2022-39886

Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022 Release 1 allows local attacker to access Device...

5.9CVSS

4AI Score

0.0004EPSS

2022-11-09 10:15 PM
26
2
cve
cve

CVE-2022-39890

Improper Authorization in Samsung Billing prior to version 5.0.56.0 allows attacker to get sensitive...

7.5CVSS

7.4AI Score

0.001EPSS

2022-11-09 10:15 PM
27
4
cve
cve

CVE-2022-39884

Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call...

4.3CVSS

4AI Score

0.0004EPSS

2022-11-09 10:15 PM
26
4
Total number of security vulnerabilities779