69 matches found
Input validation
Improper input validation in MyFiles prior to version 12.2.09 in Android R11, 13.1.03.501 in Android S 12 and 14.1.00.422 in Android T13 allows local attacker to access data of MyFiles...
Stack overflow
A Stack-based overflow vulnerability in IpcRxEmbmsSessionList in SECRIL prior to Android S12 allows attacker to cause memory corruptions...
Improper access control
Improper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R11 and 3.2.01.007 in Android S12 allows local attackers to get device location information...
CVE-2023-21451
A Stack-based overflow vulnerability in IpcRxEmbmsSessionList in SECRIL prior to Android S12 allows attacker to cause memory corruptions...
CVE-2023-21445
Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R11, 13.1.03.501 in Android S12 and 14.1.00.422 in Android T13 allows local attacker to write file with MyFiles privilege via implicit intent...
CVE-2023-21451
CVE-2023-21451 : A stack-based overflow affects the IpcRxEmbmsSessionList component in SECRIL on Samsung Android devices prior to Android S(12), leading to memory corruption. The vulnerability is local in nature with attacker-controlled memory corruption potential as described in multiple sources...
CVE-2023-21446
CVE-2023-21446 involves Samsung MyFiles where improper input validation prior to versions 12.2.09 (Android R/11), 13.1.03.501 (Android S/12), and 14.1.00.422 (Android T/13) allows a local attacker to access MyFiles data. The affected component is MyFiles, with the root cause being input validatio...
CVE-2023-21441
The CVE-2023-21441 entry concerns a Guarded Routine component in Android on Samsung devices with insufficient verification of data authenticity. Affected versions are Android Q before 2.6.30.6, Android R before 3.1.21.10, and Android S before 3.5.2.23, where a local attacker could access protecte...
CVE-2023-21451
A Stack-based overflow vulnerability in IpcRxEmbmsSessionList in SECRIL prior to Android S12 allows attacker to cause memory corruptions...
CVE-2023-21442
Improper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R11 and 3.2.01.007 in Android S12 allows local attackers to get device location information...
CVE-2023-21442
CVE-2023-21442 affects the Runestone app. The vulnerability is due to improper access control in Runestone versions prior to 2.9.09.003 on Android R (11) and prior to 3.2.01.007 on Android S (12). Local attackers could obtain device location information. Remediation: upgrade to Runestone 2.9.09.0...
CVE-2022-39915
CVE-2022-39915 is an improper access control vulnerability in the Samsung Calendar app. It affects Calendar versions prior to: Android Q 11.6.08.0, Android R 12.2.11.3000, Android S 12.3.07.2000, and Android T 12.4.02.0, where an attacker could access sensitive information via implicit intent. Th...
CVE-2022-39915
Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q10, 12.2.11.3000 in Android R11, 12.3.07.2000 in Android S12, and 12.4.02.0 in Android T13 allows attackers to access sensitive information via implicit intent...
CVE-2022-39877
Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S12, 13.0.6.14 in Android R11 and below allows attackers to identify the device...
CVE-2022-39862
Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R11 and 3.3.03.66 in Android S12 allows unauthorized use of javascript interface api...
CVE-2022-39862
Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R11 and 3.3.03.66 in Android S12 allows unauthorized use of javascript interface api...
Authorization
Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R11 and 3.3.03.66 in Android S12 allows unauthorized use of javascript interface api...
Improper access control
Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S12, 13.0.6.14 in Android R11 and below allows attackers to identify the device...
CVE-2022-39877
Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S12, 13.0.6.14 in Android R11 and below allows attackers to identify the device...
CVE-2022-39877
Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S12, 13.0.6.14 in Android R11 and below allows attackers to identify the device...