ASB-A-383131643

In multiple locations, there is a possible way to use apps linked from a context menu of a lockscreen app due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-380909632

In tbd of tbd, there is a possible lockscreen bypass due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-20827

Improper access control vulnerability in Samsung Gallery prior to version 14.5.04.4 allows physical attackers to access the picture using physical keyboard on the lockscreen...

CVE-2023-21234

In launchConfirmationActivity of ChooseLockSettingsHelper.java, there is a possible way to enable developer options without the lockscreen PIN due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no...

CVE-2023-21095

In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2023-21235

In onCreate of LockSettingsActivity.java, there is a possible way set a new lockscreen PIN without entering the existing PIN due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitatio...

CVE-2023-20924

In TBD of TBD, there is a possible way to bypass the lockscreen due to Biometric Auth Failure. This could lead to local escalation of privilege with physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2022-20465

In dismiss and related functions of KeyguardHostViewController.java and related files, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2022-39862

Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R11 and 3.3.03.66 in Android S12 allows unauthorized use of javascript interface api...

CVE-2022-20497

In updatePublicMode of NotificationLockscreenUserManagerImpl.java, there is a possible way to reveal sensitive notifications on the lockscreen due to an incorrect state transition. This could lead to local information disclosure with physical access required and an app that runs above the...

CVE-2022-20529

In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege in wifi settings with no additional execution privileges needed. User interaction is not needed for...

CVE-2022-20006

In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what's under the lockscreen due to a race condition. This could lead to local escalation of privilege if a Guest user is enabled, with no additional execution privileges needed. User...

CVE-2021-25335

Improper lockscreen status check in cocktailbar service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows unauthenticated users to access hidden notification contents over the lockscreen in specific condition...

CVE-2021-25333

Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code...

CVE-2021-25505

Improper authentication in Samsung Pass prior to 3.0.02.4 allows to use app without authentication when lockscreen is unlocked...

CVE-2021-25332

Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to contacts information over the lockscreen in specific condition...

CVE-2021-25513

An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen...

CVE-2020-1279

An elevation of privilege vulnerability exists when Windows Lockscreen fails to properly load spotlight images from a secure location, aka 'Windows Lockscreen Elevation of Privilege Vulnerability'...

CVE-2020-1398

An elevation of privilege vulnerability exists when Windows Lockscreen fails to properly handle Ease of Access dialog.An attacker who successfully exploited the vulnerability could execute commands with elevated permissions.The security update addresses the vulnerability by ensuring that the Ease...

CVE-2020-13837

An issue was discovered on Samsung mobile devices with Q10.0 software. The Lockscreen feature does not block Quick Panel access to Music Share. The Samsung ID is SVE-2020-17145 June 2020...