CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2023/02/09 7:15 p.m.•14 views

CVE-2023-21438

Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder...

2.4CVSS3.3AI score0.0023EPSS

OSV•added 2023/02/09 7:15 p.m.•2 views

CVE-2023-21419

An improper implementation logic in Secure Folder prior to SMR Jan-2023 Release 1 allows the Secure Folder container remain unlocked under certain condition...

7.5CVSS5.8AI score0.00237EPSS

NVD•added 2023/02/09 7:15 p.m.•11 views

CVE-2023-21419

An improper implementation logic in Secure Folder prior to SMR Jan-2023 Release 1 allows the Secure Folder container remain unlocked under certain condition...

7.5CVSS5.2AI score0.00237EPSS

Prion•added 2023/02/09 7:15 p.m.•22 views

Input validation

Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder...

2.1CVSS3.8AI score0.0023EPSS

Prion•added 2023/02/09 7:15 p.m.•23 views

Design/Logic Flaw

An improper implementation logic in Secure Folder prior to SMR Jan-2023 Release 1 allows the Secure Folder container remain unlocked under certain condition...

5CVSS7.4AI score0.00237EPSS

Cvelist•added 2023/02/09 12:0 a.m.•15 views

CVE-2023-21419

An improper implementation logic in Secure Folder prior to SMR Jan-2023 Release 1 allows the Secure Folder container remain unlocked under certain condition...

4.3CVSS7.6AI score0.00237EPSS

Vulnrichment•added 2023/02/09 12:0 a.m.•7 views

CVE-2023-21438

Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder...

2.1CVSS6.7AI score0.0023EPSS

CVE•added 2023/02/09 12:0 a.m.•57 views

CVE-2023-21438

CVE-2023-21438 : Samsung Mobile devices with affected HomeScreen prior to SMR Feb-2023 Release 1 expose a logic flaw that lets a physical attacker access an App preview guarded by Secure Folder. The issue is described as improper logic in HomeScreen, enabling access to protected previews. Public ...

2.4CVSS3.7AI score0.0023EPSS

Vulnrichment•added 2023/02/09 12:0 a.m.•6 views

CVE-2023-21419

An improper implementation logic in Secure Folder prior to SMR Jan-2023 Release 1 allows the Secure Folder container remain unlocked under certain condition...

4.3CVSS7AI score0.00237EPSS

Positive Technologies•added 2023/02/09 12:0 a.m.•3 views

PT-2023-18186 · Samsung · Secure Folder

Name of the Vulnerable Software and Affected Versions: Secure Folder versions prior to SMR Jan-2023 Release 1 Description: The issue is caused by an improper implementation logic in Secure Folder, which allows the Secure Folder container to remain unlocked under certain conditions. Recommendation...

7.5CVSS7.3AI score0.00237EPSS

Exploits0References3

CVE•added 2023/02/09 12:0 a.m.•66 views

CVE-2023-21419

CVE-2023-21419 describes an issue in Samsung Secure Folder where improper implementation logic can cause the Secure Folder container to remain unlocked under certain conditions. Affected software: Secure Folder on Samsung devices (prior to SMR Jan-2023 Release 1). Root cause: implementation flaw ...

7.5CVSS7.4AI score0.00237EPSS

Cvelist•added 2023/02/09 12:0 a.m.•18 views

CVE-2023-21438

Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder...

2.1CVSS3.8AI score0.0023EPSS

CNNVD•added 2023/02/09 12:0 a.m.•4 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, and more, from South Korea's Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices, which stems from the implementation logic of Secure Folder that allows it to remain unlocked under...

7.5CVSS7.3AI score0.00237EPSS

Exploits0References2

ATTACKERKB•added 2023/02/08 2:15 a.m.•0 views

CVE-2023-0720

The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajaxsavefolderorder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke...

5.4CVSS5.9AI score0.00576EPSS

ATTACKERKB•added 2023/02/08 2:15 a.m.•2 views

CVE-2023-0717

The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajaxdeletefolder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke th...

5.4CVSS5.9AI score0.00576EPSS

ATTACKERKB•added 2023/02/08 2:15 a.m.•3 views

CVE-2023-0716

The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajaxeditfolder function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke this...

5.4CVSS5.9AI score0.00576EPSS

ATTACKERKB•added 2023/02/08 2:15 a.m.•1 views

CVE-2023-0722

The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajaxsavestate function. This makes it possible for unauthenticated attackers to invoke this function via forge...

5.4CVSS5.8AI score0.00308EPSS