Lucene search
K

19 matches found

NVD
NVD
added 2023/02/09 7:15 p.m.19 views

CVE-2023-21427

Improper access control vulnerability in NfcTile prior to SMR Jan-2023 Release 1 allows to attacker to use NFC without user recognition...

6.5CVSS5.7AI score0.00256EPSS
Exploits0References1
NVD
NVD
added 2023/02/09 7:15 p.m.30 views

CVE-2023-21430

An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault...

7.8CVSS5.4AI score0.00178EPSS
Exploits0References1
NVD
NVD
added 2023/02/09 7:15 p.m.16 views

CVE-2023-21428

Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code...

4CVSS4.2AI score0.00169EPSS
Exploits0References1
NVD
NVD
added 2023/02/09 7:15 p.m.28 views

CVE-2023-21420

Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution...

7.8CVSS7.8AI score0.00205EPSS
Exploits0References1
NVD
NVD
added 2023/02/09 7:15 p.m.41 views

CVE-2023-21421

Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN...

7.8CVSS6.2AI score0.00157EPSS
Exploits0References1
Prion
Prion
added 2023/02/09 7:15 p.m.20 views

Authorization

Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService...

1.7CVSS5.4AI score0.0015EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/02/09 7:15 p.m.22 views

Format string

Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution...

4.3CVSS8AI score0.00205EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/02/09 7:15 p.m.23 views

Design/Logic Flaw

An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault...

4.3CVSS7.4AI score0.00178EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/02/09 12:0 a.m.23 views

CVE-2023-21419

An improper implementation logic in Secure Folder prior to SMR Jan-2023 Release 1 allows the Secure Folder container remain unlocked under certain condition...

4.3CVSS7.6AI score0.00237EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/09 12:0 a.m.4 views

PT-2023-18194 · Nfctile · Nfctile

Name of the Vulnerable Software and Affected Versions: NfcTile versions prior to SMR Jan-2023 Release 1 Description: The issue is related to improper access control, allowing an attacker to use NFC without user recognition. Recommendations: For versions prior to SMR Jan-2023 Release 1, update to...

6.5CVSS6.3AI score0.00256EPSS
Exploits0References2
CVE
CVE
added 2023/02/09 12:0 a.m.61 views

CVE-2023-21422

The CVE-2023-21422 entry relates to Samsung’s WifiSevice, where the function semAddPublicDnsAddr allows binding the WifiService to set a custom DNS server without permission. Affected are WifiSevice versions prior to SMR Jan-2023 Release 1. The root cause is improper authorization in semAddPublic...

5.7CVSS5.4AI score0.0015EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/02/09 12:0 a.m.59 views

CVE-2023-21428

CVE-2023-21428 affects TelephonyUI prior to SMR Jan-2023 Release 1. The issue is due to improper input validation, allowing an attacker to configure Preferred Call. The patch reportedly removes unused code. Impact per available data includes local access with low to moderate severity (I/L, A/N). ...

4CVSS4.1AI score0.00169EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/02/09 12:0 a.m.47 views

CVE-2023-21421

CVE-2023-21421 concerns the KnoxCustomManagerService on Samsung devices prior to the SMR Jan-2023 Release 1. The issue arises from improper handling of insufficient permissions or privileges, enabling a local attacker with low privileges to access the device’s SIM PIN. The red flags indicate a lo...

7.8CVSS7.5AI score0.00157EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/02/09 12:0 a.m.29 views

CVE-2023-21430

An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault...

4.4CVSS7.6AI score0.00178EPSS
Exploits0References1
CVE
CVE
added 2023/02/09 12:0 a.m.51 views

CVE-2023-21423

CVE-2023-21423 affects Samsung ChnFileShareKit prior to SMR Jan-2023 Release 1. The root cause is improper authorization, enabling an attacker to control BLE advertising without permission via an unprotected action. Impact is described as local control with confidentiality and integrity implicati...

5.5CVSS5.4AI score0.0015EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/02/09 12:0 a.m.68 views

CVE-2023-21424

The CVE-2023-21424 issue affects SemChameleonHelper prior to SMR Jan-2023 Release 1, due to improper handling of insufficient permissions/privileges. An attacker could modify network-related values, network code, carrier ID and operator brand. Impact is limited to local context with low base metr...

5.1CVSS4.1AI score0.00151EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/02/09 12:0 a.m.54 views

CVE-2023-21426

The CVE-2023-21426 vulnerability affects Samsung mobile devices running SMR prior to Jan-2023 Release 1, where a hardcoded AES key is used to encrypt card emulation PINs in NFC. The root cause is the hardcoded key in the NFC card emulation workflow, enabling local attackers to access cardemulatio...

5.5CVSS5.4AI score0.00158EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/02/09 12:0 a.m.32 views

CVE-2023-21429

Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID...

4CVSS4.6AI score0.00156EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/09 12:0 a.m.31 views

CVE-2023-21421

Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN...

5.9CVSS7.7AI score0.00157EPSS
Exploits0References1
Rows per page
Query Builder