7 matches found
CVE-2026-21037
Samsung Members (pre-5.8.01.5) is affected by improper input validation that enables local attackers to access an arbitrary URL and launch an arbitrary activity with Samsung Members privileges. The root cause is insufficient input validation within the app, leading to privilege escalation on the ...
PT-2026-46921
Improper authorization in AppBlock prior to SMR Jun-2026 Release 1 allows local attacker to launch arbitrary activity. User interaction is required for triggering this vulnerability...
PT-2026-46927
Name of the Vulnerable Software and Affected Versions Samsung Members versions prior to 5.8.01.5 Description Improper input validation allows local attackers to access arbitrary URLs and launch arbitrary activities using Samsung Members privileges. Recommendations Update to version 5.8.01.5 or...
PT-2026-25593
Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...
CVE-2023-21139
In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2022-33685
Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information...
CVE-2022-22292
Unprotected dynamic receiver in Telecom prior to SMR Feb-2022 Release 1 allows untrusted applications to launch arbitrary activity...