29 matches found
CVE-2022-25822
An use after free vulnerability in sdp driver prior to SMR Mar-2022 Release 1 allows kernel crash...
CVE-2022-25821
Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read...
CVE-2022-25814
PendingIntent hijacking vulnerability in Wearable Manager Installer prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent...
Spoofing
PendingIntent hijacking vulnerability in Weather application prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent...
Authentication flaw
Improper authentication in One UI Home prior to SMR Mar-2022 Release 1 allows attacker to generate pinned-shortcut without user consent...
Spoofing
PendingIntent hijacking vulnerability in Wearable Manager Installer prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent...
CVE-2022-24932
Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard...
CVE-2022-24928
Security misconfiguration of RKP in kernel prior to SMR Mar-2022 Release 1 allows a system not to be protected by RKP...
Input validation
Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard...
Improper access control
Improper access control vulnerability in dynamic receiver in ApkInstaller prior to SMR MAR-2022 Release allows unauthorized attackers to execute arbitrary activity without a proper permission...
Authentication flaw
Unprotected Activity in AppLock prior to SMR Mar-2022 Release 1 allows attacker to change the list of locked app without authentication...
CVE-2022-25822
Technical details about CVE-2022-25822 are not publicly available in the provided documents; monitor for updates.
CVE-2022-25821
CVE-2022-25821 affects Samsung’s Shannon baseband (SMS handling). The vulnerability arises from improper use of the SMS buffer pointer, enabling an out-of-bounds read. Public sources describe impact as read access to memory due to buffer mismanagement in Shannon baseband prior to SMR Mar-2022 Rel...
CVE-2022-25821
Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read...
CVE-2022-25820
CVE-2022-25820 concerns Samsung’s fingerprint matching algorithm, with a vulnerable design present before SMR Mar-2022 Release 1. It enables a physical attacker to brute-force a screen-lock password. The issue is linked to local access and high confidentiality impact per CVSS 3.1 metrics. A fix i...
CVE-2022-25820
A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows physical attackers to perform brute force attack on screen lock password...
CVE-2022-25819
CVE-2022-25819 is an OOB read vulnerability in the hdcp2 device node prior to Samsung SMR Mar-2022 Release 1, allowing an attacker to view kernel stack memory. Affected component: hdcp2 device node; root cause: out-of-bounds read. Impact: potential kernel memory exposure. Remediation: Samsung pro...
CVE-2022-25818
CVE-2022-25818 affects the Samsung UWB stack (prior to SMR Mar-2022 Release 1). The issue is an improper boundary check in the UWB implementation that enables arbitrary code execution. Public details across connected records confirm the vulnerability exists in Samsung/UWB, with mitigation via Sam...
CVE-2022-25818
Improper boundary check in UWB stack prior to SMR Mar-2022 Release 1 allows arbitrary code execution...
CVE-2022-25816
Improper authentication in Samsung Lock and mask apps setting prior to SMR Mar-2022 Release 1 allows attacker to change enable/disable without authentication...