18 matches found
CVE-2022-25822
An use after free vulnerability in sdp driver prior to SMR Mar-2022 Release 1 allows kernel crash...
CVE-2022-25821
Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read...
CVE-2022-25814
PendingIntent hijacking vulnerability in Wearable Manager Installer prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent...
Spoofing
PendingIntent hijacking vulnerability in Weather application prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent...
CVE-2022-24932
Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard...
CVE-2022-25822
Technical details about CVE-2022-25822 are not publicly available in the provided documents; monitor for updates.
CVE-2022-25821
CVE-2022-25821 affects Samsung’s Shannon baseband (SMS handling). The vulnerability arises from improper use of the SMS buffer pointer, enabling an out-of-bounds read. Public sources describe impact as read access to memory due to buffer mismanagement in Shannon baseband prior to SMR Mar-2022 Rel...
CVE-2022-25821
Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read...
CVE-2022-25820
CVE-2022-25820 concerns Samsung’s fingerprint matching algorithm, with a vulnerable design present before SMR Mar-2022 Release 1. It enables a physical attacker to brute-force a screen-lock password. The issue is linked to local access and high confidentiality impact per CVSS 3.1 metrics. A fix i...
CVE-2022-25820
A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows physical attackers to perform brute force attack on screen lock password...
CVE-2022-25819
CVE-2022-25819 is an OOB read vulnerability in the hdcp2 device node prior to Samsung SMR Mar-2022 Release 1, allowing an attacker to view kernel stack memory. Affected component: hdcp2 device node; root cause: out-of-bounds read. Impact: potential kernel memory exposure. Remediation: Samsung pro...
CVE-2022-25818
Improper boundary check in UWB stack prior to SMR Mar-2022 Release 1 allows arbitrary code execution...
CVE-2022-25818
CVE-2022-25818 affects the Samsung UWB stack (prior to SMR Mar-2022 Release 1). The issue is an improper boundary check in the UWB implementation that enables arbitrary code execution. Public details across connected records confirm the vulnerability exists in Samsung/UWB, with mitigation via Sam...
CVE-2022-25814
The CVE-2022-25814 entry describes a local PendingIntent hijacking flaw in Wearable Manager Installer (Android) prior to Samsung SMR Mar-2022 Release 1. Root cause: hijack of PendingIntent to cause unauthorized actions without permission. Affected component: Wearable Manager Installer. Impact per...
CVE-2022-25814
PendingIntent hijacking vulnerability in Wearable Manager Installer prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent...
CVE-2022-24932
The CVE-2022-24932 entry concerns Samsung Setup wizard: an Improper Protection of Alternate Path vulnerability in the Setup wizard process allows a physical attacker to install packages before the wizard completes. Affected versions are Setup wizard versions prior to SMR Mar-2022 Release 1. The u...
CVE-2022-24929
Unprotected Activity in AppLock prior to SMR Mar-2022 Release 1 allows attacker to change the list of locked app without authentication...
CVE-2022-24928
CVE-2022-24928 describes a security misconfiguration in Samsung’s RKP (kernel protection) mechanism prior to the SMR Mar-2022 Release 1. The root cause is a misconfiguration that leaves the system not protected by RKP. As a result, confidentiality, integrity, and availability can be affected on a...