28 matches found
CVE-2023-21495
Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device admin is set...
CVE-2023-21499
Out-of-bounds write vulnerability in TACommunicationmposencryptpin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code...
CVE-2023-21484
Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation...
Improper access control
Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation...
Improper access control
Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with system privilege...
Input validation
Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox...
Cross site scripting
Out-of-bounds write vulnerability in TACommunicationmposencryptpin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code...
Improper access control
Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager...
Buffer overflow
Potential buffer overflow vulnerability in mmPlmncoordination.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access...
CVE-2023-21499
Out-of-bounds write vulnerability in TACommunicationmposencryptpin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code...
CVE-2023-21501
Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code...
CVE-2023-21493
CVE-2023-21493 affects SemShareFileProvider prior to SMR May-2023 Release 1. The vulnerability is an improper access-control issue that enables local attackers to access protected data. Root cause is insufficient access restrictions on SemShareFileProvider components. Affected software is SemShar...
CVE-2023-21497
Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address...
CVE-2023-21495
CVE-2023-21495 concerns an improper access control bug in the Knox Enrollment Service on Samsung devices, prior to SMR May-2023 Release 1. The issue could allow an attacker to install a KSP app when device admin is set. Root cause: access control weakness in Knox Enrollment Service. Severity metr...
CVE-2023-21496
CVE-2023-21496 affects ActivityManagerService in Android/Samsung devices. Affected: ActivityManagerService versions prior to SMR May-2023 Release 1. Issue: Active Debug Code vulnerability allows an attacker to use a debug function by setting the debug level. Evidence of patching: Samsung/Google s...
CVE-2023-21486
CVE-2023-21486 concerns an improper export of Android components in ImagePreviewActivity within Samsung Call Settings, enabling a physical attacker to access certain media data in sandbox. The issue is tied to specific Samsung SMR May-2023 Release 1 updates; remediation is provided via the May-20...
CVE-2023-21501
The CVE-2023-21501 entry concerns Samsung mobile devices where an improper input validation vulnerability in the mPOS fiserve trustlet (pre-SMR May-2023 Release 1) permits a local attacker to execute arbitrary code. Affected component: mPOS fiserve trustlet; root cause: inadequate input validatio...
CVE-2023-21499
The vulnerability CVE-2023-21499 affects the mPOS TUI trustlet on Samsung devices, specifically the TA_Communication_mpos_encrypt_pin function. It is an out-of-bounds write in this component prior to SMR May-2023 Release 1, enabling local attackers to execute arbitrary code. Exploitation details ...
CVE-2023-21489
Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code...
CVE-2023-21493
Improper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected data...