Lucene search
+L

28 matches found

NVD
NVD
added 2023/05/04 9:15 p.m.27 views

CVE-2023-21495

Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device admin is set...

5.5CVSS4.7AI score0.00151EPSS
Exploits0References1
NVD
NVD
added 2023/05/04 9:15 p.m.19 views

CVE-2023-21499

Out-of-bounds write vulnerability in TACommunicationmposencryptpin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code...

8.2CVSS8.3AI score0.0019EPSS
Exploits0References1
NVD
NVD
added 2023/05/04 9:15 p.m.32 views

CVE-2023-21484

Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation...

7.8CVSS5.9AI score0.00148EPSS
Exploits0References1
Prion
Prion
added 2023/05/04 9:15 p.m.16 views

Buffer overflow

Potential buffer overflow vulnerability in mmPlmncoordination.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access...

7.5CVSS9.5AI score0.00624EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/05/04 9:15 p.m.21 views

Improper access control

Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with system privilege...

4.3CVSS7.5AI score0.00152EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/05/04 9:15 p.m.15 views

Improper access control

Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager...

3.2CVSS6.7AI score0.00128EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/05/04 9:15 p.m.19 views

Cross site scripting

Out-of-bounds write vulnerability in TACommunicationmposencryptpin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code...

4.3CVSS7.8AI score0.0019EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/05/04 9:15 p.m.18 views

Input validation

Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox...

2.1CVSS4.6AI score0.0025EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/05/04 9:15 p.m.23 views

Improper access control

Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation...

4.3CVSS7.4AI score0.00148EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/04 12:0 a.m.29 views

CVE-2023-21501

Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code...

8.2CVSS8.5AI score0.0019EPSS
Exploits0References1
CVE
CVE
added 2023/05/04 12:0 a.m.46 views

CVE-2023-21493

CVE-2023-21493 affects SemShareFileProvider prior to SMR May-2023 Release 1. The vulnerability is an improper access-control issue that enables local attackers to access protected data. Root cause is insufficient access restrictions on SemShareFileProvider components. Affected software is SemShar...

6.8CVSS5.3AI score0.00151EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/04 12:0 a.m.10 views

CVE-2023-21497

Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address...

4.4CVSS7.5AI score0.00179EPSS
Exploits0References1
CVE
CVE
added 2023/05/04 12:0 a.m.44 views

CVE-2023-21496

CVE-2023-21496 affects ActivityManagerService in Android/Samsung devices. Affected: ActivityManagerService versions prior to SMR May-2023 Release 1. Issue: Active Debug Code vulnerability allows an attacker to use a debug function by setting the debug level. Evidence of patching: Samsung/Google s...

6.1CVSS5.5AI score0.00176EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/04 12:0 a.m.47 views

CVE-2023-21495

CVE-2023-21495 concerns an improper access control bug in the Knox Enrollment Service on Samsung devices, prior to SMR May-2023 Release 1. The issue could allow an attacker to install a KSP app when device admin is set. Root cause: access control weakness in Knox Enrollment Service. Severity metr...

5.5CVSS5.4AI score0.00151EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/04 12:0 a.m.51 views

CVE-2023-21498

CVE-2023-21498 concerns Samsung’s mPOS TUI trustlet. The vulnerability is an improper input validation flaw in the function setPartnerTAInfo, which can allow a local attacker to overwrite trustlet memory. The issue is addressed in the SMR May-2023 Release 1 or later (per multiple sources in the c...

7.8CVSS7.4AI score0.00179EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/04 12:0 a.m.47 views

CVE-2023-21501

The CVE-2023-21501 entry concerns Samsung mobile devices where an improper input validation vulnerability in the mPOS fiserve trustlet (pre-SMR May-2023 Release 1) permits a local attacker to execute arbitrary code. Affected component: mPOS fiserve trustlet; root cause: inadequate input validatio...

8.2CVSS7.7AI score0.0019EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/04 12:0 a.m.49 views

CVE-2023-21485

CVE-2023-21485 describes an issue in Android/Samsung devices where the vulnerability occurs in the VideoPreviewActivity within Call Settings, allowing a physical attacker to access some media data stored in the device sandbox. The core problem is an improper export of Android application componen...

5.3CVSS4.5AI score0.0025EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/04 12:0 a.m.42 views

CVE-2023-21504

CVE-2023-21504 affects Shannon baseband, specifically the mm_Plmncoordination.c module. A potential buffer overflow exists in Shannon baseband prior to SMR May-2023 Release 1, allowing remote attackers to cause invalid memory access. Root cause: issues in the mm_Plmncoordination.c implementation ...

9.8CVSS9.5AI score0.00624EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/05/04 12:0 a.m.12 views

PT-2023-18251 · Unknown · Mpos Tui Trustlet

Name of the Vulnerable Software and Affected Versions: mPOS TUI trustlet versions prior to SMR May-2023 Release 1 Description: The issue allows local attackers to access the memory address due to the use of an externally-controlled format string vulnerability in the mPOS TUI trustlet...

7.8CVSS7.5AI score0.00179EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/05/04 12:0 a.m.27 views

CVE-2023-21489

Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code...

7.1CVSS7.3AI score0.00267EPSS
Exploits0References1
Rows per page
Query Builder