213680 matches found
Authentication flaw
An issue was discovered in Ericsson Evolved Packet Gateway EPG versions 3.x before 3.25 and 2.x before 2.16, allows authenticated users to bypass system CLI and execute commands they are authorized to execute directly in the UNIX shell...
Design/Logic Flaw
Softing OPC Suite version 5.25 and before has Incorrect Access Control, allows attackers to obtain sensitive information via weak permissions in OSFdiscovery service. The service executable could be changed or the service could be deleted...
Input validation
Dell PowerScale OneFS, 8.2.2.x through 9.6.0.x, contains an improper control of a resource through its lifetime vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, leading to denial of service...
Design/Logic Flaw
Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contains an improper control of a resource through its lifetime vulnerability. A low privilege attacker could potentially exploit this vulnerability, leading to loss of information, and information disclosure...
Design/Logic Flaw
Dell OS10 Networking Switches running 10.5.2.x and above contain an Uncontrolled Resource Consumption Denial of Service vulnerability, when switches are configured with VLT and VRRP. A remote unauthenticated user can cause the network to be flooded leading to Denial of Service for actual network...
Authentication flaw
An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device...
Improper access control
Improper access control vulnerability in SmartManagerCN prior to SMR Dec-2023 Release 1 allows local attackers to access arbitrary files with system privilege...
Design/Logic Flaw
Transient DOS in Modem when a Beam switch request is made with a non-configured BWP...
Design/Logic Flaw
Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids...
Memory corruption
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments...
Memory corruption
Memory corruption while using the UIM diag command to get the operators name...
Heap overflow
Heap out-of-bounds write vulnerability in decmonoaudb of libsavsac.so prior to SMR Dec-2023 Release 1 allows an attacker to execute arbitrary code...
Information disclosure
Implicit intent hijacking vulnerability in Samsung Account Web SDK prior to version 1.5.24 allows attacker to get sensitive information...
Improper access control
Improper access control in knoxcustom service prior to SMR Dec-2023 Release 1 allows attacker to send broadcast with system privilege...
Memory corruption
Memory corruption while submitting a large list of sync points in an AUX command to the IOCTLKGSLGPUAUXCOMMAND...
Design/Logic Flaw
Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data...
Design/Logic Flaw
Transient DOS in Bluetooth Host while rfc slot allocation...
Input validation
Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store...
Design/Logic Flaw
Improper usage of insecure protocol i.e. HTTP in SogouSDK of Chinese Samsung Keyboard prior to versions 5.3.70.1 in Android 11, 5.4.60.49, 5.4.85.5, 5.5.00.58 in Android 12, and 5.6.00.52, 5.6.10.42, 5.7.00.45 in Android 13 allows adjacent attackers to access keystroke data using Man-in-the-Middl...
Authentication flaw
Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid flag setting...
Memory corruption
Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length...
Memory corruption
Memory Corruption in camera while installing a fd for a particular DMA buffer...
Memory corruption
Memory Corruption in Audio while invoking IOCTLs calls from the user-space...
Memory corruption
Memory Corruption in SPS Application while exporting public key in sorter TA...
Memory corruption
Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache...
Memory corruption
Memory corruption while loading an ELF segment in TEE Kernel...
Memory corruption
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level...
Memory corruption
Memory corruption in HLOS while invoking IOCTL calls from user-space...
Memory corruption
Memory corruption in Kernel while parsing metadata...
Design/Logic Flaw
Transient DOS in Data modem while handling TLB control messages from the Network...
Memory corruption
Memory corruption in DSP Services during a remote call from HLOS to DSP...
Memory corruption
Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size...
Design/Logic Flaw
Transient DOS in WLAN Firmware while processing a FTMR frame...
Information disclosure
Transient DOS while converting TWT Target Wake Time frame parameters in the OTA broadcast...
Code injection
Transient DOS while parsing WPA IES, when it is passed with length more than expected size...
Memory corruption
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call...
Memory corruption
Memory corruption in WLAN Host while processing RRM beacon on the AP...
Null pointer dereference
Transient DOS when processing a NULL buffer while parsing WLAN vdev...
Memory corruption
Memory corruption in Core while processing RX intent request...
Memory corruption
Memory corruption when processing cmd parameters while parsing vdev...
Information disclosure
Transient DOS while parsing a vender specific IE Information Element of reassociation response management frame...
Cross site scripting
Out of bounds write vulnerability in HDCP in HAL prior to SMR Dec-2023 Release 1 allows attacker to perform code execution...
Input validation
Improper exception management vulnerability in Knox Guard prior to SMR Dec-2023 Release 1 allows Knox Guard lock bypass via changing system time...
Integer overflow
Integer overflow vulnerability in landmarkCopyImageToNative of libFacePreProcessingjni.camera.samsung.so prior to SMR Dec-2023 Release 1 allows attacker to trigger heap overflow...
Cross site scripting
Out-of-bound write vulnerability in libsavsvc prior to SMR Dec-2023 Release 1 allows local attackers to execute arbitrary code...
Improper access control
Improper access control vulnerability in KnoxCustomManagerService prior to SMR Dec-2023 Release 1 allows attacker to access device SIM PIN...
Design/Logic Flaw
Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device...
Design/Logic Flaw
Improper usage of implicit intent in Contacts prior to SMR Dec-2023 Release 1 allows attacker to get sensitive information...
Improper access control
Improper Access Control in Samsung Voice Recorder prior to versions 21.4.15.01 in Android 12 and Android 13, 21.4.50.17 in Android 14 allows physical attackers to access Voice Recorder information on the lock screen...
Stack overflow
Improper size check vulnerability in softsimd prior to SMR Dec-2023 Release 1 allows stack-based buffer overflow...