Lucene search

K
SamsungAndroid11.0

137 matches found

CVE
CVE
added 2023/08/10 2:15 a.m.43 views

CVE-2023-30700

PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in framework prior to SMR Aug-2023 Release 1 allows local attackers to access ContentProvider without proper permission.

5.3CVSS4AI score0.00067EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.43 views

CVE-2023-30721

Insertion of sensitive information into log vulnerability in Locksettings prior to SMR Sep-2023 Release 1 allows a privileged local attacker to get lock screen match information from the log.

4.4CVSS4.3AI score0.00065EPSS
CVE
CVE
added 2023/03/16 9:15 p.m.42 views

CVE-2023-21457

Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1 allows attackers to send file via Bluetooth without related permission.

8.1CVSS7.9AI score0.00038EPSS
CVE
CVE
added 2023/08/10 2:15 a.m.42 views

CVE-2023-30654

Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location.

6.7CVSS5.3AI score0.00024EPSS
CVE
CVE
added 2023/08/10 2:15 a.m.42 views

CVE-2023-30679

Improper access control in HDCP trustlet prior to SMR Aug-2023 Release 1 allows local attackers to execute arbitrary code.

7.8CVSS7.7AI score0.00049EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.42 views

CVE-2023-30715

Improper access control vulnerability in Weather prior to SMR Sep-2023 Release 1 allows attackers to access location information set in Weather without permission.

4CVSS4AI score0.00149EPSS
CVE
CVE
added 2024/03/05 8:15 a.m.42 views

CVE-2024-20833

Use after free vulnerability in pub_crypto_recv_msg prior to SMR Mar-2024 Release 1 due to race condition allows local attackers with system privilege to cause memory corruption.

6.4CVSS4.7AI score0.00053EPSS
CVE
CVE
added 2023/02/09 7:15 p.m.41 views

CVE-2023-21428

Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code.

4CVSS4.1AI score0.00033EPSS
CVE
CVE
added 2023/03/16 9:15 p.m.41 views

CVE-2023-21449

Improper access control vulnerability in Call application prior to SMR Mar-2023 Release 1 allows local attackers to access sensitive information without proper permission.

5.5CVSS5.2AI score0.0006EPSS
CVE
CVE
added 2023/08/10 2:15 a.m.41 views

CVE-2023-30686

Out-of-bounds Write in ReqDataRaw of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

7.8CVSS7.7AI score0.00029EPSS
CVE
CVE
added 2023/08/10 2:15 a.m.41 views

CVE-2023-30696

An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.

7.8CVSS7.4AI score0.00028EPSS
CVE
CVE
added 2024/01/04 1:15 a.m.41 views

CVE-2024-20803

Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction.

6.8CVSS6.6AI score0.00093EPSS
CVE
CVE
added 2024/02/06 3:15 a.m.41 views

CVE-2024-20813

Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.

8.4CVSS7.7AI score0.00153EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.39 views

CVE-2023-30720

PendingIntent hijacking in LmsAssemblyTrackerCTC prior to SMR Sep-2023 Release 1 allows local attacker to gain arbitrary file access.

5.5CVSS5.6AI score0.001EPSS
CVE
CVE
added 2023/02/09 7:15 p.m.38 views

CVE-2023-21445

Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13) allows local attacker to write file with MyFiles privilege via implicit intent.

7.8CVSS7.3AI score0.00035EPSS
CVE
CVE
added 2023/02/09 7:15 p.m.38 views

CVE-2023-21446

Improper input validation in MyFiles prior to version 12.2.09 in Android R(11), 13.1.03.501 in Android S( 12) and 14.1.00.422 in Android T(13) allows local attacker to access data of MyFiles.

6.2CVSS5.3AI score0.0004EPSS
CVE
CVE
added 2023/06/28 9:15 p.m.38 views

CVE-2023-21513

Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition.

6.8CVSS6.4AI score0.00156EPSS
CVE
CVE
added 2023/07/06 3:15 a.m.38 views

CVE-2023-30649

Heap out of bound write vulnerability in RmtUimNeedApdu of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.

7.8CVSS7.9AI score0.00066EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.38 views

CVE-2023-30706

Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to read arbitrary file with system privilege.

7.5CVSS5.1AI score0.00259EPSS
CVE
CVE
added 2023/05/04 9:15 p.m.37 views

CVE-2023-21486

Improper export of android application components vulnerability in ImagePreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox.

5.3CVSS4.5AI score0.00072EPSS
CVE
CVE
added 2023/08/10 2:15 a.m.37 views

CVE-2023-30687

Out-of-bounds Write in RmtUimApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

7.8CVSS7.7AI score0.00029EPSS
CVE
CVE
added 2023/08/10 2:15 a.m.37 views

CVE-2023-30701

PendingIntent hijacking in WifiGeofenceManager prior to SMR Aug-2023 Release 1 allows local attacker to arbitrary file access.

5.5CVSS5.4AI score0.00054EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.37 views

CVE-2023-30717

Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to get unresettable identifiers.

4CVSS4AI score0.00149EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.37 views

CVE-2023-30718

Improper export of android application components vulnerability in WifiApAutoHotspotEnablingActivity prior to SMR Sep-2023 Release 1 allows local attacker to change a Auto Hotspot setting.

4CVSS3.9AI score0.00074EPSS
CVE
CVE
added 2024/02/06 3:15 a.m.37 views

CVE-2024-20812

Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.

8.4CVSS7.7AI score0.00064EPSS
CVE
CVE
added 2023/02/09 7:15 p.m.36 views

CVE-2023-21420

Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution.

7.8CVSS8AI score0.00074EPSS
CVE
CVE
added 2023/05/04 9:15 p.m.36 views

CVE-2023-21487

Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call setting.

5.1CVSS4AI score0.00032EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.36 views

CVE-2023-30710

Improper input validation vulnerability in Knox AI prior to SMR Sep-2023 Release 1 allows local attackers to launch privileged activities.

8.5CVSS7.3AI score0.00076EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.36 views

CVE-2023-30711

Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider.

4CVSS4.4AI score0.00123EPSS
CVE
CVE
added 2024/01/04 1:15 a.m.36 views

CVE-2024-20806

Improper access control in Notification service prior to SMR Jan-2024 Release 1 allows local attacker to access notification data.

6.2CVSS5.3AI score0.00054EPSS
CVE
CVE
added 2024/02/06 3:15 a.m.36 views

CVE-2024-20816

Improper authentication vulnerability in onCharacteristicWriteRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness.

8CVSS6.5AI score0.00086EPSS
CVE
CVE
added 2023/02/09 7:15 p.m.35 views

CVE-2023-21430

An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault.

7.8CVSS7.3AI score0.0004EPSS
CVE
CVE
added 2023/02/09 7:15 p.m.35 views

CVE-2023-21435

Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log.

5.5CVSS5.3AI score0.00051EPSS
CVE
CVE
added 2023/02/09 7:15 p.m.35 views

CVE-2023-21442

Improper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R(11) and 3.2.01.007 in Android S(12) allows local attackers to get device location information.

5.5CVSS5.3AI score0.00054EPSS
CVE
CVE
added 2023/07/06 3:15 a.m.35 views

CVE-2023-30644

Stack out of bound write vulnerability in CdmaSmsParser of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.

7.8CVSS7.9AI score0.00087EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.35 views

CVE-2023-30707

Improper input validation vulnerability in FileProviderStatusReceiver in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows local attackers to delete arbitrary files with Samsung Keyboard privilege.

7.1CVSS6.8AI score0.00046EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.35 views

CVE-2023-30713

Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep-2023 Release 1 allows local attackers to change some settings of the folder lock.

6.2CVSS5.4AI score0.00074EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.35 views

CVE-2023-30716

Improper access control vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to trigger certain commands.

5.5CVSS5.4AI score0.00111EPSS
CVE
CVE
added 2023/03/16 9:15 p.m.34 views

CVE-2023-21452

Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device.

3.3CVSS4.1AI score0.00084EPSS
CVE
CVE
added 2023/05/04 9:15 p.m.34 views

CVE-2023-21484

Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation.

7.8CVSS7.4AI score0.00027EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.34 views

CVE-2023-30709

Improper access control in Dual Messenger prior to SMR Sep-2023 Release 1 allows local attackers launch activity with system privilege.

7.9CVSS6.3AI score0.00065EPSS
CVE
CVE
added 2023/11/07 8:15 a.m.34 views

CVE-2023-42529

Out-of-bound write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to execute arbitrary code.

7.8CVSS7.7AI score0.00049EPSS
CVE
CVE
added 2023/02/09 7:15 p.m.33 views

CVE-2023-21425

Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information.

5.5CVSS5.3AI score0.00056EPSS
CVE
CVE
added 2023/05/04 9:15 p.m.33 views

CVE-2023-21493

Improper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected data.

6.8CVSS5.3AI score0.00048EPSS
CVE
CVE
added 2023/07/06 3:15 a.m.33 views

CVE-2023-30663

Improper input validation vulnerability in OemPersonalizationSetLock in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write.

7.8CVSS7.3AI score0.00042EPSS
CVE
CVE
added 2023/08/10 2:15 a.m.33 views

CVE-2023-30699

Out-of-bounds write vulnerability in parser_hvcC function of libsimba library prior to SMR Aug-2023 Release 1 allows code execution by remote attackers.

9.8CVSS9.5AI score0.02241EPSS
CVE
CVE
added 2024/02/06 3:15 a.m.33 views

CVE-2024-20815

Improper authentication vulnerability in onCharacteristicReadRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness.

8CVSS6.5AI score0.00152EPSS
CVE
CVE
added 2023/02/09 7:15 p.m.32 views

CVE-2023-21421

Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN.

7.8CVSS7.5AI score0.00037EPSS
CVE
CVE
added 2023/03/16 9:15 p.m.32 views

CVE-2023-21454

Improper authorization in Samsung Keyboard prior to SMR Mar-2023 Release 1 allows physical attacker to access users text history on the lockscreen.

2.4CVSS3.8AI score0.00108EPSS
CVE
CVE
added 2023/03/16 9:15 p.m.32 views

CVE-2023-21461

Improper authorization vulnerability in AutoPowerOnOffConfirmDialog in Settings prior to SMR Mar-2023 Release 1 allows local attacker to turn device off via unprotected activity.

5.5CVSS5.3AI score0.00039EPSS
Total number of security vulnerabilities137