Lucene search

K
SamsungAndroid13.0

286 matches found

CVE
CVE
added 2025/05/07 9:15 a.m.43 views

CVE-2025-20962

Improper handling of insufficient permission in SpenGesture service prior to SMR May-2025 Release 1 allows local attackers to track the S Pen position.

4CVSS4.1AI score0.00021EPSS
CVE
CVE
added 2025/05/07 9:15 a.m.43 views

CVE-2025-20963

Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory.

7.8CVSS6.3AI score0.00021EPSS
CVE
CVE
added 2023/03/16 9:15 p.m.42 views

CVE-2023-21453

Improper input validation vulnerability in SoftSim TA prior to SMR Mar-2023 Release 1 allows local attackers access to protected data.

6CVSS5.3AI score0.00023EPSS
CVE
CVE
added 2023/03/16 9:15 p.m.42 views

CVE-2023-21457

Improper access control vulnerability in Bluetooth prior to SMR Mar-2023 Release 1 allows attackers to send file via Bluetooth without related permission.

8.1CVSS7.9AI score0.00038EPSS
CVE
CVE
added 2023/08/10 2:15 a.m.42 views

CVE-2023-30654

Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location.

6.7CVSS5.3AI score0.00024EPSS
CVE
CVE
added 2023/08/10 2:15 a.m.42 views

CVE-2023-30679

Improper access control in HDCP trustlet prior to SMR Aug-2023 Release 1 allows local attackers to execute arbitrary code.

7.8CVSS7.7AI score0.00049EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.42 views

CVE-2023-30715

Improper access control vulnerability in Weather prior to SMR Sep-2023 Release 1 allows attackers to access location information set in Weather without permission.

4CVSS4AI score0.00149EPSS
CVE
CVE
added 2024/03/05 8:15 a.m.42 views

CVE-2024-20833

Use after free vulnerability in pub_crypto_recv_msg prior to SMR Mar-2024 Release 1 due to race condition allows local attackers with system privilege to cause memory corruption.

6.4CVSS4.7AI score0.00053EPSS
CVE
CVE
added 2024/04/02 3:15 a.m.42 views

CVE-2024-20849

Out-of-bound Write vulnerability in chunk parsing implementation of libsdffextractor prior to SMR Apr-2023 Release 1 allows local attackers to execute arbitrary code.

7.8CVSS7.3AI score0.0007EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.42 views

CVE-2024-34646

Improper access control in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to cause local permanent denial of service.

6.6CVSS6.8AI score0.0004EPSS
CVE
CVE
added 2024/10/08 7:15 a.m.42 views

CVE-2024-34669

Out-of-bounds write in parsing h.263+ format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

8.8CVSS8.2AI score0.00567EPSS
CVE
CVE
added 2024/11/06 3:15 a.m.42 views

CVE-2024-34674

Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles.

4.6CVSS4.6AI score0.00043EPSS
CVE
CVE
added 2023/02/09 7:15 p.m.41 views

CVE-2023-21428

Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code.

4CVSS4.1AI score0.00033EPSS
CVE
CVE
added 2023/05/04 9:15 p.m.41 views

CVE-2023-21503

Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.

9.8CVSS9.5AI score0.00571EPSS
CVE
CVE
added 2023/08/10 2:15 a.m.41 views

CVE-2023-30686

Out-of-bounds Write in ReqDataRaw of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

7.8CVSS7.7AI score0.00029EPSS
CVE
CVE
added 2023/08/10 2:15 a.m.41 views

CVE-2023-30696

An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.

7.8CVSS7.4AI score0.00028EPSS
CVE
CVE
added 2024/01/04 1:15 a.m.41 views

CVE-2024-20803

Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction.

6.8CVSS6.6AI score0.00093EPSS
CVE
CVE
added 2024/02/06 3:15 a.m.41 views

CVE-2024-20813

Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.

8.4CVSS7.7AI score0.00153EPSS
CVE
CVE
added 2024/07/02 10:15 a.m.41 views

CVE-2024-20889

Improper authentication in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to pair with devices.

5.9CVSS7.2AI score0.00036EPSS
CVE
CVE
added 2024/07/02 10:15 a.m.41 views

CVE-2024-20899

Use of implicit intent for sensitive communication in RCS function in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.

5.5CVSS6.8AI score0.00036EPSS
CVE
CVE
added 2024/07/02 10:15 a.m.41 views

CVE-2024-34585

Improper access control in launchApp of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.

7.8CVSS6.8AI score0.00035EPSS
CVE
CVE
added 2024/10/08 7:15 a.m.41 views

CVE-2024-34666

Out-of-bounds write in parsing h.264 format in a specific mode in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

8.8CVSS8.1AI score0.00567EPSS
CVE
CVE
added 2024/11/06 3:15 a.m.41 views

CVE-2024-34677

Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate.

4CVSS4.1AI score0.00032EPSS
CVE
CVE
added 2025/05/07 9:15 a.m.41 views

CVE-2025-20937

Out-of-bounds write in Keymaster trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.

6.7CVSS6.3AI score0.00018EPSS
CVE
CVE
added 2023/07/06 3:15 a.m.40 views

CVE-2023-30671

Logic error in package installation via adb command prior to SMR Jul-2023 Release 1 allows local attackers to downgrade installed application.

6.3CVSS5.5AI score0.0003EPSS
CVE
CVE
added 2024/07/02 10:15 a.m.40 views

CVE-2024-34583

Improper access control in system property prior to SMR Jul-2024 Release 1 allows local attackers to get device identifier.

4CVSS6.8AI score0.00041EPSS
CVE
CVE
added 2024/07/02 10:15 a.m.40 views

CVE-2024-34589

Improper input validation in parsing RTCP RR packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.

6.5CVSS7.1AI score0.00297EPSS
CVE
CVE
added 2024/07/02 10:15 a.m.40 views

CVE-2024-34591

Improper input validation in parsing an item data from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.

5.3CVSS7.1AI score0.00297EPSS
CVE
CVE
added 2024/07/02 10:15 a.m.40 views

CVE-2024-34592

Improper input validation in parsing RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.

5.3CVSS7.1AI score0.00297EPSS
CVE
CVE
added 2024/07/02 10:15 a.m.40 views

CVE-2024-34593

Improper input validation in parsing and distributing RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

8.8CVSS8.2AI score0.006EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.40 views

CVE-2024-34641

Improper Export of Android Application Components in FeliCaTest prior to SMR Sep-2024 Release 1 allows local attackers to enable NFC configuration.

5.1CVSS6.8AI score0.00045EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.40 views

CVE-2024-34652

Incorrect authorization in kperfmon prior to SMR Sep-2024 Release 1 allows local attackers to access information related to performance including app usage.

4CVSS6.6AI score0.00037EPSS
CVE
CVE
added 2024/11/06 3:15 a.m.40 views

CVE-2024-49401

Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities.

7.1CVSS5.1AI score0.00028EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.39 views

CVE-2023-30720

PendingIntent hijacking in LmsAssemblyTrackerCTC prior to SMR Sep-2023 Release 1 allows local attacker to gain arbitrary file access.

5.5CVSS5.6AI score0.001EPSS
CVE
CVE
added 2023/10/04 4:15 a.m.39 views

CVE-2023-30732

Improper access control in system property prior to SMR Oct-2023 Release 1 allows local attacker to get CPU serial number.

5.5CVSS4AI score0.00109EPSS
CVE
CVE
added 2024/07/02 10:15 a.m.39 views

CVE-2024-34586

Improper access control in KnoxCustomManagerService prior to SMR Jul-2024 Release 1 allows local attackers to configure Knox privacy policy.

5.9CVSS6.8AI score0.00043EPSS
CVE
CVE
added 2024/10/08 7:15 a.m.39 views

CVE-2024-34662

Improper access control in ActivityManager prior to SMR Oct-2024 Release 1 in select Android 12, 13 and SMR Sep-2024 Release 1 in select Android 14 allows local attackers to execute privileged behaviors.

7.8CVSS7.1AI score0.00033EPSS
CVE
CVE
added 2024/10/08 7:15 a.m.39 views

CVE-2024-34668

Out-of-bounds write in parsing h.263 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

8.8CVSS8.2AI score0.00567EPSS
CVE
CVE
added 2024/12/03 6:15 a.m.39 views

CVE-2024-49411

Path Traversal in ThemeCenter prior to SMR Dec-2024 Release 1 allows physical attackers to copy apk files to arbitrary path with ThemeCenter privilege.

4.6CVSS4.7AI score0.00039EPSS
CVE
CVE
added 2023/02/09 7:15 p.m.38 views

CVE-2023-21423

Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action.

5.5CVSS5.4AI score0.00044EPSS
CVE
CVE
added 2023/02/09 7:15 p.m.38 views

CVE-2023-21445

Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13) allows local attacker to write file with MyFiles privilege via implicit intent.

7.8CVSS7.3AI score0.00035EPSS
CVE
CVE
added 2023/02/09 7:15 p.m.38 views

CVE-2023-21446

Improper input validation in MyFiles prior to version 12.2.09 in Android R(11), 13.1.03.501 in Android S( 12) and 14.1.00.422 in Android T(13) allows local attacker to access data of MyFiles.

6.2CVSS5.3AI score0.0004EPSS
CVE
CVE
added 2023/06/28 9:15 p.m.38 views

CVE-2023-21513

Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition.

6.8CVSS6.4AI score0.00156EPSS
CVE
CVE
added 2023/07/06 3:15 a.m.38 views

CVE-2023-30649

Heap out of bound write vulnerability in RmtUimNeedApdu of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.

7.8CVSS7.9AI score0.00066EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.38 views

CVE-2023-30706

Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to read arbitrary file with system privilege.

7.5CVSS5.1AI score0.00259EPSS
CVE
CVE
added 2024/04/02 3:15 a.m.38 views

CVE-2024-20843

Out-of-bound write vulnerability in command parsing implementation of libIfaaCa prior to SMR Apr-2024 Release 1 allows local privileged attackers to execute arbitrary code.

6.7CVSS7.4AI score0.0005EPSS
CVE
CVE
added 2024/07/02 10:15 a.m.38 views

CVE-2024-20894

Improper handling of exceptional conditions in Secure Folder prior to SMR Jul-2024 Release 1 allows physical attackers to bypass authentication under certain condition. User interaction is required for triggering this vulnerability.

4.3CVSS7AI score0.00041EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.38 views

CVE-2024-34645

Improper input validation in ThemeCenter prior to SMR Sep-2024 Release 1 allows physical attackers to install privileged applications.

6.1CVSS6.7AI score0.00059EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.38 views

CVE-2024-34651

Improper authorization in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access restricted data in My Files.

6.2CVSS6.8AI score0.00034EPSS
CVE
CVE
added 2024/11/06 3:15 a.m.38 views

CVE-2024-34678

Out-of-bounds write in libsapeextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption.

7.8CVSS5.7AI score0.00033EPSS
Total number of security vulnerabilities286