Lucene search

K
SamsungAndroid

45 matches found

CVE
CVE
added 2023/08/10 2:15 a.m.2491 views

CVE-2023-30683

Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call endCall API without permission.

4.3CVSS4AI score0.00044EPSS
CVE
CVE
added 2023/08/10 2:15 a.m.2491 views

CVE-2023-30684

Improper access control in Samsung Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call acceptRingingCall API without permission.

4.3CVSS4AI score0.00044EPSS
CVE
CVE
added 2023/08/10 2:15 a.m.2490 views

CVE-2023-30682

Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call silenceRinger API without permission.

4.3CVSS4AI score0.00044EPSS
CVE
CVE
added 2023/05/04 9:15 p.m.538 views

CVE-2023-21492

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR.

4.4CVSS4.9AI score0.00494EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.63 views

CVE-2024-34650

Incorrect authorization in CocktailbarService prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to Edge panel.

4CVSS6.8AI score0.00037EPSS
CVE
CVE
added 2025/02/04 8:15 a.m.55 views

CVE-2025-20884

Improper access control in Samsung Message prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles.

4.6CVSS4.6AI score0.00031EPSS
CVE
CVE
added 2025/02/04 8:15 a.m.53 views

CVE-2025-20886

Inclusion of sensitive information in test code in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged attackers to get test key.

4.4CVSS4.2AI score0.00016EPSS
CVE
CVE
added 2024/07/02 10:15 a.m.50 views

CVE-2024-20900

Improper authentication in MTP application prior to SMR Jul-2024 Release 1 allows local attackers to enter MTP mode without proper authentication.

4CVSS7AI score0.00024EPSS
CVE
CVE
added 2025/02/04 8:15 a.m.49 views

CVE-2025-20883

Improper access control in SoundPicker prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles.

4.6CVSS6.8AI score0.00031EPSS
CVE
CVE
added 2024/04/02 3:15 a.m.48 views

CVE-2024-20847

Improper Access Control vulnerability in StorageManagerService prior to SMR Apr-2024 Release 1 allows local attackers to read sdcard information.

4CVSS6.4AI score0.00081EPSS
CVE
CVE
added 2023/03/16 9:15 p.m.47 views

CVE-2023-21460

Improper authentication in SecSettings prior to SMR Mar-2023 Release 1 allows attacker to reset the setting.

4.4CVSS4.8AI score0.00041EPSS
CVE
CVE
added 2024/05/07 5:15 a.m.47 views

CVE-2024-20856

Improper Authentication vulnerability in Secure Folder prior to SMR May-2024 Release 1 allows physical attackers to access Secure Folder without proper authentication in a specific scenario.

4.3CVSS6.6AI score0.00153EPSS
CVE
CVE
added 2024/05/07 5:15 a.m.47 views

CVE-2024-20860

Improper export of android application components vulnerability in TelephonyUI prior to SMR May-2024 Release 1 allows local attackers to reboot the device without proper permission.

4CVSS6.5AI score0.00086EPSS
CVE
CVE
added 2023/08/10 2:15 a.m.44 views

CVE-2023-30685

Improper access control vulnerability in Telecom prior to SMR Aug-2023 Release 1 allows local attakcers to change TTY mode.

4.3CVSS4AI score0.00064EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.43 views

CVE-2023-30721

Insertion of sensitive information into log vulnerability in Locksettings prior to SMR Sep-2023 Release 1 allows a privileged local attacker to get lock screen match information from the log.

4.4CVSS4.3AI score0.00065EPSS
CVE
CVE
added 2024/11/06 3:15 a.m.43 views

CVE-2024-49402

Improper input validation in Dressroom prior to SMR Nov-2024 Release 1 allow physical attackers to access data across multiple user profiles.

4.6CVSS4.7AI score0.00043EPSS
CVE
CVE
added 2025/05/07 9:15 a.m.43 views

CVE-2025-20960

Improper handling of insufficient permission in CocktailBarService prior to SMR May-2025 Release 1 allows local attackers to use the privileged api.

4CVSS4AI score0.00022EPSS
CVE
CVE
added 2025/05/07 9:15 a.m.43 views

CVE-2025-20962

Improper handling of insufficient permission in SpenGesture service prior to SMR May-2025 Release 1 allows local attackers to track the S Pen position.

4CVSS4.1AI score0.00021EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.42 views

CVE-2023-30715

Improper access control vulnerability in Weather prior to SMR Sep-2023 Release 1 allows attackers to access location information set in Weather without permission.

4CVSS4AI score0.00149EPSS
CVE
CVE
added 2024/11/06 3:15 a.m.42 views

CVE-2024-34674

Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles.

4.6CVSS4.6AI score0.00043EPSS
CVE
CVE
added 2023/02/09 7:15 p.m.41 views

CVE-2023-21428

Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code.

4CVSS4.1AI score0.00033EPSS
CVE
CVE
added 2024/11/06 3:15 a.m.41 views

CVE-2024-34677

Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate.

4CVSS4.1AI score0.00032EPSS
CVE
CVE
added 2024/07/02 10:15 a.m.40 views

CVE-2024-34583

Improper access control in system property prior to SMR Jul-2024 Release 1 allows local attackers to get device identifier.

4CVSS6.8AI score0.00041EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.40 views

CVE-2024-34652

Incorrect authorization in kperfmon prior to SMR Sep-2024 Release 1 allows local attackers to access information related to performance including app usage.

4CVSS6.6AI score0.00037EPSS
CVE
CVE
added 2024/12/03 6:15 a.m.39 views

CVE-2024-49411

Path Traversal in ThemeCenter prior to SMR Dec-2024 Release 1 allows physical attackers to copy apk files to arbitrary path with ThemeCenter privilege.

4.6CVSS4.7AI score0.00039EPSS
CVE
CVE
added 2024/07/02 10:15 a.m.38 views

CVE-2024-20894

Improper handling of exceptional conditions in Secure Folder prior to SMR Jul-2024 Release 1 allows physical attackers to bypass authentication under certain condition. User interaction is required for triggering this vulnerability.

4.3CVSS7AI score0.00041EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.37 views

CVE-2023-30717

Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to get unresettable identifiers.

4CVSS4AI score0.00149EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.37 views

CVE-2023-30718

Improper export of android application components vulnerability in WifiApAutoHotspotEnablingActivity prior to SMR Sep-2023 Release 1 allows local attacker to change a Auto Hotspot setting.

4CVSS3.9AI score0.00074EPSS
CVE
CVE
added 2024/11/06 3:15 a.m.37 views

CVE-2024-34675

Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen.

4.6CVSS3.6AI score0.00041EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.36 views

CVE-2023-30711

Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider.

4CVSS4.4AI score0.00123EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.36 views

CVE-2024-34642

Improper authorization in One UI Home prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access sensitive information.

4.6CVSS6.7AI score0.00056EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.36 views

CVE-2024-34653

Path Traversal in My Files prior to SMR Sep-2024 Release 1 allows physical attackers to access directories with My Files' privilege.

4.6CVSS6.8AI score0.0008EPSS
CVE
CVE
added 2025/05/07 9:15 a.m.36 views

CVE-2025-20958

Improper verification of intent by broadcast receiver in UnifiedWFC prior to SMR May-2025 Release 1 allows local attackers to manipulate VoWiFi related behaviors.

4.4CVSS4.6AI score0.00023EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.35 views

CVE-2024-34639

Improper handling of exceptional conditions in Setupwizard prior to SMR Aug-2024 Release 1 allows physical attackers to bypass proper validation.

4.6CVSS6.8AI score0.00065EPSS
CVE
CVE
added 2023/07/06 3:15 a.m.33 views

CVE-2023-30641

Improper access control vulnerability in Settings prior to SMR Jul-2023 Release 1 allows physical attacker to use restricted user profile to access device owner's google account data.

4.3CVSS4.4AI score0.0009EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.32 views

CVE-2023-30719

Exposure of Sensitive Information vulnerability in InboundSmsHandler prior to SMR Sep-2023 Release 1 allows local attackers to access certain message data.

4CVSS4AI score0.0011EPSS
CVE
CVE
added 2023/02/09 7:15 p.m.30 views

CVE-2023-21429

Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID.

4CVSS4.1AI score0.00088EPSS
CVE
CVE
added 2023/09/06 4:15 a.m.25 views

CVE-2023-30714

Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR Sep-2023 Release 1 allows physical attackers to change some settings of the folder lock.

4.6CVSS4.5AI score0.00144EPSS
CVE
CVE
added 2023/07/06 3:15 a.m.24 views

CVE-2023-30640

Improper access control vulnerability in PersonaManagerService prior to SMR Jul-2023 Release 1 allows local attackers to change confiugration.

4.3CVSS4AI score0.00047EPSS
CVE
CVE
added 2024/06/04 7:15 a.m.23 views

CVE-2024-20882

Out-of-bounds read vulnerability in bootloader prior to SMR June-2024 Release 1 allows physical attackers to arbitrary data access.

4.6CVSS6.8AI score0.00227EPSS
CVE
CVE
added 2023/12/05 3:15 a.m.22 views

CVE-2023-42569

Improper authorization verification vulnerability in AR Emoji prior to SMR Dec-2023 Release 1 allows attackers to read sandbox data of AR Emoji.

4CVSS4.1AI score0.00113EPSS
CVE
CVE
added 2023/07/06 3:15 a.m.20 views

CVE-2023-30665

Improper input validation vulnerability in OnOemServiceMode in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds read.

4.4CVSS4.6AI score0.00049EPSS
CVE
CVE
added 2024/08/07 2:15 a.m.20 views

CVE-2024-34617

Improper handling of insufficient permission in Telephony prior to SMR Aug-2024 Release 1 allows local attackers to configure default Message application.

4CVSS4.3AI score0.00039EPSS
CVE
CVE
added 2024/08/07 2:15 a.m.18 views

CVE-2024-34618

Improper access control in System property prior to SMR Aug-2024 Release 1 allows local attackers to access cell related information.

4CVSS4.2AI score0.00041EPSS
CVE
CVE
added 2025/07/08 11:15 a.m.6 views

CVE-2025-20999

Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Release 1 allows secondary users to access owner's saved Wi-Fi password.

4.1CVSS6.7AI score0.00014EPSS