Vulnerabilidades en Samsung Mobile
1316 resultadosCVE-2021-25376LOWAn improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLEPSS 0.8%CVE-2022-22289MEDIUMImproper access control vulnerability in S Assistant prior to version 7.5 allows attacker to remotely get senstive information.EPSS 0.8%CVE-2022-33713—Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to get sensitive information.EPSS 0.8%CVE-2022-39902MEDIUMImproper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEIEPSS 0.8%CVE-2021-25419—Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in adEPSS 0.8%CVE-2021-25444—An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process.EPSS 0.8%CVE-2021-25445—Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in SamsuEPSS 0.8%CVE-2021-25490MEDIUMA keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged prEPSS 0.8%CVE-2021-25466MEDIUMImproper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and EPSS 0.7%CVE-2022-24924LOWAn improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a specific named system directory without a prEPSS 0.7%CVE-2021-25360CRITICALAn improper input validation vulnerability in libswmfextractor library prior to SMR APR-2021 Release 1 allows attackers to execute arbitraryEPSS 0.7%CVE-2022-33707—Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device.EPSS 0.7%CVE-2023-42578MEDIUMImproper handling of insufficient permissions or privileges vulnerability in Samsung Data Store prior to version 5.2.00.7 allows remote attaEPSS 0.7%CVE-2023-21494MEDIUMPotential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remoteEPSS 0.7%CVE-2021-25385CRITICALAn improper input validation vulnerability in sdfffd_parse_chunk_PROP() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows aEPSS 0.6%CVE-2021-25386CRITICALAn improper input validation vulnerability in sdfffd_parse_chunk_FVER() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows aEPSS 0.6%CVE-2024-34657HIGHStack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote attackers to execute arbitrary code.EPSS 0.6%CVE-2023-30699HIGHOut-of-bounds write vulnerability in parser_hvcC function of libsimba library prior to SMR Aug-2023 Release 1 allows code execution by remotEPSS 0.6%CVE-2023-21503MEDIUMPotential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attaEPSS 0.6%CVE-2023-21504MEDIUMPotential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackersEPSS 0.6%