Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-05 | CVE-2023-42573 | Unspecified vulnerability in Samsung Search Widget PendingIntent hijacking vulnerability in Search Widget prior to version 3.4 in China models allows local attackers to access data. | 5.5 |
| 2023-12-05 | CVE-2023-42574 | Unspecified vulnerability in Samsung Gamehomecn Improper access control vulnerablility in GameHomeCN prior to version 4.2.60.2 allows local attackers to launch arbitrary activity in GameHomeCN. | 7.8 |
| 2023-12-05 | CVE-2023-42575 | Incorrect Authorization vulnerability in Samsung Pass 4.0.05.1/4.2.03.1 Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid flag setting. | 6.8 |
| 2023-12-05 | CVE-2023-42576 | Improper Authentication vulnerability in Samsung Pass 4.0.05.1/4.2.03.1 Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid exception handler. | 6.8 |
| 2023-12-05 | CVE-2023-42577 | Unspecified vulnerability in Samsung Voice Recorder 21.4.15.01 Improper Access Control in Samsung Voice Recorder prior to versions 21.4.15.01 in Android 12 and Android 13, 21.4.50.17 in Android 14 allows physical attackers to access Voice Recorder information on the lock screen. low complexity samsung | 2.4 |
| 2023-12-05 | CVE-2023-42578 | Improper Handling of Exceptional Conditions vulnerability in Samsung Cloud 4.7.0.3/5.1.0.8/5.2.00.7 Improper handling of insufficient permissions or privileges vulnerability in Samsung Data Store prior to version 5.2.00.7 allows remote attackers to access location information without permission. | 7.5 |
| 2023-12-05 | CVE-2023-42579 | Cleartext Transmission of Sensitive Information vulnerability in Samsung Keyboard Improper usage of insecure protocol (i.e. | 5.3 |
| 2023-12-05 | CVE-2023-42580 | Unspecified vulnerability in Samsung Galaxy Store Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store. | 9.8 |
| 2023-12-05 | CVE-2023-42581 | Unspecified vulnerability in Samsung Galaxy Store Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data. | 7.5 |
| 2023-11-08 | CVE-2023-41111 | Out-of-bounds Write vulnerability in Samsung products An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). | 7.5 |