Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-28 | CVE-2023-21517 | Out-of-bounds Write vulnerability in Samsung Exynos Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code. | 9.8 |
| 2023-06-28 | CVE-2023-21518 | Unspecified vulnerability in Samsung Searchwidget 2.3.00.6 Improper access control vulnerability in SearchWidget prior to version 3.3 in China models allows untrusted applications to start arbitrary activity. | 7.8 |
| 2023-06-07 | CVE-2023-31114 | Incorrect Resource Transfer Between Spheres vulnerability in Samsung Exynos 5123 Firmware and Exynos 5300 Firmware An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. | 9.1 |
| 2023-06-07 | CVE-2023-31115 | Incorrect Resource Transfer Between Spheres vulnerability in Samsung Exynos 5123 Firmware and Exynos 5300 Firmware An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. | 7.5 |
| 2023-06-07 | CVE-2023-31116 | Incorrect Default Permissions vulnerability in Samsung Exynos 5123 Firmware and Exynos 5300 Firmware An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. | 9.8 |
| 2023-05-26 | CVE-2023-21514 | Improper Input Validation vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store. | 8.8 |
| 2023-05-26 | CVE-2023-21515 | Unspecified vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store. | 8.8 |
| 2023-05-26 | CVE-2023-21516 | Cross-site Scripting vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store. | 9.6 |
| 2023-05-09 | CVE-2023-29092 | Improper Handling of Exceptional Conditions vulnerability in Samsung products An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, and Exynos 1080. | 7.8 |
| 2023-05-04 | CVE-2023-21484 | Improper Authentication vulnerability in Samsung Android 11.0/12.0/13.0 Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation. | 7.8 |