Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-09 | CVE-2023-21430 | Out-of-bounds Read vulnerability in Samsung Android 10.0/11.0 An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault. | 7.8 |
| 2023-02-09 | CVE-2023-21431 | Improper Input Validation vulnerability in Samsung Bixby Vision 3.7.50.6 Improper input validation in Bixby Vision prior to version 3.7.70.17 allows attacker to access data of Bixby Vision. | 3.3 |
| 2023-02-09 | CVE-2023-21432 | Unspecified vulnerability in Samsung Smart Things Improper access control vulnerabilities in Smart Things prior to 1.7.93 allows to attacker to invite others without authorization of the owner. | 7.8 |
| 2023-02-09 | CVE-2023-21433 | Incorrect Default Permissions vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store. | 7.8 |
| 2023-02-09 | CVE-2023-21434 | Cross-site Scripting vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page. | 6.1 |
| 2023-02-09 | CVE-2023-21435 | Information Exposure Through Log Files vulnerability in Samsung Android 11.0/12.0 Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log. | 5.5 |
| 2023-02-09 | CVE-2023-21436 | Unspecified vulnerability in Samsung Android 10.0/11.0 Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID. | 3.3 |
| 2023-02-09 | CVE-2023-21437 | Improper Authentication vulnerability in Samsung Android 10.0/11.0 Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast. | 5.5 |
| 2023-02-09 | CVE-2023-21438 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Android 11.0/12.0 Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder. | 2.4 |
| 2023-02-09 | CVE-2023-21439 | Improper Input Validation vulnerability in Samsung Android 12.0/13.0 Improper input validation vulnerability in UwbDataTxStatusEvent prior to SMR Feb-2023 Release 1 allows attackers to launch certain activities. | 7.8 |