Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-05 | CVE-2023-42575 | Incorrect Authorization vulnerability in Samsung Pass 4.0.05.1/4.2.03.1 Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid flag setting. | 6.8 |
| 2023-12-05 | CVE-2023-42576 | Improper Authentication vulnerability in Samsung Pass 4.0.05.1/4.2.03.1 Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication due to invalid exception handler. | 6.8 |
| 2023-12-05 | CVE-2023-42577 | Unspecified vulnerability in Samsung Voice Recorder Improper Access Control in Samsung Voice Recorder prior to versions 21.4.15.01 in Android 12 and Android 13, 21.4.50.17 in Android 14 allows physical attackers to access Voice Recorder information on the lock screen. low complexity samsung | 2.4 |
| 2023-12-05 | CVE-2023-42578 | Improper Handling of Exceptional Conditions vulnerability in Samsung Cloud 4.7.0.3/5.1.0.8 Improper handling of insufficient permissions or privileges vulnerability in Samsung Data Store prior to version 5.2.00.7 allows remote attackers to access location information without permission. | 7.5 |
| 2023-12-05 | CVE-2023-42579 | Cleartext Transmission of Sensitive Information vulnerability in Samsung Keyboard Improper usage of insecure protocol (i.e. | 5.3 |
| 2023-12-05 | CVE-2023-42580 | Unspecified vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store. | 9.8 |
| 2023-12-05 | CVE-2023-42581 | Unspecified vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data. | 7.5 |
| 2023-11-08 | CVE-2023-41111 | Out-of-bounds Write vulnerability in Samsung products An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). | 7.5 |
| 2023-11-08 | CVE-2023-41112 | Classic Buffer Overflow vulnerability in Samsung products An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). | 7.5 |
| 2023-11-08 | CVE-2023-41270 | Improper Restriction of Excessive Authentication Attempts vulnerability in Samsung Ue40D7000 Firmware Tgapdeuc1033.2 Improper Restriction of Excessive Authentication Attempts vulnerability in Samsung Smart TV UE40D7000 version T-GAPDEUC-1033.2 and before allows attackers to cause a denial of service via WPS attack tools. | 4.3 |