Vulnerabilities > Samsung > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-07 | CVE-2023-31115 | Incorrect Resource Transfer Between Spheres vulnerability in Samsung Exynos 5123 Firmware and Exynos 5300 Firmware An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. | 7.5 |
| 2023-05-26 | CVE-2023-21514 | Improper Input Validation vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store. | 8.8 |
| 2023-05-26 | CVE-2023-21515 | Unspecified vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store. | 8.8 |
| 2023-05-09 | CVE-2023-29092 | Improper Handling of Exceptional Conditions vulnerability in Samsung products An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, and Exynos 1080. | 7.8 |
| 2023-05-04 | CVE-2023-21484 | Improper Authentication vulnerability in Samsung Android 11.0/12.0/13.0 Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation. | 7.8 |
| 2023-05-04 | CVE-2023-21488 | Unspecified vulnerability in Samsung Android 11.0/12.0/13.0 Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips. | 7.8 |
| 2023-05-04 | CVE-2023-21490 | Unspecified vulnerability in Samsung Android 11.0/12.0/13.0 Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager. | 7.1 |
| 2023-05-04 | CVE-2023-21491 | Unspecified vulnerability in Samsung Android 12.0/13.0 Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with system privilege. | 7.8 |
| 2023-05-04 | CVE-2023-21497 | Use of Externally-Controlled Format String vulnerability in Samsung Android 13.0 Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address. | 7.8 |
| 2023-05-04 | CVE-2023-21498 | Improper Input Validation vulnerability in Samsung Android 13.0 Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to overwrite the trustlet memory. | 7.8 |