Vulnerabilities > Samsung > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-26 | CVE-2023-21514 | Improper Input Validation vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store. | 8.8 |
| 2023-05-26 | CVE-2023-21515 | Unspecified vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store. | 8.8 |
| 2023-05-09 | CVE-2023-29092 | Improper Handling of Exceptional Conditions vulnerability in Samsung products An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, and Exynos 1080. | 7.8 |
| 2023-05-04 | CVE-2023-21484 | Improper Authentication vulnerability in Samsung Android 11.0/12.0/13.0 Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local attackers without proper permission to execute a privileged operation. | 7.8 |
| 2023-05-04 | CVE-2023-21488 | Unspecified vulnerability in Samsung Android 11.0/12.0/13.0 Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips. | 7.8 |
| 2023-05-04 | CVE-2023-21490 | Unspecified vulnerability in Samsung Android 11.0/12.0/13.0 Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager. | 7.1 |
| 2023-05-04 | CVE-2023-21491 | Unspecified vulnerability in Samsung Android 12.0/13.0 Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with system privilege. | 7.8 |
| 2023-05-04 | CVE-2023-21497 | Use of Externally-Controlled Format String vulnerability in Samsung Android 13.0 Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the memory address. | 7.8 |
| 2023-05-04 | CVE-2023-21498 | Improper Input Validation vulnerability in Samsung Android 13.0 Improper input validation vulnerability in setPartnerTAInfo in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to overwrite the trustlet memory. | 7.8 |
| 2023-05-04 | CVE-2023-21499 | Out-of-bounds Write vulnerability in Samsung Android 13.0 Out-of-bounds write vulnerability in TA_Communication_mpos_encrypt_pin in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code. | 7.8 |