Vulnerabilities > Samsung > High

DATE CVE VULNERABILITY TITLE RISK
2023-12-05 CVE-2023-42581 Unspecified vulnerability in Samsung Galaxy Store
Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data.
network
low complexity
samsung
7.5
2023-11-08 CVE-2023-41111 Out-of-bounds Write vulnerability in Samsung products
An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123).
network
low complexity
samsung CWE-787
7.5
2023-11-08 CVE-2023-41112 Classic Buffer Overflow vulnerability in Samsung products
An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123).
network
low complexity
samsung CWE-120
7.5
2023-11-07 CVE-2023-30739 Unspecified vulnerability in Samsung Android 11.0/12.0
Arbitrary File Descriptor Write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.
local
low complexity
samsung
7.8
2023-11-07 CVE-2023-42528 Out-of-bounds Write vulnerability in Samsung Android 11.0/12.0
Improper Input Validation vulnerability in ProcessNvBuffering of libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.
local
low complexity
samsung CWE-787
7.8
2023-11-07 CVE-2023-42529 Out-of-bounds Write vulnerability in Samsung Android 11.0/12.0/13.0
Out-of-bound write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to execute arbitrary code.
local
low complexity
samsung CWE-787
7.8
2023-11-07 CVE-2023-42530 Unspecified vulnerability in Samsung Android 11.0/12.0
Improper access control vulnerability in SecSettings prior to SMR Nov-2023 Release 1 allows attackers to enable Wi-Fi and Wi-Fi Direct without User Interaction.
network
low complexity
samsung
7.5
2023-11-07 CVE-2023-42531 Improper Authentication vulnerability in Samsung Android 11.0/12.0
Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local attackers to bypass restrictions on starting activities from the background.
local
low complexity
samsung CWE-287
7.1
2023-11-07 CVE-2023-42532 Improper Certificate Validation vulnerability in Samsung Android 11.0/12.0
Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote attacker to intercept the network traffic including Firmware information.
network
low complexity
samsung CWE-295
7.5
2023-11-07 CVE-2023-42535 Out-of-bounds Write vulnerability in Samsung Android 12.0/13.0
Out-of-bounds Write in read_block of vold prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.
local
low complexity
samsung CWE-787
7.8