Vulnerabilities > Samsung > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-05 | CVE-2023-42581 | Unspecified vulnerability in Samsung Galaxy Store Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data. | 7.5 |
2023-11-08 | CVE-2023-41111 | Out-of-bounds Write vulnerability in Samsung products An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). | 7.5 |
2023-11-08 | CVE-2023-41112 | Classic Buffer Overflow vulnerability in Samsung products An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). | 7.5 |
2023-11-07 | CVE-2023-30739 | Unspecified vulnerability in Samsung Android 11.0/12.0 Arbitrary File Descriptor Write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code. | 7.8 |
2023-11-07 | CVE-2023-42528 | Out-of-bounds Write vulnerability in Samsung Android 11.0/12.0 Improper Input Validation vulnerability in ProcessNvBuffering of libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code. | 7.8 |
2023-11-07 | CVE-2023-42529 | Out-of-bounds Write vulnerability in Samsung Android 11.0/12.0/13.0 Out-of-bound write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to execute arbitrary code. | 7.8 |
2023-11-07 | CVE-2023-42530 | Unspecified vulnerability in Samsung Android 11.0/12.0 Improper access control vulnerability in SecSettings prior to SMR Nov-2023 Release 1 allows attackers to enable Wi-Fi and Wi-Fi Direct without User Interaction. | 7.5 |
2023-11-07 | CVE-2023-42531 | Improper Authentication vulnerability in Samsung Android 11.0/12.0 Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local attackers to bypass restrictions on starting activities from the background. | 7.1 |
2023-11-07 | CVE-2023-42532 | Improper Certificate Validation vulnerability in Samsung Android 11.0/12.0 Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote attacker to intercept the network traffic including Firmware information. | 7.5 |
2023-11-07 | CVE-2023-42535 | Out-of-bounds Write vulnerability in Samsung Android 12.0/13.0 Out-of-bounds Write in read_block of vold prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code. | 7.8 |