Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-08 | CVE-2023-41270 | Improper Restriction of Excessive Authentication Attempts vulnerability in Samsung Ue40D7000 Firmware Tgapdeuc1033.2 Improper Restriction of Excessive Authentication Attempts vulnerability in Samsung Smart TV UE40D7000 version T-GAPDEUC-1033.2 and before allows attackers to cause a denial of service via WPS attack tools. | 4.3 |
| 2023-11-07 | CVE-2023-42527 | Improper Input Validation vulnerability in Samsung Android 11.0/12.0 Improper input validation vulnerability in ProcessWriteFile of libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to expose sensitive information. | 5.5 |
| 2023-11-07 | CVE-2023-42533 | Unspecified vulnerability in Samsung Android 12.0/13.0 Improper Input Validation with USB Gadget Interface prior to SMR Nov-2023 Release 1 allows a physical attacker to execute arbitrary code in Kernel. low complexity samsung | 6.8 |
| 2023-11-07 | CVE-2023-42534 | Files or Directories Accessible to External Parties vulnerability in Samsung Android 12.0/13.0 Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows local attackers to read arbitrary files with system privilege. | 5.5 |
| 2023-11-07 | CVE-2023-42539 | Unspecified vulnerability in Samsung Health PendingIntent hijacking vulnerability in ChallengeNotificationManager in Samsung Health prior to version 6.25 allows local attackers to access data. | 5.5 |
| 2023-11-07 | CVE-2023-42540 | Unspecified vulnerability in Samsung Account Improper access control vulnerability in Samsung Account prior to version 14.5.01.1 allows attackers to access sensitive information via implicit intent. | 5.5 |
| 2023-11-07 | CVE-2023-42541 | Incorrect Authorization vulnerability in Samsung Push Service Improper authorization in PushClientProvider of Samsung Push Service prior to version 3.4.10 allows attacker to access unique id. | 5.3 |
| 2023-11-07 | CVE-2023-42544 | Unspecified vulnerability in Samsung Quick Share 13.1.2.4/3.5.14.18/3.5.16.20 Improper access control vulnerability in Quick Share prior to 13.5.52.0 allows local attacker to access local files. | 5.5 |
| 2023-11-07 | CVE-2023-42546 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Account Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege. | 6.5 |
| 2023-11-07 | CVE-2023-42547 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Account Use of implicit intent for sensitive communication vulnerability in startEmailValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege. | 6.5 |