Vulnerabilities > Samsung > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-10 CVE-2023-30701 Unspecified vulnerability in Samsung Android 11.0/12.0
PendingIntent hijacking in WifiGeofenceManager prior to SMR Aug-2023 Release 1 allows local attacker to arbitrary file access.
local
low complexity
samsung
5.5
2023-08-10 CVE-2023-30703 Unspecified vulnerability in Samsung Members
Improper URL validation vulnerability in Samsung Members prior to version 14.0.07.1 allows attackers to access sensitive information.
network
low complexity
samsung
4.3
2023-08-10 CVE-2023-30704 Unspecified vulnerability in Samsung Internet
Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication.
low complexity
samsung
4.6
2023-08-10 CVE-2023-30705 Incorrect Authorization vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission.
local
low complexity
samsung CWE-863
5.5
2023-08-08 CVE-2023-36482 Classic Buffer Overflow vulnerability in Samsung products
An issue was discovered in Samsung NFC S3NRN4V, S3NSN4V, S3NSEN4, SEN82AB, and S3NRN82.
low complexity
samsung CWE-120
4.3
2023-07-20 CVE-2023-38523 Missing Authentication for Critical Function vulnerability in Samsung products
The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed.
network
low complexity
samsung CWE-306
5.3
2023-07-06 CVE-2023-30641 Unspecified vulnerability in Samsung Android 13.0
Improper access control vulnerability in Settings prior to SMR Jul-2023 Release 1 allows physical attacker to use restricted user profile to access device owner's google account data.
low complexity
samsung
4.3
2023-07-06 CVE-2023-30642 Improper Privilege Management vulnerability in Samsung Android 12.0/13.0
Improper privilege management vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to call privilege function.
local
low complexity
samsung CWE-269
5.5
2023-07-06 CVE-2023-30648 Out-of-bounds Write vulnerability in Samsung Android 11.0/12.0/13.0
Stack out-of-bounds write vulnerability in IpcRxImeiUpdateImeiNoti of RILD priro to SMR Jul-2023 Release 1 cause a denial of service on the system.
local
low complexity
samsung CWE-787
5.5
2023-07-06 CVE-2023-30660 Unspecified vulnerability in Samsung Android 12.0/13.0
Exposure of Sensitive Information vulnerability in getDefaultChipId in UwbAospAdapterService prior to SMR Jul-2023 Release 1 allows local attackers to access the UWB chipset Identifier.
local
low complexity
samsung
5.5