Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
Samsung Mobile Samsung Mobile Devices

Version R(11), S(12)

OTHER 16 CVEs

Known Vulnerabilities

CVE-2023-21422

Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService.

MEDIUM CVSS 5.7 Published Feb 09, 2023

CVE-2023-21438

Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder.

LOW CVSS 2.1 Published Feb 09, 2023

CVE-2022-39879

Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid.

MEDIUM CVSS 5.9 Published Nov 09, 2022

CVE-2022-39880

Improper input validation vulnerability in DualOutFocusViewer prior to SMR Nov-2022 Release 1 allows local attacker to perform an arbitrary code execution.

HIGH CVSS 7.1 Published Nov 09, 2022

CVE-2022-36868

Improper restriction of broadcasting Intent in MouseNKeyHidDevice prior to SMR Oct-2022 Release 1 leaks MAC address of the connected Bluetooth device.

MEDIUM CVSS 5.9 Published Oct 07, 2022

CVE-2022-39862

Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and 3.3.03.66 in Android S(12) allows unauthorized use of javascript interface api.

MEDIUM CVSS 5.3 Published Oct 07, 2022

CVE-2022-36852

Improper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local attacker to access internal application data.

LOW CVSS 1.9 Published Sep 09, 2022

CVE-2022-33731

Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components.

MEDIUM CVSS 5.1 Published Aug 05, 2022

CVE-2022-33715

Improper access control and path traversal vulnerability in LauncherProvider prior to SMR Aug-2022 Release 1 allow local attacker to access files of One UI.

MEDIUM CVSS 5.3 Published Aug 05, 2022

CVE-2022-33717

A missing input validation before memory read in SEM TA prior to SMR Aug-2022 Release 1 allows local attackers to read out of bound memory.

MEDIUM CVSS 4.4 Published Aug 05, 2022

CVE-2022-33716

An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local attacker to read uninitialized memory.

LOW CVSS 2.3 Published Aug 05, 2022

CVE-2022-33692

Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log.

MEDIUM CVSS 4.0 Published Jul 11, 2022

CVE-2022-30728

Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.

LOW CVSS 1.9 Published Jun 07, 2022

CVE-2022-30712

Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.

HIGH CVSS 8.5 Published Jun 07, 2022

CVE-2022-28781

Improper input validation in Settings prior to SMR-May-2022 Release 1 allows attackers to launch arbitrary activity with system privilege. The patch adds proper validation logic to check the caller.

HIGH CVSS 7.7 Published May 03, 2022

CVE-2022-25814

PendingIntent hijacking vulnerability in Wearable Manager Installer prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.

MEDIUM CVSS 5.5 Published Mar 08, 2022