Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
Samsung Mobile Samsung Mobile Devices

Version S(12)

OTHER 18 CVEs

Known Vulnerabilities

CVE-2023-21419

An improper implementation logic in Secure Folder prior to SMR Jan-2023 Release 1 allows the Secure Folder container remain unlocked under certain condition.

MEDIUM CVSS 4.3 Published Feb 09, 2023

CVE-2022-39849

Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.

UNKNOWN Published Oct 07, 2022

CVE-2022-39856

Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allows local attackers to access call information.

MEDIUM CVSS 4.0 Published Oct 07, 2022

CVE-2022-36850

Path traversal vulnerability in CallBGProvider prior to SMR Sep-2022 Release 1 allows attacker to overwrite arbitrary file with phone uid.

MEDIUM CVSS 4.0 Published Sep 09, 2022

CVE-2022-36856

Improper access control vulnerability in Telecom application prior to SMR Sep-2022 Release 1 allows attacker to start emergency calls via undefined permission.

MEDIUM CVSS 4.0 Published Sep 09, 2022

CVE-2022-36854

Out of bound read in libapexjni.media.samsung.so prior to SMR Sep-2022 Release 1 allows attacker access unauthorized information.

MEDIUM CVSS 4.0 Published Sep 09, 2022

CVE-2022-33730

Heap-based buffer overflow vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows arbitrary code execution by physical attackers.

MEDIUM CVSS 6.8 Published Aug 05, 2022

CVE-2022-33721

A vulnerability using PendingIntent in DeX for PC prior to SMR Aug-2022 Release 1 allows attackers to access files with system privilege.

MEDIUM CVSS 4.4 Published Aug 05, 2022

CVE-2022-33732

Improper access control vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows local attackers to scan and connect to PC by unprotected binder call.

MEDIUM CVSS 6.2 Published Aug 05, 2022

CVE-2022-33696

Exposure of Sensitive Information in Telephony service prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log.

MEDIUM CVSS 4.0 Published Jul 11, 2022

CVE-2022-33690

Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to access arbitrary file.

MEDIUM CVSS 4.0 Published Jul 11, 2022

CVE-2022-30726

Unprotected component vulnerability in DeviceSearchTrampoline in SecSettingsIntelligence prior to SMR Jun-2022 Release 1 allows local attackers to launch activities of SecSettingsIntelligence.

MEDIUM CVSS 6.2 Published Jun 07, 2022

CVE-2022-30729

Implicit Intent hijacking vulnerability in Settings prior to SMR Jun-2022 Release 1 allows attackers to get Wi-Fi SSID and password via a malicious QR code scanner.

LOW CVSS 3.3 Published Jun 07, 2022

CVE-2022-27836

Improper access control and path traversal vulnerability in Storage Manager and Storage Manager Service prior to SMR Apr-2022 Release 1 allow local attackers to access arbitrary system files without a proper permission. The patch adds proper validation logic to prevent arbitrary files access.

HIGH CVSS 8.4 Published Apr 11, 2022

CVE-2022-27835

Improper boundary check in UWB firmware prior to SMR Apr-2022 Release 1 allows arbitrary memory write.

HIGH CVSS 7.6 Published Apr 11, 2022

CVE-2022-27830

Improper validation vulnerability in SemBlurInfo prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.

HIGH CVSS 8.5 Published Apr 11, 2022

CVE-2022-27829

Improper validation vulnerability in VerifyCredentialResponse prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.

HIGH CVSS 8.5 Published Apr 11, 2022

CVE-2022-25818

Improper boundary check in UWB stack prior to SMR Mar-2022 Release 1 allows arbitrary code execution.

MEDIUM CVSS 6.5 Published Mar 08, 2022