| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper access control in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to access device information. |
| Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data. |
| Improper Privilege Management vulnerability in Game Optimizing Service prior to versions 3.3.04.0 in Android 10, and 3.5.04.8 in Android 11 and above allows local attacker to execute hidden function for developer by changing package name. |
| Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information. |
| Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for Mobile Phones prior to version 1.7.56.0 allows local attackers to delete arbitrary directory using directory junction. |
| A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations. |
| Uncontrolled search path element vulnerability in Samsung Android USB Driver windows installer program prior to version 1.7.50 allows attacker to execute arbitrary code. |
| A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attacker to access the file with system privilege. |
| Use after free vulnerability in dsp_context_unload_graph function of DSP driver prior to SMR Apr-2022 Release 1 allows attackers to perform malicious actions. |
| Improper input validation in DSP driver prior to SMR Apr-2022 Release 1 allows out-of-bounds write by integer overflow. |
| Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read. |
| OOB read vulnerability in hdcp2 device node prior to SMR Mar-2022 Release 1 allow an attacker to view Kernel stack memory. |
| Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard. |
| Improper access control vulnerability in Camera prior to versions 11.1.02.16 in Android R(11), 10.5.03.77 in Android Q(10) and 9.0.6.68 in Android P(9) allows untrusted applications to take a picture in screenlock status. |
| A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S(12), 3.7.50.6 in Andorid R(11) and below allows attackers to execute privileged action by hijacking and modifying the intent. |
| Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08.6000 in Andoid Q(10) allows attackers to register reminders or execute exporeted activities remotely. |
| An improper input validation in SMC_SRPMB_WSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. |
| An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. |
| An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. |
| Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station. |
