An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. RKP allows arbitrary code execution. The Samsung ID is SVE-2020-17435 (August 2020).
An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. H-Arx allows attackers to execute arbitrary code or cause a denial of service (memory corruption) because indexes are mishandled. The Samsung ID is SVE-2020-17426 (August 2020).
Improper privilege management vulnerability in Samsung Video Player prior to version 7.3.15.30 allows attackers to execute video files without permission.
Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station.
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos8890 chipsets) software. There are multiple Buffer Overflows in TSP sysfs cmd_store. The Samsung ID is SVE-2016-7500 (January 2017).
An issue was discovered on Samsung Galaxy S5 mobile devices with software through 2016-12-20 (Qualcomm AP chipsets). There are multiple buffer overflows in the bootloader. The Samsung ID is SVE-2016-7930 (March 2017).
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos7420, Exynos8890, or MSM8996 chipsets) software. RKP allows memory corruption. The Samsung ID is SVE-2016-7897 (January 2017).
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) (Exynos54xx, Exynos7420, Exynos8890, or Exynos8895 chipsets) software. There is a buffer overflow in the sensor hub. The Samsung ID is SVE-2016-7484 (January 2017).
Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion.This issue affects rLottie: V0.2.
An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos980 9630 and Exynos990 9830 chipsets) software. The Bootloader has a heap-based buffer overflow because of the mishandling of specific commands. The Samsung IDs are SVE-2020-16981, SVE-2020-16991 (May 2020).
An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos 7570 chipsets) software. The Trustonic Kinibi component allows arbitrary memory mapping. The Samsung ID is SVE-2019-16665 (June 2020).
Potential buffer overflow vulnerability in mm_LteInterRatManagement.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.
Potential buffer overflow vulnerability in mm_Plmncoordination.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access.
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos 9810 chipsets) software. Arbitrary memory mapping exists in TEE. The Samsung ID is SVE-2019-16665 (February 2020).
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos7885, Exynos8895, and Exynos9810 chipsets) software. The Gatekeeper trustlet allows a brute-force attack on the screen lock password. The Samsung ID is SVE-2019-14575 (January 2020).
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to 1.4.20.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the GameServiceReceiver update mechanism. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7477.
Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows attackers to write arbitrary file with Samsung Health privilege.
Out-of-bounds write vulnerability in parser_hvcC function of libsimba library prior to SMR Aug-2023 Release 1 allows code execution by remote attackers.
Improper access control in Samsung Pass prior to version 4.0.05.1 allows attackers to unauthenticated access via keep open feature.
Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code.
Improper privilege management vulnerability in API Key used in SmartThings prior to 1.7.73.22 allows an attacker to abuse the API key without limitation.
An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process.
Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages without requesting permission.
Samsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send arbitrary SMS texts to arbitrary destinations without permission.
Improper handling of insufficient permissions in Samsung Assistant prior to version 9.1.00.7 allows remote attackers to access location data. User interaction is required for triggering this vulnerability.
Improper handling of insufficient permission in KnoxDualDARPolicy prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive data.
Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege.
Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent.
Improper Handling of Insufficient Privileges in Samsung Account prior to version 14.8.00.3 allows local attackers to access data.
Improper handling of insufficient permission in Telephony prior to SMR Aug-2024 Release 1 allows local attackers to configure default Message application.
Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store.
Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission.
Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1 allows local attackers to access sensitive data.
Incorrect default permission in AppLock prior to SMR MAr-2024 Release 1 allows local attackers to configure AppLock settings.
PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to access files without permission via implicit Intent.
Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission.
Unprotected component vulnerability in StTheaterModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to enable bedtime mode without a proper permission.
Unprotected component vulnerability in StBedtimeModeAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to change bedtime mode without a proper permission.
An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation.
Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition.
Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.
An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 allows unauthenticated attackers to set the DMZ service of the device via a crafted POST request.
eliteCMS v1.0 is vulnerable to Insecure Permissions via manage_uploads.php.
An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component.
Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote code execution (RCE) vulnerability in profile.php through the "image" parameter that can execute a webshell payload.
Local file inclusion in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the PassageAutoServer.php page.
An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. After a restart of a server, an attacker might suddenly gain API Endpoint access.
Permission management vulnerability in the PMS module. Successful exploitation of this vulnerability may cause privilege escalation.
A vulnerability has been found in trampgeek jobe up to 1.6.4 and classified as problematic. This vulnerability affects the function runs_post of the file application/controllers/Restapi.php. The manipulation of the argument sourcefilename leads to an unknown weakness. Upgrading to version 1.6.5 is able to address this issue. The patch is identified as 694da5013dbecc8d30dd83e2a83e78faadf93771. It is recommended to upgrade the affected component. VDB-217174 is the identifier assigned to this vulnerability.
An issue was discovered in MSA FieldServer Gateway 5.0.0 through 6.5.2 (Fixed in 7.0.0). The FieldServer Gateway has an internally used shared administrative user account on all devices. The authentication for this user is implemented through an unsafe shared secret that is static in all affected firmware versions.