Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2021
CVE-2021-25376
An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLS negotiation is failed.
CVSS Score
3.1
EPSS Score
0.002
Published
2021-04-09
CVE-2021-25377
Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action.
CVSS Score
3.3
EPSS Score
0.0
Published
2021-04-09
CVE-2021-25378
Improper access control of certain port in SmartThings prior to version 1.7.63.6 allows remote temporary denial of service.
CVSS Score
4.3
EPSS Score
0.004
Published
2021-04-09
CVE-2021-25379
Intent redirection vulnerability in Gallery prior to version 5.4.16.1 allows attacker to execute privileged action.
CVSS Score
4.0
EPSS Score
0.001
Published
2021-04-09
CVE-2021-25380
Improper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker to execute the actions registered by the user.
CVSS Score
5.8
EPSS Score
0.003
Published
2021-04-09
CVE-2021-25381
Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-04-09
CVE-2021-25356
An improper caller check vulnerability in Managed Provisioning prior to SMR APR-2021 Release 1 allows unprivileged application to install arbitrary application, grant device admin permission and then delete several installed application.
CVSS Score
7.1
EPSS Score
0.0
Published
2021-04-09
CVE-2021-25357
A pendingIntent hijacking vulnerability in Create Movie prior to SMR APR-2021 Release 1 in Android O(8.x) and P(9.0), 3.4.81.1 in Android Q(10,0), and 3.6.80.7 in Android R(11.0) allows unprivileged applications to access contact information.
CVSS Score
5.6
EPSS Score
0.0
Published
2021-04-09
CVE-2021-25358
A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1 allows local attackers to access IMSI values without any permission via untrusted applications.
CVSS Score
4.0
EPSS Score
0.0
Published
2021-04-09
CVE-2021-25359
An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP information without proper permissions via untrusted applications.
CVSS Score
4.0
EPSS Score
0.0
Published
2021-04-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved