Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2021
CVE-2021-25509
A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the Windows known folders.
CVSS Score
5.9
EPSS Score
0.001
Published
2021-11-05
CVE-2021-25504
Intent redirection vulnerability in Group Sharing prior to 10.8.03.2 allows attacker to access contact information.
CVSS Score
4.0
EPSS Score
0.001
Published
2021-11-05
CVE-2021-25505
Improper authentication in Samsung Pass prior to 3.0.02.4 allows to use app without authentication when lockscreen is unlocked.
CVSS Score
3.3
EPSS Score
0.001
Published
2021-11-05
CVE-2021-25506
Non-existent provider in Samsung Health prior to 6.19.1.0001 allows attacker to access it via malicious content provider or lead to denial of service.
CVSS Score
4.0
EPSS Score
0.001
Published
2021-11-05
CVE-2021-25507
Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Samsung Flow PC application connected with user device to access part of notification data in Secure Folder without authorization.
CVSS Score
5.7
EPSS Score
0.001
Published
2021-11-05
CVE-2021-25508
Improper privilege management vulnerability in API Key used in SmartThings prior to 1.7.73.22 allows an attacker to abuse the API key without limitation.
CVSS Score
5.3
EPSS Score
0.003
Published
2021-11-05
CVE-2021-25501
An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers.
CVSS Score
5.7
EPSS Score
0.0
Published
2021-11-05
CVE-2021-25502
A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov-2021 Release 1 allows attackers to read ESN value without priviledge.
CVSS Score
7.9
EPSS Score
0.0
Published
2021-11-05
CVE-2021-25503
Improper input validation vulnerability in HDCP prior to SMR Nov-2021 Release 1 allows attackers to arbitrary code execution.
CVSS Score
5.0
EPSS Score
0.0
Published
2021-11-05
CVE-2021-25500
A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise.
CVSS Score
7.2
EPSS Score
0.0
Published
2021-11-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved