Samsung: Security Vulnerabilities
A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address.
CVSS Score
4.4
EPSS Score
0.0
Published
2021-10-06
A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution.
CVSS Score
6.0
EPSS Score
0.0
Published
2021-10-06
An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE.
CVSS Score
7.9
EPSS Score
0.001
Published
2021-10-06
A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion.
CVSS Score
3.7
EPSS Score
0.001
Published
2021-10-06
A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.
CVSS Score
3.9
EPSS Score
0.0
Published
2021-10-06
Improper access control vulnerability in PENUP prior to version 3.8.00.18 allows arbitrary webpage loading in webview.
CVSS Score
4.0
EPSS Score
0.001
Published
2021-09-09
An improper file management vulnerability in SamsungCapture prior to version 4.8.02 allows sensitive information leak.
CVSS Score
3.3
EPSS Score
0.001
Published
2021-09-09
An improper scheme check vulnerability in Samsung Themes prior to version 5.2.01 allows attackers to perform Man-in-the-middle attack.
CVSS Score
3.3
EPSS Score
0.0
Published
2021-09-09
Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and obtain Samsung Account token.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-09-09
An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows local attackers to get a limited kernel memory information.
CVSS Score
5.9
EPSS Score
0.0
Published
2021-09-09