Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data.
Max CVSS
2.4
EPSS Score
0.04%
Published
2022-09-09
Updated
2023-06-27
Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut.
Max CVSS
2.4
EPSS Score
0.05%
Published
2022-08-05
Updated
2023-07-21
Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.
Max CVSS
2.3
EPSS Score
0.04%
Published
2022-07-12
Updated
2022-07-16
Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.
Max CVSS
2.3
EPSS Score
0.04%
Published
2022-07-12
Updated
2022-07-16
Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.
Max CVSS
2.3
EPSS Score
0.04%
Published
2022-07-12
Updated
2022-07-15
Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.
Max CVSS
2.3
EPSS Score
0.04%
Published
2022-07-12
Updated
2022-07-16
In multiple locations, there is a possible display crash loop due to improper input validation. This could lead to local denial of service with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238178261
Max CVSS
2.3
EPSS Score
0.04%
Published
2022-12-16
Updated
2022-12-19
In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege in wifi settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231583603
Max CVSS
2.4
EPSS Score
0.04%
Published
2022-12-16
Updated
2022-12-20
In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-185126813
Max CVSS
2.8
EPSS Score
0.04%
Published
2022-08-12
Updated
2022-08-18
In LocationManager, there is a possible way to get location information due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-219835125
Max CVSS
2.3
EPSS Score
0.04%
Published
2022-08-12
Updated
2022-08-13
In WindowManager, there is a possible method to create a recording of the lock screen due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-215005011
Max CVSS
2.4
EPSS Score
0.04%
Published
2022-08-11
Updated
2022-08-13
In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location information due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-231496105
Max CVSS
2.3
EPSS Score
0.04%
Published
2022-12-13
Updated
2022-12-15
An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen.
Max CVSS
2.4
EPSS Score
0.05%
Published
2021-12-08
Updated
2021-12-10
Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device.
Max CVSS
2.4
EPSS Score
0.05%
Published
2021-06-11
Updated
2022-07-30
Improper lockscreen status check in cocktailbar service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows unauthenticated users to access hidden notification contents over the lockscreen in specific condition.
Max CVSS
2.5
EPSS Score
0.04%
Published
2021-03-04
Updated
2021-03-11
In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-181588752
Max CVSS
2.7
EPSS Score
0.04%
Published
2021-12-15
Updated
2021-12-17
An issue was discovered on Samsung mobile devices with Q(10.0) software. Information about application preview (in the Secure Folder) leaks on a locked device. The Samsung ID is SVE-2019-16463 (April 2020).
Max CVSS
2.4
EPSS Score
0.05%
Published
2020-04-08
Updated
2021-07-21
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Google Assistant leaks clipboard contents on a locked device. The Samsung ID is SVE-2019-16558 (April 2020).
Max CVSS
2.4
EPSS Score
0.05%
Published
2020-04-08
Updated
2021-07-21
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Attackers can view notifications by entering many PINs in Lockdown mode. The Samsung ID is SVE-2019-16590 (March 2020).
Max CVSS
2.4
EPSS Score
0.05%
Published
2020-03-24
Updated
2021-07-21
In RunInternal of dumpstate.cpp, there is a possible user consent bypass due to an uncaught exception. This could lead to local information disclosure of bug report data with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-152944488
Max CVSS
2.3
EPSS Score
0.04%
Published
2020-09-17
Updated
2021-07-21
In the WifiConfigManager, there is a possible storage of location history which can only be deleted by triggering a factory reset. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140065828
Max CVSS
2.3
EPSS Score
0.04%
Published
2020-03-10
Updated
2020-03-11
An issue was discovered on Samsung mobile devices with O(8.x) software. Bixby leaks the keyboard's learned words, and the clipboard contents, via the lock screen. The Samsung IDs are SVE-2018-12896, SVE-2018-12897 (May 2019).
Max CVSS
2.4
EPSS Score
0.05%
Published
2020-03-24
Updated
2021-07-21
An issue was discovered on Samsung mobile devices with P(9.0) software. Quick Panel allows enabling or disabling the Bluetooth stack without authentication. The Samsung ID is SVE-2019-14545 (July 2019).
Max CVSS
2.4
EPSS Score
0.05%
Published
2020-03-24
Updated
2020-08-24
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Gallery allows attackers to enable Location information sharing from the lock screen. The Samsung ID is SVE-2019-14462 (August 2019).
Max CVSS
2.4
EPSS Score
0.05%
Published
2020-03-24
Updated
2021-07-21
An issue was discovered on Samsung mobile devices with P(9.0) software. Gallery allows viewing of photos on the lock screen. The Samsung ID is SVE-2019-15055 (October 2019).
Max CVSS
2.4
EPSS Score
0.05%
Published
2020-03-24
Updated
2021-07-21
42 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!