CVE-2021-39703
- EPSS 0.12%
- Veröffentlicht 16.03.2022 15:15:10
- Zuletzt bearbeitet 21.11.2024 06:20:02
In updateState of UsbDeviceManager.java, there is a possible unauthorized access of files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for ex...
CVE-2021-39704
- EPSS 0.19%
- Veröffentlicht 16.03.2022 15:15:10
- Zuletzt bearbeitet 21.11.2024 06:20:03
In deleteNotificationChannelGroup of NotificationManagerService.java, there is a possible way to run foreground service without user notification due to a permissions bypass. This could lead to local escalation of privilege with no additional executi...
CVE-2021-0957
- EPSS 0.13%
- Veröffentlicht 16.03.2022 15:15:09
- Zuletzt bearbeitet 21.11.2024 05:43:18
In NotificationStackScrollLayout of NotificationStackScrollLayout.java, there is a possible way to bypass Factory Reset Protections. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is ...
CVE-2022-25821
- EPSS 0.11%
- Veröffentlicht 10.03.2022 17:47:21
- Zuletzt bearbeitet 21.11.2024 06:53:03
Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read.
CVE-2022-25822
- EPSS 0.09%
- Veröffentlicht 10.03.2022 17:47:21
- Zuletzt bearbeitet 21.11.2024 06:53:03
An use after free vulnerability in sdp driver prior to SMR Mar-2022 Release 1 allows kernel crash.
CVE-2022-25819
- EPSS 0.11%
- Veröffentlicht 10.03.2022 17:47:20
- Zuletzt bearbeitet 21.11.2024 06:53:03
OOB read vulnerability in hdcp2 device node prior to SMR Mar-2022 Release 1 allow an attacker to view Kernel stack memory.
CVE-2022-25820
- EPSS 0.1%
- Veröffentlicht 10.03.2022 17:47:20
- Zuletzt bearbeitet 21.11.2024 06:53:03
A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows physical attackers to perform brute force attack on screen lock password.
CVE-2022-25818
- EPSS 0.42%
- Veröffentlicht 10.03.2022 17:47:19
- Zuletzt bearbeitet 21.11.2024 06:53:03
Improper boundary check in UWB stack prior to SMR Mar-2022 Release 1 allows arbitrary code execution.
CVE-2022-25816
- EPSS 0.11%
- Veröffentlicht 10.03.2022 17:47:18
- Zuletzt bearbeitet 21.11.2024 06:53:03
Improper authentication in Samsung Lock and mask apps setting prior to SMR Mar-2022 Release 1 allows attacker to change enable/disable without authentication
CVE-2022-25817
- EPSS 0.1%
- Veröffentlicht 10.03.2022 17:47:18
- Zuletzt bearbeitet 21.11.2024 06:53:03
Improper authentication in One UI Home prior to SMR Mar-2022 Release 1 allows attacker to generate pinned-shortcut without user consent.