CVE-2021-25389
- EPSS 0.11%
- Veröffentlicht 11.06.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 05:54:53
Improper running task check in S Secure prior to SMR MAY-2021 Release 1 allows attackers to use locked app without authentication.
- EPSS 0.16%
- Veröffentlicht 11.06.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 05:54:53
Intent redirection vulnerability in PhotoTable prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action.
- EPSS 0.16%
- Veröffentlicht 11.06.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 05:54:53
Intent redirection vulnerability in Secure Folder prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action.
CVE-2021-25392
- EPSS 0.1%
- Veröffentlicht 11.06.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 05:54:54
Improper protection of backup path configuration in Samsung Dex prior to SMR MAY-2021 Release 1 allows local attackers to get sensitive information via changing the path.
CVE-2021-25393
- EPSS 0.14%
- Veröffentlicht 11.06.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 05:54:54
Improper sanitization of incoming intent in SecSettings prior to SMR MAY-2021 Release 1 allows local attackers to get permissions to access system uid data.
CVE-2021-25382
- EPSS 0.1%
- Veröffentlicht 23.04.2021 15:15:09
- Zuletzt bearbeitet 21.11.2024 05:54:52
An improper authorization of using debugging command in Secure Folder prior to SMR Oct-2020 Release 1 allows unauthorized access to contents in Secure Folder via debugging command.
CVE-2021-0488
- EPSS 0.12%
- Veröffentlicht 15.04.2021 13:15:11
- Zuletzt bearbeitet 21.11.2024 05:42:48
In pb_write of pb_encode.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: Andr...
CVE-2021-0435
- EPSS 1.71%
- Veröffentlicht 13.04.2021 19:15:13
- Zuletzt bearbeitet 21.11.2024 05:42:43
In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitat...
CVE-2021-0436
- EPSS 0.12%
- Veröffentlicht 13.04.2021 19:15:13
- Zuletzt bearbeitet 21.11.2024 05:42:43
In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds read due to integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitat...
CVE-2021-0437
- EPSS 0.24%
- Veröffentlicht 13.04.2021 19:15:13
- Zuletzt bearbeitet 21.11.2024 05:42:43
In setPlayPolicy of DrmPlugin.cpp, there is a possible double free. This could lead to local escalation of privilege in a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Andr...