CVSS: 5.3EPSS: 0%CPEs: 51EXPL: 0CVE-2023-21486
https://notcve.org/view.php?id=CVE-2023-21486
04 May 2023 — Improper export of android application components vulnerability in ImagePreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-926: Improper Export of Android Application Components •
CVSS: 5.1EPSS: 0%CPEs: 51EXPL: 0CVE-2023-21487
https://notcve.org/view.php?id=CVE-2023-21487
04 May 2023 — Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1 allows local attackers to change a call setting. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 51EXPL: 0CVE-2023-21488
https://notcve.org/view.php?id=CVE-2023-21488
04 May 2023 — Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-284: Improper Access Control •
CVSS: 7.2EPSS: 0%CPEs: 51EXPL: 0CVE-2023-21489
https://notcve.org/view.php?id=CVE-2023-21489
04 May 2023 — Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 51EXPL: 0CVE-2023-21490
https://notcve.org/view.php?id=CVE-2023-21490
04 May 2023 — Improper access control in GearManagerStub prior to SMR May-2023 Release 1 allows a local attacker to delete applications installed by watchmanager. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-284: Improper Access Control •
CVSS: 8.5EPSS: 0%CPEs: 24EXPL: 0CVE-2023-21491
https://notcve.org/view.php?id=CVE-2023-21491
04 May 2023 — Improper access control vulnerability in ThemeManager prior to SMR May-2023 Release 1 allows local attackers to write arbitrary files with system privilege. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 0%CPEs: 50EXPL: 0CVE-2023-21493
https://notcve.org/view.php?id=CVE-2023-21493
04 May 2023 — Improper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected data. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2023-21494
https://notcve.org/view.php?id=CVE-2023-21494
04 May 2023 — Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-20: Improper Input Validation CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 51EXPL: 0CVE-2023-21495
https://notcve.org/view.php?id=CVE-2023-21495
04 May 2023 — Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device admin is set. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-284: Improper Access Control •
CVSS: 6.1EPSS: 0%CPEs: 50EXPL: 0CVE-2023-21496
https://notcve.org/view.php?id=CVE-2023-21496
04 May 2023 — Active Debug Code vulnerability in ActivityManagerService prior to SMR May-2023 Release 1 allows attacker to use debug function via setting debug level. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-489: Active Debug Code •