CVSS: 8.4EPSS: 0%CPEs: 75EXPL: 0CVE-2023-42537
https://notcve.org/view.php?id=CVE-2023-42537
An improper input validation in get_head_crc in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write. Una validación de entrada incorrecta en get_head_crc en libsaped antes de SMR Nov-2023 Release 1 permite al atacante provocar lecturas y escrituras fuera de los límites. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 75EXPL: 0CVE-2023-42536
https://notcve.org/view.php?id=CVE-2023-42536
An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write. Una validación de entrada incorrecta en saped_dec en libsaped antes de SMR Nov-2023 Release 1 permite que un atacante provoque lecturas y escrituras fuera de los límites. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 39EXPL: 0CVE-2023-42535
https://notcve.org/view.php?id=CVE-2023-42535
Out-of-bounds Write in read_block of vold prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code. La escritura fuera de los límites en read_block de vold antes de SMR Nov-2023 Release 1 permite a un atacante local ejecutar código arbitrario. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 • CWE-787: Out-of-bounds Write •
CVSS: 6.3EPSS: 0%CPEs: 39EXPL: 0CVE-2023-42534
https://notcve.org/view.php?id=CVE-2023-42534
Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows local attackers to read arbitrary files with system privilege. Una vulnerabilidad de validación de entrada incorrecta en ChooserActivity anterior a SMR Nov-2023 Release 1 permite a atacantes locales leer archivos arbitrarios con privilegios del sistema. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 6.8EPSS: 0%CPEs: 39EXPL: 0CVE-2023-42533
https://notcve.org/view.php?id=CVE-2023-42533
Improper Input Validation with USB Gadget Interface prior to SMR Nov-2023 Release 1 allows a physical attacker to execute arbitrary code in Kernel. La validación de entrada incorrecta con USB Gadget Interface anterior a SMR Nov-2023 Release 1 permite a un atacante físico ejecutar código arbitrario en el Kernel. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 •