CVSS: 6.2EPSS: 0%CPEs: 29EXPL: 0CVE-2023-30642
https://notcve.org/view.php?id=CVE-2023-30642
Improper privilege management vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to call privilege function. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=07 • CWE-269: Improper Privilege Management •
CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0CVE-2023-30641
https://notcve.org/view.php?id=CVE-2023-30641
Improper access control vulnerability in Settings prior to SMR Jul-2023 Release 1 allows physical attacker to use restricted user profile to access device owner's google account data. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=07 •
CVSS: 4.3EPSS: 0%CPEs: 60EXPL: 0CVE-2023-30640
https://notcve.org/view.php?id=CVE-2023-30640
Improper access control vulnerability in PersonaManagerService prior to SMR Jul-2023 Release 1 allows local attackers to change confiugration. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=07 •
CVSS: 4.4EPSS: 0%CPEs: 9EXPL: 0CVE-2023-20748
https://notcve.org/view.php?id=CVE-2023-20748
In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07536951; Issue ID: ALPS07536951. • https://corp.mediatek.com/product-security-bulletin/July-2023 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2023-20693
https://notcve.org/view.php?id=CVE-2023-20693
In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664711; Issue ID: ALPS07664711. • https://corp.mediatek.com/product-security-bulletin/July-2023 • CWE-190: Integer Overflow or Wraparound •