CVSS: 7.1EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30707
https://notcve.org/view.php?id=CVE-2023-30707
Improper input validation vulnerability in FileProviderStatusReceiver in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows local attackers to delete arbitrary files with Samsung Keyboard privilege. Una vulnerabilidad de validación de entrada inadecuada en "FileProviderStatusReceiver" en Samsung Keyboard anterior a SMR Sep-2023 Release 1 permite a los atacantes locales eliminar archivos arbitrarios con el privilegio de Samsung Keyboard. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 •
CVSS: 7.5EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30706
https://notcve.org/view.php?id=CVE-2023-30706
Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to read arbitrary file with system privilege. Autorización incorrecta en Samsung Keyboard anterior a SMR Sep-2023 Release 1 permite al atacante leer archivos arbitrarios con privilegios del sistema. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2023-36481
https://notcve.org/view.php?id=CVE-2023-36481
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-35309
https://notcve.org/view.php?id=CVE-2021-35309
An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain escalated privileges via MITM attacks. Un problema descubierto en Samsung SyncThru Web Service SPL 5.93 06-09-2014 permite a los atacantes obtener privilegios escalados a través de ataques MITM. • https://github.com/mustafa-turgut/cve-subscriptions/tree/main/samsung-stws https://security.samsungmobile.com/securityUpdate.smsb • CWE-269: Improper Privilege Management •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-22181
https://notcve.org/view.php?id=CVE-2020-22181
A reflected cross site scripting (XSS) vulnerability was discovered on Samsung sww-3400rw Router devices via the m2 parameter of the sess-bin/command.cgi • https://github.com/gusrmsdlrh/Vulner/blob/master/Sww-3400rw.md https://security.samsungmobile.com/securityUpdate.smsb • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •