CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21508
https://notcve.org/view.php?id=CVE-2023-21508
Out-of-bounds Write vulnerability while processing BC_TUI_CMD_SEND_RESOURCE_DATA command in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to execute arbitrary code. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=05 • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 51EXPL: 0CVE-2023-21485
https://notcve.org/view.php?id=CVE-2023-21485
Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-926: Improper Export of Android Application Components •
CVSS: 7.8EPSS: 0%CPEs: 51EXPL: 0CVE-2023-21488
https://notcve.org/view.php?id=CVE-2023-21488
Improper access control vulnerablility in Tips prior to SMR May-2023 Release 1 allows local attackers to launch arbitrary activity in Tips. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-284: Improper Access Control •
CVSS: 6.0EPSS: 0%CPEs: 8EXPL: 0CVE-2023-21500
https://notcve.org/view.php?id=CVE-2023-21500
Double free validation vulnerability in setPinPadImages in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the trustlet memory. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-415: Double Free •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-21494
https://notcve.org/view.php?id=CVE-2023-21494
Potential buffer overflow vulnerability in auth api in mm_Authentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05 • CWE-20: Improper Input Validation CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •