CVSS: 4.0EPSS: 0%CPEs: 128EXPL: 0CVE-2023-21429
https://notcve.org/view.php?id=CVE-2023-21429
Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01 • CWE-285: Improper Authorization •
CVSS: 5.5EPSS: 0%CPEs: 50EXPL: 0CVE-2023-21426
https://notcve.org/view.php?id=CVE-2023-21426
Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows attackers to access cardemulation PIN. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01 • CWE-798: Use of Hard-coded Credentials •
CVSS: 7.8EPSS: 0%CPEs: 128EXPL: 0CVE-2023-21430
https://notcve.org/view.php?id=CVE-2023-21430
An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01 • CWE-125: Out-of-bounds Read •
CVSS: 3.3EPSS: 0%CPEs: 128EXPL: 0CVE-2023-21436
https://notcve.org/view.php?id=CVE-2023-21436
Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=02 • CWE-285: Improper Authorization •
CVSS: 5.5EPSS: 0%CPEs: 128EXPL: 0CVE-2023-21437
https://notcve.org/view.php?id=CVE-2023-21437
Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=02 • CWE-287: Improper Authentication •