CVSS: 7.8EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30712
https://notcve.org/view.php?id=CVE-2023-30712
06 Sep 2023 — Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity. Validación de entrada incorrecta en Settings Suggestions anterior a SMR Sep-2023 Release 1 permite a los atacantes lanzar una actividad arbitraria. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 • CWE-20: Improper Input Validation •
CVSS: 4.0EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30711
https://notcve.org/view.php?id=CVE-2023-30711
06 Sep 2023 — Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider. Una vulnerabilidad de autenticación incorrecta en Phone and Messaging Storage SMR SEP-2023 Release 1 permite a un atacante insertar datos arbitrarios en el proveedor. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 •
CVSS: 8.5EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30710
https://notcve.org/view.php?id=CVE-2023-30710
06 Sep 2023 — Improper input validation vulnerability in Knox AI prior to SMR Sep-2023 Release 1 allows local attackers to launch privileged activities. Vulnerabilidad de validación de entrada incorrecta en Knox AI anterior a SMR Sep-2023 Release 1 permite a atacantes locales iniciar actividades privilegiadas. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 •
CVSS: 7.9EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30709
https://notcve.org/view.php?id=CVE-2023-30709
06 Sep 2023 — Improper access control in Dual Messenger prior to SMR Sep-2023 Release 1 allows local attackers launch activity with system privilege. Una vulnerabilidad de control de acceso inadecuado en Dual Messenger anterior a SMR Sep-2023 Release 1 permite a los atacantes locales iniciar actividades con privilegios del sistema. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 •
CVSS: 7.8EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30708
https://notcve.org/view.php?id=CVE-2023-30708
06 Sep 2023 — Improper authentication in SecSettings prior to SMR Sep-2023 Release 1 allows attacker to access Captive Portal Wi-Fi in Reactivation Lock status. Una autenticación inadecuada en SecSettings anterior a SMR Sep-2023 Release 1 permite al atacante a acceder al portal cautivo Wi-Fi en el estado de bloqueo de reactivación. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 • CWE-287: Improper Authentication •
CVSS: 7.1EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30707
https://notcve.org/view.php?id=CVE-2023-30707
06 Sep 2023 — Improper input validation vulnerability in FileProviderStatusReceiver in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows local attackers to delete arbitrary files with Samsung Keyboard privilege. Una vulnerabilidad de validación de entrada inadecuada en "FileProviderStatusReceiver" en Samsung Keyboard anterior a SMR Sep-2023 Release 1 permite a los atacantes locales eliminar archivos arbitrarios con el privilegio de Samsung Keyboard. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 •
CVSS: 7.5EPSS: 0%CPEs: 69EXPL: 0CVE-2023-30706
https://notcve.org/view.php?id=CVE-2023-30706
06 Sep 2023 — Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to read arbitrary file with system privilege. Autorización incorrecta en Samsung Keyboard anterior a SMR Sep-2023 Release 1 permite al atacante leer archivos arbitrarios con privilegios del sistema. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09 •
CVSS: 4.4EPSS: 0%CPEs: 35EXPL: 0CVE-2023-32817
https://notcve.org/view.php?id=CVE-2023-32817
04 Sep 2023 — In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: ALPS08044035. En el servicio gnss, existe una posible lectura fuera de límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 35EXPL: 0CVE-2023-32816
https://notcve.org/view.php?id=CVE-2023-32816
04 Sep 2023 — In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: ALPS08044032. En el servicio gnss, existe una posible lectura fuera de límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 41EXPL: 0CVE-2023-32815
https://notcve.org/view.php?id=CVE-2023-32815
04 Sep 2023 — In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08037801; Issue ID: ALPS08037801. En el servicio gnss, existe una posible lectura fuera de límites debido a una validación de entrada incorrecta. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •