Page 66 of 1971 results (0.022 seconds)

CVSS: 5.5EPSS: 0%CPEs: 50EXPL: 0

Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows attackers to access cardemulation PIN. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01 • CWE-798: Use of Hard-coded Credentials •

CVSS: 5.5EPSS: 0%CPEs: 128EXPL: 0

Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=02 • CWE-287: Improper Authentication •

CVSS: 3.3EPSS: 0%CPEs: 128EXPL: 0

Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=02 • CWE-285: Improper Authorization •

CVSS: 4.0EPSS: 0%CPEs: 128EXPL: 0

Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01 • CWE-285: Improper Authorization •

CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0

In gnss driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services. • https://www.unisoc.com/en_us/secy/announcementDetail/1621031430231134210 • CWE-787: Out-of-bounds Write •