CVSS: 8.5EPSS: 0%CPEs: 41EXPL: 0CVE-2023-21439
https://notcve.org/view.php?id=CVE-2023-21439
Improper input validation vulnerability in UwbDataTxStatusEvent prior to SMR Feb-2023 Release 1 allows attackers to launch certain activities. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=02 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 63EXPL: 0CVE-2023-21442
https://notcve.org/view.php?id=CVE-2023-21442
Improper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R(11) and 3.2.01.007 in Android S(12) allows local attackers to get device location information. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=02 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21433
https://notcve.org/view.php?id=CVE-2023-21433
Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=01 • CWE-276: Incorrect Default Permissions CWE-285: Improper Authorization •
CVSS: 6.5EPSS: 0%CPEs: 78EXPL: 0CVE-2023-21427
https://notcve.org/view.php?id=CVE-2023-21427
Improper access control vulnerability in NfcTile prior to SMR Jan-2023 Release 1 allows to attacker to use NFC without user recognition. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=01 • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21444
https://notcve.org/view.php?id=CVE-2023-21444
Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers to decrypt encrypted messages or inject commands. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=02 • CWE-326: Inadequate Encryption Strength •