CVSS: 7.8EPSS: 0%CPEs: 66EXPL: 0CVE-2023-30686
https://notcve.org/view.php?id=CVE-2023-30686
10 Aug 2023 — Out-of-bounds Write in ReqDataRaw of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. Escritura fuera de límites en ReqDataRaw de libsec-ri anterior a SMR Aug-2023 Release 1 que permite a un atacante local ejecutar código arbitrario. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 66EXPL: 0CVE-2023-30685
https://notcve.org/view.php?id=CVE-2023-30685
10 Aug 2023 — Improper access control vulnerability in Telecom prior to SMR Aug-2023 Release 1 allows local attakcers to change TTY mode. La vulnerabilidad de control de acceso inadecuado en Telecom anterior a SMR Aug-2023 Release 1 permite a los atacantes locales cambiar el modo TTY. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08 •
CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0CVE-2023-30684
https://notcve.org/view.php?id=CVE-2023-30684
10 Aug 2023 — Improper access control in Samsung Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call acceptRingingCall API without permission. Control de acceso inadecuado en Samsung Telecom antes de SMR Aug-2023 Release 1 que permite a los atacantes locales llamar a la API acceptRingingCall sin permiso. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08 •
CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0CVE-2023-30683
https://notcve.org/view.php?id=CVE-2023-30683
10 Aug 2023 — Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call endCall API without permission. Control de acceso inadecuado en Telecom antes de SMR Aug-2023 Release 1 que permite a los atacantes locales llamar a la API "endcall" sin permiso. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08 •
CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0CVE-2023-30682
https://notcve.org/view.php?id=CVE-2023-30682
10 Aug 2023 — Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call silenceRinger API without permission. Control de acceso inadecuado en Telecom en versiones anteriores a SMR Aug-2023 Release 1 que permite a los atacantes locales llamar a la API "silenceRinger" sin permiso. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08 •
CVSS: 7.8EPSS: 0%CPEs: 66EXPL: 0CVE-2023-30681
https://notcve.org/view.php?id=CVE-2023-30681
10 Aug 2023 — An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write. Vulnerabilidad de validación de entrada inadecuada en la función de inicialización de HAL VaultKeeper anterior a SMR Aug-2023 Release 1 permite a un atacante provocar una escritura fuera de los límites. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08 • CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 33EXPL: 0CVE-2023-30680
https://notcve.org/view.php?id=CVE-2023-30680
10 Aug 2023 — Improper privilege management vulnerability in MMIGroup prior to SMR Aug-2023 Release 1 allows code execution with privilege. Vulnerabilidad de gestión de privilegios inadecuada en MMIGroup anterior a SMR Aug-2023 Release 1 que permite la ejecución de código con privilegio. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08 • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 66EXPL: 0CVE-2023-30679
https://notcve.org/view.php?id=CVE-2023-30679
10 Aug 2023 — Improper access control in HDCP trustlet prior to SMR Aug-2023 Release 1 allows local attackers to execute arbitrary code. Control de acceso inadecuado en HDCP trustlet anterior a SMR Aug-2023 Release 1 que permite a los atacantes locales ejecutar código arbitrario. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08 •
CVSS: 6.7EPSS: 0%CPEs: 66EXPL: 0CVE-2023-30654
https://notcve.org/view.php?id=CVE-2023-30654
10 Aug 2023 — Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=08 •
CVSS: 4.4EPSS: 0%CPEs: 26EXPL: 0CVE-2023-20818
https://notcve.org/view.php?id=CVE-2023-20818
07 Aug 2023 — In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460540; Issue ID: ALPS07460540. • https://corp.mediatek.com/product-security-bulletin/August-2023 • CWE-125: Out-of-bounds Read •