Samsung Android 11.0 SMR-JAN-2023-R1

CPE Details

Samsung Android 11.0 SMR-JAN-2023-R1
11.0
2023-02-17
14h39 +00:00
2023-02-17
17h57 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*

Informations

Vendor

samsung

Product

android

Version

11.0

Update

smr-jan-2023-r1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-20862 2024-05-07 04h28 +00:00 Out-of-bounds write in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary code.
6.7
Medium
CVE-2024-20833 2024-03-05 08h08 +00:00 Use after free vulnerability in pub_crypto_recv_msg prior to SMR Mar-2024 Release 1 due to race condition allows local attackers with system privilege to cause memory corruption.
6.4
Medium
CVE-2024-20836 2024-03-05 04h44 +00:00 Out of bounds Read vulnerability in ssmis_get_frm in libsubextractor.so prior to SMR Mar-2024 Release 1 allows local attackers to read out of bounds memory.
5.5
Medium
CVE-2024-20835 2024-03-05 04h44 +00:00 Improper access control vulnerability in CustomFrequencyManagerService prior to SMR Mar-2024 Release 1 allows local attackers to execute privileged behaviors.
7.8
High
CVE-2024-20834 2024-03-05 04h44 +00:00 The sensitive information exposure vulnerability in WlanTest prior to SMR Mar-2024 Release 1 allows local attackers to access MAC address without proper permission.
3.3
Low
CVE-2024-20832 2024-03-05 04h44 +00:00 Heap overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code.
6.7
Medium
CVE-2024-20831 2024-03-05 04h44 +00:00 Stack overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code.
6.7
Medium
CVE-2024-20830 2024-03-05 04h44 +00:00 Incorrect default permission in AppLock prior to SMR MAr-2024 Release 1 allows local attackers to configure AppLock settings.
5.3
Medium
CVE-2024-20820 2024-02-06 02h23 +00:00 Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows local privileged attackers to cause an Out-Of-Bounds read.
7.1
High
CVE-2024-20819 2024-02-06 02h23 +00:00 Out-of-bounds Write vulnerabilities in svc1td_vld_plh_ap of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.
7.8
High
CVE-2024-20818 2024-02-06 02h23 +00:00 Out-of-bounds Write vulnerabilities in svc1td_vld_elh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.
7.8
High
CVE-2024-20817 2024-02-06 02h23 +00:00 Out-of-bounds Write vulnerabilities in svc1td_vld_slh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.
7.8
High
CVE-2024-20816 2024-02-06 02h23 +00:00 Improper authentication vulnerability in onCharacteristicWriteRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness.
8
High
CVE-2024-20815 2024-02-06 02h23 +00:00 Improper authentication vulnerability in onCharacteristicReadRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness.
8
High
CVE-2024-20814 2024-02-06 02h23 +00:00 Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows local attackers access unauthorized information.
5.5
Medium
CVE-2024-20813 2024-02-06 02h23 +00:00 Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.
8.4
High
CVE-2024-20812 2024-02-06 02h23 +00:00 Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.
8.4
High
CVE-2024-20811 2024-02-06 02h23 +00:00 Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer.
5.1
Medium
CVE-2024-20806 2024-01-04 01h10 +00:00 Improper access control in Notification service prior to SMR Jan-2024 Release 1 allows local attacker to access notification data.
6.2
Medium
CVE-2024-20805 2024-01-04 01h10 +00:00 Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file.
5.5
Medium
CVE-2024-20804 2024-01-04 01h10 +00:00 Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file.
5.5
Medium
CVE-2024-20803 2024-01-04 01h10 +00:00 Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction.
6.8
Medium
CVE-2023-42570 2023-12-05 02h44 +00:00 Improper access control vulnerability in KnoxCustomManagerService prior to SMR Dec-2023 Release 1 allows attacker to access device SIM PIN.
5.9
Medium
CVE-2023-42569 2023-12-05 02h44 +00:00 Improper authorization verification vulnerability in AR Emoji prior to SMR Dec-2023 Release 1 allows attackers to read sandbox data of AR Emoji.
4
Medium
CVE-2023-42566 2023-12-05 02h44 +00:00 Out-of-bound write vulnerability in libsavsvc prior to SMR Dec-2023 Release 1 allows local attackers to execute arbitrary code.
7.8
High
CVE-2023-42561 2023-12-05 02h44 +00:00 Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical attacker to execute arbitrary code.
7.1
High
CVE-2023-42560 2023-12-05 02h44 +00:00 Heap out-of-bounds write vulnerability in dec_mono_audb of libsavsac.so prior to SMR Dec-2023 Release 1 allows an attacker to execute arbitrary code.
7.8
High
CVE-2023-42559 2023-12-05 02h44 +00:00 Improper exception management vulnerability in Knox Guard prior to SMR Dec-2023 Release 1 allows Knox Guard lock bypass via changing system time.
5.2
Medium
CVE-2023-42556 2023-12-05 02h44 +00:00 Improper usage of implicit intent in Contacts prior to SMR Dec-2023 Release 1 allows attacker to get sensitive information.
5.5
Medium
CVE-2023-42538 2023-11-07 07h49 +00:00 An improper input validation in saped_rec_silence in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.
7.8
High
CVE-2023-42537 2023-11-07 07h49 +00:00 An improper input validation in get_head_crc in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.
8.4
High
CVE-2023-42536 2023-11-07 07h49 +00:00 An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.
8.4
High
CVE-2023-42532 2023-11-07 07h49 +00:00 Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote attacker to intercept the network traffic including Firmware information.
7.5
High
CVE-2023-42531 2023-11-07 07h49 +00:00 Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local attackers to bypass restrictions on starting activities from the background.
7.1
High
CVE-2023-42530 2023-11-07 07h49 +00:00 Improper access control vulnerability in SecSettings prior to SMR Nov-2023 Release 1 allows attackers to enable Wi-Fi and Wi-Fi Direct without User Interaction.
7.5
High
CVE-2023-42529 2023-11-07 07h49 +00:00 Out-of-bound write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to execute arbitrary code.
7.8
High
CVE-2023-42528 2023-11-07 07h49 +00:00 Improper Input Validation vulnerability in ProcessNvBuffering of libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.
7.8
High
CVE-2023-42527 2023-11-07 07h49 +00:00 Improper input validation vulnerability in ProcessWriteFile of libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to expose sensitive information.
5.6
Medium
CVE-2023-30739 2023-11-07 07h45 +00:00 Arbitrary File Descriptor Write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.
7.8
High
CVE-2023-30727 2023-10-04 03h02 +00:00 Improper access control vulnerability in SecSettings prior to SMR Oct-2023 Release 1 allows attackers to enable Wi-Fi and connect arbitrary Wi-Fi without User Interaction.
7.5
High
CVE-2023-30692 2023-10-04 03h02 +00:00 Improper input validation vulnerability in Evaluator prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities.
8.5
High
CVE-2023-30690 2023-10-04 03h01 +00:00 Improper input validation vulnerability in Duo prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities.
8.5
High
CVE-2023-30721 2023-09-06 03h12 +00:00 Insertion of sensitive information into log vulnerability in Locksettings prior to SMR Sep-2023 Release 1 allows a privileged local attacker to get lock screen match information from the log.
4.4
Medium
CVE-2023-30720 2023-09-06 03h12 +00:00 PendingIntent hijacking in LmsAssemblyTrackerCTC prior to SMR Sep-2023 Release 1 allows local attacker to gain arbitrary file access.
5.5
Medium
CVE-2023-30719 2023-09-06 03h12 +00:00 Exposure of Sensitive Information vulnerability in InboundSmsHandler prior to SMR Sep-2023 Release 1 allows local attackers to access certain message data.
4
Medium
CVE-2023-30718 2023-09-06 03h12 +00:00 Improper export of android application components vulnerability in WifiApAutoHotspotEnablingActivity prior to SMR Sep-2023 Release 1 allows local attacker to change a Auto Hotspot setting.
4
Medium
CVE-2023-30717 2023-09-06 03h12 +00:00 Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to get unresettable identifiers.
4
Medium
CVE-2023-30716 2023-09-06 03h12 +00:00 Improper access control vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to trigger certain commands.
5.5
Medium
CVE-2023-30715 2023-09-06 03h12 +00:00 Improper access control vulnerability in Weather prior to SMR Sep-2023 Release 1 allows attackers to access location information set in Weather without permission.
4
Medium
CVE-2023-30714 2023-09-06 03h12 +00:00 Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR Sep-2023 Release 1 allows physical attackers to change some settings of the folder lock.
4.6
Medium
CVE-2023-30713 2023-09-06 03h11 +00:00 Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep-2023 Release 1 allows local attackers to change some settings of the folder lock.
6.2
Medium
CVE-2023-30712 2023-09-06 03h11 +00:00 Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity.
7.8
High
CVE-2023-30711 2023-09-06 03h11 +00:00 Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider.
4
Medium
CVE-2023-30710 2023-09-06 03h11 +00:00 Improper input validation vulnerability in Knox AI prior to SMR Sep-2023 Release 1 allows local attackers to launch privileged activities.
8.5
High
CVE-2023-30709 2023-09-06 03h11 +00:00 Improper access control in Dual Messenger prior to SMR Sep-2023 Release 1 allows local attackers launch activity with system privilege.
7.9
High
CVE-2023-30708 2023-09-06 03h11 +00:00 Improper authentication in SecSettings prior to SMR Sep-2023 Release 1 allows attacker to access Captive Portal Wi-Fi in Reactivation Lock status.
7.5
High
CVE-2023-30707 2023-09-06 03h11 +00:00 Improper input validation vulnerability in FileProviderStatusReceiver in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows local attackers to delete arbitrary files with Samsung Keyboard privilege.
7.1
High
CVE-2023-30706 2023-09-06 03h11 +00:00 Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to read arbitrary file with system privilege.
7.5
High
CVE-2023-30701 2023-08-10 01h18 +00:00 PendingIntent hijacking in WifiGeofenceManager prior to SMR Aug-2023 Release 1 allows local attacker to arbitrary file access.
5.5
Medium
CVE-2023-30700 2023-08-10 01h18 +00:00 PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in framework prior to SMR Aug-2023 Release 1 allows local attackers to access ContentProvider without proper permission.
5.3
Medium
CVE-2023-30699 2023-08-10 01h18 +00:00 Out-of-bounds write vulnerability in parser_hvcC function of libsimba library prior to SMR Aug-2023 Release 1 allows code execution by remote attackers.
9.8
Critical
CVE-2023-30697 2023-08-10 01h18 +00:00 An improper input validation in IpcTxCfgSetSimlockPayload in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.
7.8
High
CVE-2023-30696 2023-08-10 01h18 +00:00 An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.
7.8
High
CVE-2023-30694 2023-08-10 01h18 +00:00 Out-of-bounds Write in IpcTxPcscTransmitApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
7.8
High
CVE-2023-30693 2023-08-10 01h18 +00:00 Out-of-bounds Write in DoOemFactorySendFactoryBypassCommand of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
7.8
High
CVE-2023-30691 2023-08-10 01h18 +00:00 Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to privilege escalation.
8.4
High
CVE-2023-30689 2023-08-10 01h18 +00:00 Out-of-bounds Write in BuildOemEmbmsGetSigStrengthResponse of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
7.8
High
CVE-2023-30688 2023-08-10 01h18 +00:00 Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
7.8
High
CVE-2023-30687 2023-08-10 01h18 +00:00 Out-of-bounds Write in RmtUimApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
7.8
High
CVE-2023-30686 2023-08-10 01h18 +00:00 Out-of-bounds Write in ReqDataRaw of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.
7.8
High
CVE-2023-30685 2023-08-10 01h18 +00:00 Improper access control vulnerability in Telecom prior to SMR Aug-2023 Release 1 allows local attakcers to change TTY mode.
4.3
Medium
CVE-2023-30681 2023-08-10 01h18 +00:00 An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.
7.8
High
CVE-2023-30679 2023-08-10 01h18 +00:00 Improper access control in HDCP trustlet prior to SMR Aug-2023 Release 1 allows local attackers to execute arbitrary code.
7.8
High
CVE-2023-30654 2023-08-10 01h17 +00:00 Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location.
6.7
Medium
CVE-2023-30670 2023-07-06 02h51 +00:00 Out-of-bounds Write in BuildIpcFactoryDeviceTestEvent of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code.
7.8
High
CVE-2023-30669 2023-07-06 02h51 +00:00 Out-of-bounds Write in DoOemFactorySendFactoryTestResult of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code.
7.8
High
CVE-2023-30668 2023-07-06 02h51 +00:00 Out-of-bounds Write in BuildOemSecureSimLockResponse of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code.
7.8
High
CVE-2023-30666 2023-07-06 02h51 +00:00 Improper input validation vulnerability in DoOemImeiSetPreconfig in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write.
7.8
High
CVE-2023-30665 2023-07-06 02h51 +00:00 Improper input validation vulnerability in OnOemServiceMode in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds read.
4.4
Medium
CVE-2023-30664 2023-07-06 02h51 +00:00 Improper input validation vulnerability in RegisteredMSISDN prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
8.5
High
CVE-2023-30663 2023-07-06 02h51 +00:00 Improper input validation vulnerability in OemPersonalizationSetLock in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write.
7.8
High
CVE-2023-30657 2023-07-06 02h51 +00:00 Improper input validation vulnerability in EnhancedAttestationResult prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
7.8
High
CVE-2023-30656 2023-07-06 02h51 +00:00 Improper input validation vulnerability in LSOItemData prior to SMR Jul-2023 Release 1 allows attackers to launch certain activities.
8.5
High
CVE-2023-30655 2023-07-06 02h51 +00:00 Improper input validation vulnerability in SCEPProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
8.5
High
CVE-2023-30653 2023-07-06 02h50 +00:00 Out of bounds read and write in enableTspDevice of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code.
7.8
High
CVE-2023-30652 2023-07-06 02h50 +00:00 Out of bounds read and write in callrunTspCmdNoRead of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code.
7.8
High
CVE-2023-30651 2023-07-06 02h50 +00:00 Out of bounds read and write in callgetTspsysfs of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code.
7.8
High
CVE-2023-30650 2023-07-06 02h50 +00:00 Out of bounds read and write in callrunTspCmd of sysinput HAL service prior to SMR Jul-2023 Release 1 allows local attackers to execute arbitrary code.
7.8
High
CVE-2023-30649 2023-07-06 02h50 +00:00 Heap out of bound write vulnerability in RmtUimNeedApdu of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.
7.8
High
CVE-2023-30648 2023-07-06 02h50 +00:00 Stack out-of-bounds write vulnerability in IpcRxImeiUpdateImeiNoti of RILD priro to SMR Jul-2023 Release 1 cause a denial of service on the system.
5.5
Medium
CVE-2023-30647 2023-07-06 02h50 +00:00 Heap out of bound write vulnerability in IpcRxUsimPhoneBookCapa of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.
7.8
High
CVE-2023-30646 2023-07-06 02h50 +00:00 Heap out of bound write vulnerability in BroadcastSmsConfig of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.
7.8
High
CVE-2023-30645 2023-07-06 02h50 +00:00 Heap out of bound write vulnerability in IpcRxIncomingCBMsg of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.
7.8
High
CVE-2023-30644 2023-07-06 02h50 +00:00 Stack out of bound write vulnerability in CdmaSmsParser of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code.
7.8
High
CVE-2023-30643 2023-07-06 02h50 +00:00 Missing authentication vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1 allows local attackers to delete arbitrary non-preloaded applications.
7.7
High
CVE-2023-30640 2023-07-06 02h44 +00:00 Improper access control vulnerability in PersonaManagerService prior to SMR Jul-2023 Release 1 allows local attackers to change confiugration.
4.3
Medium
CVE-2023-21512 2023-06-27 22h00 +00:00 Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission.
3.3
Low
CVE-2023-21513 2023-06-27 22h00 +00:00 Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition.
6.8
Medium
CVE-2023-21492 2023-05-04 00h00 +00:00 Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR.
4.4
Medium
CVE-2023-21449 2023-03-16 00h00 +00:00 Improper access control vulnerability in Call application prior to SMR Mar-2023 Release 1 allows local attackers to access sensitive information without proper permission.
5.5
Medium
CVE-2023-21459 2023-03-16 00h00 +00:00 Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault.
9.8
Critical