Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent.
samsung
CVE-2023-21448
Path traversal vulnerability in Samsung Cloud prior to version 5.3.0.32 allows attacker to access specific png file.
CVE-2023-21450
Missing Authorization vulnerability in One Hand Operation + prior to version 6.1.21 allows multi-users to access owner's widget without authorization via gesture setting.
CVE-2023-21451
A Stack-based overflow vulnerability in IpcRxEmbmsSessionList in SECRIL prior to Android S(12) allows attacker to cause memory corruptions.
CVE-2018-3876
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core’s HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 64 bytes. An attacker can send an arbitrarily long “bucket” value in order to exploit this vulnerability.