CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
Phone, S9+_firmware, S9+, S10_firmware, S10, Xcover_4_firmware, Xcover_4, Scx-824_firmware, Scx-824, Galaxy_s6_edge_firmware
2023-02-21
N/A
5.5 MEDIUM
Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture.
Phone, S9+_firmware, S9+, S10_firmware, S10, Xcover_4_firmware, Xcover_4, Scx-824_firmware, Scx-824, Galaxy_s6_edge_firmware
2023-02-21
N/A
7.8 HIGH
Improper input validation vulnerability in UwbDataTxStatusEvent prior to SMR Feb-2023 Release 1 allows attackers to launch certain activities.
Phone, S9+_firmware, S9+, S10_firmware, S10, Xcover_4_firmware, Xcover_4, Scx-824_firmware, Scx-824, Galaxy_s6_edge_firmware
2023-02-21
N/A
2.4 LOW
Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder.
Phone, S9+_firmware, S9+, S10_firmware, S10, Xcover_4_firmware, Xcover_4, Scx-824_firmware, Scx-824, Galaxy_s6_edge_firmware
2023-02-21
N/A
5.5 MEDIUM
Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast.
Phone, S9+_firmware, S9+, S10_firmware, S10, Xcover_4_firmware, Xcover_4, Scx-824_firmware, Scx-824, Galaxy_s6_edge_firmware
2023-02-21
N/A
3.3 LOW
Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID.
Phone, S9+_firmware, S9+, S10_firmware, S10, Xcover_4_firmware, Xcover_4, Scx-824_firmware, Scx-824, Galaxy_s6_edge_firmware
2023-02-21
N/A
5.5 MEDIUM
Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log.
Phone, S9+_firmware, S9+, S10_firmware, S10, Xcover_4_firmware, Xcover_4, Scx-824_firmware, Scx-824, Galaxy_s6_edge_firmware
2023-02-17
N/A
6.1 MEDIUM
Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page.
Phone, S9+_firmware, S9+, S10_firmware, S10, Xcover_4_firmware, Xcover_4, Scx-824_firmware, Scx-824, Galaxy_s6_edge_firmware
2023-02-17
N/A
7.8 HIGH
Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store.
Phone, S9+_firmware, S9+, S10_firmware, S10, Xcover_4_firmware, Xcover_4, Scx-824_firmware, Scx-824, Galaxy_s6_edge_firmware
2023-02-21
N/A
7.8 HIGH
Improper access control vulnerabilities in Smart Things prior to 1.7.93 allows to attacker to invite others without authorization of the owner.
Phone, S9+_firmware, S9+, S10_firmware, S10, Xcover_4_firmware, Xcover_4, Scx-824_firmware, Scx-824, Galaxy_s6_edge_firmware
2023-02-17
N/A
3.3 LOW
Improper input validation in Bixby Vision prior to version 3.7.70.17 allows attacker to access data of Bixby Vision.