A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address.
NVD-CWE-noinfo
CVE-2021-25471
A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion.
CVE-2021-25373
Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.
CVE-2021-25398
Intent redirection vulnerability in Bixby Voice prior to version 3.1.12 allows attacker to access contacts.
CVE-2021-25399
Improper configuration in Smart Manager prior to version 11.0.05.0 allows attacker to access the file with system privilege.
CVE-2021-25413
Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to get permissions to access arbitrary data with Samsung Contacts privilege.
