Improper input validation vulnerability in parser_infe and sheifd_find_itemIndexin fuctions of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by privileged attackers.

Heap-based buffer overflow vulnerability in parser_ipma function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers.

Heap-based buffer overflow vulnerability in sheifd_get_info_image function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.

Heap-based buffer overflow vulnerability in parser_single_iref function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.

Heap-based buffer overflow vulnerability in parser_infe function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.

Heap-based buffer overflow vulnerability in parser_iloc function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.

Null pointer dereference vulnerability in parser_hvcC function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attackers.

Null pointer dereference vulnerability in parser_infe function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds read by remote attackers.

Heap-based buffer overflow vulnerability in sheifd_create function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers.

Null pointer dereference vulnerability in parser_unknown_property function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.

Null pointer dereference vulnerability in parser_ispe function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.

Null pointer dereference vulnerability in parser_colr function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.

Null pointer dereference vulnerability in parser_auxC function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.

Null pointer dereference vulnerability in parser_irot function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.

Improper boundary check in Quram Agif library prior to SMR Apr-2022 Release 1 allows arbitrary code execution.

Improper access control vulnerability in Knox Manage prior to SMR Apr-2022 Release 1 allows that physical attackers can bypass Knox Manage using a function key of hardware keyboard.

Improper access control vulnerability in SamsungContacts prior to SMR Apr-2022 Release 1 allows that attackers can access contact information without permission.

Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission.

Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to access secured data in certain conditions.

In A-GPS, there is a possible man in the middle attack due to improper certificate validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06461919; Issue ID: ALPS06461919.