Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-43516 |
Memory corruption when malformed message payload is received from firmware. Published: February 06, 2024; 1:16:01 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-43513 |
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. Published: February 06, 2024; 1:16:01 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-33077 |
Memory corruption in HLOS while converting from authorization token to HIDL vector. Published: February 06, 2024; 1:16:00 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-33076 |
Memory corruption in Core when updating rollback version for TA and OTA feature is enabled. Published: February 06, 2024; 1:16:00 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-33072 |
Memory corruption in Core while processing control functions. Published: February 06, 2024; 1:16:00 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-33069 |
Memory corruption in Audio while processing the calibration data returned from ACDB loader. Published: February 06, 2024; 1:16:00 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-33068 |
Memory corruption in Audio while processing IIR config data from AFE calibration block. Published: February 06, 2024; 1:16:00 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-33067 |
Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. Published: February 06, 2024; 1:16:00 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-33065 |
Information disclosure in Audio while accessing AVCS services from ADSP payload. Published: February 06, 2024; 1:15:59 AM -0500 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0:(not available) |
CVE-2023-33064 |
Transient DOS in Audio when invoking callback function of ASM driver. Published: February 06, 2024; 1:15:59 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-33060 |
Transient DOS in Core when DDR memory check is called while DDR is not initialized. Published: February 06, 2024; 1:15:59 AM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-33058 |
Information disclosure in Modem while processing SIB5. Published: February 06, 2024; 1:15:59 AM -0500 |
V4.0:(not available) V3.1: 9.1 CRITICAL V2.0:(not available) |
CVE-2023-33057 |
Transient DOS in Multi-Mode Call Processor while processing UE policy container. Published: February 06, 2024; 1:15:59 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-33049 |
Transient DOS in Multi-Mode Call Processor due to UE failure because of heap leakage. Published: February 06, 2024; 1:15:59 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-33046 |
Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation. Published: February 06, 2024; 1:15:58 AM -0500 |
V4.0:(not available) V3.1: 7.0 HIGH V2.0:(not available) |
CVE-2024-23304 |
Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by performing certain operations. Published: February 06, 2024; 12:15:10 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2024-24808 |
pyLoad is an open-source Download Manager written in pure Python. There is an open redirect vulnerability due to incorrect validation of input values when redirecting users after login. pyLoad is validating URLs via the `get_redirect_url` function when redirecting users at login. This vulnerability has been patched with commit fe94451. Published: February 05, 2024; 11:15:08 PM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2024-20828 |
Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication. Published: February 05, 2024; 10:15:11 PM -0500 |
V4.0:(not available) V3.1: 4.6 MEDIUM V2.0:(not available) |
CVE-2024-20827 |
Improper access control vulnerability in Samsung Gallery prior to version 14.5.04.4 allows physical attackers to access the picture using physical keyboard on the lockscreen. Published: February 05, 2024; 10:15:10 PM -0500 |
V4.0:(not available) V3.1: 4.6 MEDIUM V2.0:(not available) |
CVE-2024-20826 |
Implicit intent hijacking vulnerability in UPHelper library prior to version 4.0.0 allows local attackers to access sensitive information via implicit intent. Published: February 05, 2024; 10:15:10 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |