Search Results (11736 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-48295 1 Huawei 2 Emui, Harmonyos 2025-03-25 7.5 High
The IHwAntiMalPlugin interface lacks permission verification. Successful exploitation of this vulnerability can lead to filling problems (batch installation of applications).
CVE-2022-30564 1 Dahuasecurity 194 Ipc-hf5241f-ze, Ipc-hf5241f-ze Firmware, Ipc-hf5442f-ze and 191 more 2025-03-25 5.3 Medium
Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time.
CVE-2022-48301 1 Huawei 2 Emui, Harmonyos 2025-03-24 7.5 High
The bundle management module lacks permission verification in some APIs. Successful exploitation of this vulnerability may restore the pre-installed apps that have been uninstalled.
CVE-2022-48294 1 Huawei 2 Emui, Harmonyos 2025-03-24 7.5 High
The IHwAttestationService interface has a defect in authentication. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2023-21421 1 Samsung 1 Android 2025-03-24 5.9 Medium
Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN.
CVE-2023-21422 1 Samsung 1 Android 2025-03-24 5.7 Medium
Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService.
CVE-2023-21423 1 Samsung 1 Android 2025-03-24 5.1 Medium
Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action.
CVE-2023-21424 1 Samsung 1 Android 2025-03-24 5.1 Medium
Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper prior to SMR Jan-2023 Release 1 allows attacker to modify network related values, network code, carrier id and operator brand.
CVE-2023-21425 1 Samsung 1 Android 2025-03-24 4.3 Medium
Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1 allows local attackers to get sensitive information.
CVE-2023-21427 1 Samsung 1 Android 2025-03-24 5.4 Medium
Improper access control vulnerability in NfcTile prior to SMR Jan-2023 Release 1 allows to attacker to use NFC without user recognition.
CVE-2023-24688 1 Mojoportal 1 Mojoportal 2025-03-24 5.3 Medium
An issue in Mojoportal v2.7.0.0 allows an unauthenticated attacker to register a new user even if the Allow User Registrations feature is disabled.
CVE-2023-21429 1 Samsung 1 Android 2025-03-24 4 Medium
Improper usage of implict intent in ePDG prior to SMR JAN-2023 Release 1 allows attacker to access SSID.
CVE-2023-21442 1 Samsung 1 Android 2025-03-24 4 Medium
Improper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R(11) and 3.2.01.007 in Android S(12) allows local attackers to get device location information.
CVE-2023-21445 1 Samsung 1 Android 2025-03-24 5.5 Medium
Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13) allows local attacker to write file with MyFiles privilege via implicit intent.
CVE-2023-21447 1 Samsung 1 Cloud 2025-03-24 4 Medium
Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent.
CVE-2023-21419 1 Google 1 Android 2025-03-24 4.3 Medium
An improper implementation logic in Secure Folder prior to SMR Jan-2023 Release 1 allows the Secure Folder container remain unlocked under certain condition.
CVE-2023-21432 1 Samsung 1 Smart Things 2025-03-24 4.2 Medium
Improper access control vulnerabilities in Smart Things prior to 1.7.93 allows to attacker to invite others without authorization of the owner.
CVE-2023-21433 1 Samsung 1 Galaxy Store 2025-03-24 7.8 High
Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store.
CVE-2023-21436 1 Samsung 1 Android 2025-03-24 3.3 Low
Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID.
CVE-2023-21437 1 Samsung 1 Android 2025-03-24 4 Medium
Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast.