Tagged: Cybersecurity Alert

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the...

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by...

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by...

In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the...

In Modem, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by...

In Modem, there is a possible application crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the...

The Cost Calculator Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteOrdersFiles() function in all versions up to, and including, 3.6.3. This makes it...

The BlockArt Blocks – Gutenberg Blocks, Page Builder Blocks ,WordPress Block Plugin, Sections & Template Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘timestamp’ attribute in all versions up to,...

Improper access control in MPLocalService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12

Improper export of android application components in Galaxy Store for Galaxy Watch prior to version 1.0.06.29 allows local attacker to install arbitrary application on Galaxy Store. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12

Incorrect default permissions in Samsung Cloud Assistant prior to version 8.0.03.8 allows local attacker to access partial data in sandbox. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12

Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbitrary script. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12

Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12

Improper authorization in Samsung Account prior to version 15.5.01.1 allows local attacker to launch arbitrary activity with Samsung Account privilege. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=12