Filtered by vendor Samsung
Subscriptions
Total
1419 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49405 | 1 Samsung | 1 Pass | 2024-11-13 | 5.3 Medium |
| Improper authentication in Private Info in Samsung Pass in prior to version 4.4.04.7 allows physical attackers to access sensitive information in a specific scenario. | ||||
| CVE-2024-49406 | 1 Samsung | 1 Blockchain Keystore | 2024-11-13 | 6.7 Medium |
| Improper validation of integrity check value in Blockchain Keystore prior to version 1.3.16 allows local attackers to modify transaction. Root privilege is required for triggering this vulnerability. | ||||
| CVE-2024-49407 | 1 Samsung | 1 Flow | 2024-11-13 | 4.6 Medium |
| Improper access control in Samsung Flow prior to version 4.9.15.7 allows physical attackers to access data across multiple user profiles. | ||||
| CVE-2024-49408 | 1 Samsung | 2 Galaxy S24, Galaxy S24 Firmware | 2024-11-13 | 6.4 Medium |
| Out-of-bounds write in usb driver prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulnerability. | ||||
| CVE-2024-49409 | 1 Samsung | 2 Galaxy S24, Galaxy S24 Firmware | 2024-11-13 | 6.4 Medium |
| Out-of-bounds write in Battery Full Capacity node prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulnerability. | ||||
| CVE-2024-49401 | 1 Samsung | 1 Android | 2024-11-12 | 5.1 Medium |
| Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities. | ||||
| CVE-2024-34679 | 1 Samsung | 1 Android | 2024-11-12 | 4 Medium |
| Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege. | ||||
| CVE-2024-34674 | 1 Samsung | 1 Android | 2024-11-12 | 4.6 Medium |
| Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles. | ||||
| CVE-2024-34675 | 1 Samsung | 1 Android | 2024-11-12 | 2.4 Low |
| Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen. | ||||
| CVE-2024-34677 | 1 Samsung | 1 Android | 2024-11-12 | 4 Medium |
| Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate. | ||||
| CVE-2024-34680 | 1 Samsung | 1 Android | 2024-11-12 | 4 Medium |
| Use of implicit intent for sensitive communication in WlanTest prior to SMR Nov-2024 Release 1 allows local attackers to get sensitive information. | ||||
| CVE-2024-34676 | 1 Samsung | 1 Android | 2024-11-12 | 4.4 Medium |
| Out-of-bounds write in parsing subtitle file in libsubextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. User interaction is required for triggering this vulnerability. | ||||
| CVE-2024-34678 | 1 Samsung | 1 Android | 2024-11-12 | 5.9 Medium |
| Out-of-bounds write in libsapeextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. | ||||
| CVE-2024-49402 | 1 Samsung | 1 Android | 2024-11-12 | 4.6 Medium |
| Improper input validation in Dressroom prior to SMR Nov-2024 Release 1 allow physical attackers to access data across multiple user profiles. | ||||
| CVE-2024-34669 | 1 Samsung | 1 Android | 2024-11-01 | 7.5 High |
| Out-of-bounds write in parsing h.263+ format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | ||||
| CVE-2024-34668 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2024-10-30 | 7.5 High |
| Out-of-bounds write in parsing h.263 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | ||||
| CVE-2024-34667 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2024-10-30 | 7.5 High |
| Out-of-bounds write in parsing h.265 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | ||||
| CVE-2024-34666 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2024-10-30 | 7.5 High |
| Out-of-bounds write in parsing h.264 format in a specific mode in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | ||||
| CVE-2024-34665 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2024-10-30 | 7.5 High |
| Out-of-bounds write in parsing h.264 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | ||||
| CVE-2024-31960 | 2 Samsung, Samsung Mobile | 5 Exynos 1480, Exynos 1480 Firmware, Exynos 2400 and 2 more | 2024-09-24 | 7.8 High |
| An issue was discovered in Samsung Mobile Processor Exynos 1480, Exynos 2400. The xclipse amdgpu driver has a reference count bug. This can lead to a use after free. | ||||