Filtered by vendor Samsung
Subscriptions
Total
1118 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-20839 | 2 Google, Samsung | 2 Android, Voice Recorder | 2024-12-23 | 4.6 Medium |
Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers to access recording files on the lock screen. | ||||
CVE-2024-20838 | 1 Samsung | 1 Internet | 2024-12-23 | 6.8 Medium |
Improper validation vulnerability in Samsung Internet prior to version 24.0.3.2 allows local attackers to execute arbitrary code. | ||||
CVE-2024-20837 | 1 Samsung | 1 Internet | 2024-12-23 | 5.3 Medium |
Improper handling of granting permission for Trusted Web Activities in Samsung Internet prior to version 24.0.0.41 allows local attackers to grant permission to their own TWA WebApps without user interaction. | ||||
CVE-2023-21513 | 1 Samsung | 1 Android | 2024-12-05 | 6.1 Medium |
Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition. | ||||
CVE-2023-21517 | 1 Samsung | 1 Exynos | 2024-12-05 | 8.8 High |
Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code. | ||||
CVE-2024-39890 | 1 Samsung | 1 Mobile Processor Wearable Processor And Modems | 2024-12-03 | 8.1 High |
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The baseband software does not properly check the length specified by the CC (Call Control). This can lead to an Out-of-Bounds write. | ||||
CVE-2024-49413 | 1 Samsung | 1 Android | 2024-12-03 | 7.1 High |
Improper Verification of Cryptographic Signature in SmartSwitch prior to SMR Dec-2024 Release 1 allows local attackers to install malicious applications. | ||||
CVE-2024-49411 | 1 Samsung | 1 Android | 2024-12-03 | 4.3 Medium |
Path Traversal in ThemeCenter prior to SMR Dec-2024 Release 1 allows physical attackers to copy apk files to arbitrary path with ThemeCenter privilege. | ||||
CVE-2024-49414 | 1 Samsung | 1 Android | 2024-12-03 | 2.4 Low |
Authentication Bypass Using an Alternate Path in Dex Mode prior to SMR Dec-2024 Release 1 allows physical attackers to temporarily access to recent app list. | ||||
CVE-2024-49415 | 1 Samsung | 1 Android | 2024-12-03 | 8.1 High |
Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code. | ||||
CVE-2023-42558 | 1 Samsung | 1 Android | 2024-12-02 | 6 Medium |
Out of bounds write vulnerability in HDCP in HAL prior to SMR Dec-2023 Release 1 allows attacker to perform code execution. | ||||
CVE-2023-42564 | 1 Samsung | 1 Android | 2024-12-02 | 6.6 Medium |
Improper access control in knoxcustom service prior to SMR Dec-2023 Release 1 allows attacker to send broadcast with system privilege. | ||||
CVE-2023-42571 | 1 Samsung | 1 Find My Mobile | 2024-12-02 | 7.6 High |
Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device. | ||||
CVE-2023-41268 | 1 Samsung | 1 Escargot | 2024-12-02 | 5.3 Medium |
Improper input validation vulnerability in Samsung Open Source Escargot allows stack overflow and segmentation fault. This issue affects Escargot: from 3.0.0 through 4.0.0. | ||||
CVE-2023-50803 | 1 Samsung | 26 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 23 more | 2024-11-26 | 3.7 Low |
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay protection specified by the NAS (Non-Access-Stratum) module. This can lead to denial of service. | ||||
CVE-2023-30644 | 1 Samsung | 1 Android | 2024-11-21 | 7.8 High |
Stack out of bound write vulnerability in CdmaSmsParser of RILD prior to SMR Jul-2023 Release 1 allows attackers to execute arbitrary code. | ||||
CVE-2024-34603 | 1 Samsung | 1 Android | 2024-11-21 | 4 Medium |
Improper access control in Samsung Message prior to SMR Jul-2024 Release 1 allows local attackers to access location data. | ||||
CVE-2024-34602 | 1 Samsung | 1 Android | 2024-11-21 | 3.3 Low |
Use of implicit intent for sensitive communication in Samsung Messages prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability. | ||||
CVE-2024-34601 | 1 Samsung | 1 Galaxystore | 2024-11-21 | 5.9 Medium |
Improper verification of intent by broadcast receiver vulnerability in GalaxyStore prior to version 4.5.81.0 allows local attackers to launch unexported activities of GalaxyStore. | ||||
CVE-2024-34600 | 1 Samsung | 1 Flow | 2024-11-21 | 4.4 Medium |
Improper verification of intent by broadcast receiver vulnerability in Samsung Flow prior to version 4.9.13.0 allows local attackers to copy image files to external storage. |