Filtered by vendor Samsung
Subscriptions
Total
1118 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-34599 | 2 Google, Samsung | 2 Android, Tips | 2024-11-21 | 4 Medium |
Improper input validation in Tips prior to version 6.2.9.4 in Android 14 allows local attacker to send broadcast with Tips' privilege. | ||||
CVE-2024-34597 | 1 Samsung | 1 Health | 2024-11-21 | 4.4 Medium |
Improper input validation in Samsung Health prior to version 6.27.0.113 allows local attackers to write arbitrary document files to the sandbox of Samsung Health. User interaction is required for triggering this vulnerability. | ||||
CVE-2024-34596 | 1 Samsung | 1 Smartthings | 2024-11-21 | 5.9 Medium |
Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner. | ||||
CVE-2024-34595 | 1 Samsung | 1 Android | 2024-11-21 | 7.8 High |
Improper access control in clickAdapterItem of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities. | ||||
CVE-2024-34594 | 1 Samsung | 1 Android | 2024-11-21 | 5.5 Medium |
Exposure of sensitive information in proc file system prior to SMR Jul-2024 Release 1 allows local attackers to read kernel memory address. | ||||
CVE-2024-34593 | 1 Samsung | 1 Android | 2024-11-21 | 7.5 High |
Improper input validation in parsing and distributing RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | ||||
CVE-2024-34592 | 1 Samsung | 1 Android | 2024-11-21 | 5.3 Medium |
Improper input validation in parsing RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability. | ||||
CVE-2024-34591 | 1 Samsung | 1 Android | 2024-11-21 | 5.3 Medium |
Improper input validation in parsing an item data from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability. | ||||
CVE-2024-34590 | 1 Samsung | 1 Android | 2024-11-21 | 5.3 Medium |
Improper input validation혻in parsing an item type from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability. | ||||
CVE-2024-34589 | 1 Samsung | 1 Android | 2024-11-21 | 5.3 Medium |
Improper input validation in parsing RTCP RR packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability. | ||||
CVE-2024-34588 | 1 Samsung | 1 Android | 2024-11-21 | 5.3 Medium |
Improper input validation혻in parsing RTCP SR packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability. | ||||
CVE-2024-34587 | 1 Samsung | 1 Android | 2024-11-21 | 7.5 High |
Improper input validation in parsing application information from RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | ||||
CVE-2024-34586 | 1 Samsung | 1 Android | 2024-11-21 | 5.9 Medium |
Improper access control in KnoxCustomManagerService prior to SMR Jul-2024 Release 1 allows local attackers to configure Knox privacy policy. | ||||
CVE-2024-34585 | 1 Samsung | 1 Android | 2024-11-21 | 7.8 High |
Improper access control in launchApp of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities. | ||||
CVE-2024-34583 | 1 Samsung | 1 Android | 2024-11-21 | 4 Medium |
Improper access control in system property prior to SMR Jul-2024 Release 1 allows local attackers to get device identifier. | ||||
CVE-2024-32671 | 1 Samsung | 1 Escargot | 2024-11-21 | 9.8 Critical |
Heap-based Buffer Overflow vulnerability in Samsung Open Source Escargot JavaScript engine allows Overflow Buffers.This issue affects Escargot: 4.0.0. | ||||
CVE-2024-32670 | 1 Samsung | 1 Galaxy Smarttag2 | 2024-11-21 | N/A |
Exposure of Sensitive Information to an Unauthorized Actor in Samsung Galaxy SmartTag2 prior to 0.20.04 allows attackes to potentially identify the tag's location by scanning the BLE adversting. | ||||
CVE-2024-32504 | 1 Samsung | 16 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 13 more | 2024-11-21 | 8.4 High |
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper length checking, which can result in an OOB (Out-of-Bounds) Write vulnerability. | ||||
CVE-2024-32503 | 1 Samsung | 16 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 13 more | 2024-11-21 | 8.4 High |
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper memory deallocation checking, which can result in a UAF (Use-After-Free) vulnerability. | ||||
CVE-2024-31959 | 1 Samsung | 3 Exynos 1480, Exynos 2200, Exynos 2400 | 2024-11-21 | 8.4 High |
An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native handles, which can result in code execution. |