Filtered by vendor Samsung
Subscriptions
Filtered by product Android
Subscriptions
Total
331 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-34682 | 1 Samsung | 1 Android | 2024-11-13 | 2.4 Low |
| Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode. | ||||
| CVE-2024-49404 | 1 Samsung | 2 Android, Video Player | 2024-11-13 | 5.5 Medium |
| Improper Access Control in Samsung Video Player prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows physical attackers to access video file of other users. | ||||
| CVE-2024-49401 | 1 Samsung | 1 Android | 2024-11-12 | 5.1 Medium |
| Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities. | ||||
| CVE-2024-34679 | 1 Samsung | 1 Android | 2024-11-12 | 4 Medium |
| Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege. | ||||
| CVE-2024-34674 | 1 Samsung | 1 Android | 2024-11-12 | 4.6 Medium |
| Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles. | ||||
| CVE-2024-34675 | 1 Samsung | 1 Android | 2024-11-12 | 2.4 Low |
| Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen. | ||||
| CVE-2024-34677 | 1 Samsung | 1 Android | 2024-11-12 | 4 Medium |
| Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate. | ||||
| CVE-2024-34680 | 1 Samsung | 1 Android | 2024-11-12 | 4 Medium |
| Use of implicit intent for sensitive communication in WlanTest prior to SMR Nov-2024 Release 1 allows local attackers to get sensitive information. | ||||
| CVE-2024-34676 | 1 Samsung | 1 Android | 2024-11-12 | 4.4 Medium |
| Out-of-bounds write in parsing subtitle file in libsubextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. User interaction is required for triggering this vulnerability. | ||||
| CVE-2024-34678 | 1 Samsung | 1 Android | 2024-11-12 | 5.9 Medium |
| Out-of-bounds write in libsapeextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. | ||||
| CVE-2024-49402 | 1 Samsung | 1 Android | 2024-11-12 | 4.6 Medium |
| Improper input validation in Dressroom prior to SMR Nov-2024 Release 1 allow physical attackers to access data across multiple user profiles. | ||||
| CVE-2024-34669 | 1 Samsung | 1 Android | 2024-11-01 | 7.5 High |
| Out-of-bounds write in parsing h.263+ format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | ||||
| CVE-2024-34668 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2024-10-30 | 7.5 High |
| Out-of-bounds write in parsing h.263 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | ||||
| CVE-2024-34667 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2024-10-30 | 7.5 High |
| Out-of-bounds write in parsing h.265 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | ||||
| CVE-2024-34666 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2024-10-30 | 7.5 High |
| Out-of-bounds write in parsing h.264 format in a specific mode in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | ||||
| CVE-2024-34665 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2024-10-30 | 7.5 High |
| Out-of-bounds write in parsing h.264 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | ||||
| CVE-2024-34641 | 1 Samsung | 1 Android | 2024-09-06 | 5.1 Medium |
| Improper Export of Android Application Components in FeliCaTest prior to SMR Sep-2024 Release 1 allows local attackers to enable NFC configuration. | ||||
| CVE-2024-34637 | 1 Samsung | 1 Android | 2024-09-05 | 6.2 Medium |
| Improper access control in WindowManagerService prior to SMR Sep-2024 Release 1 in Android 12, and SMR Jun-2024 Release 1 in Android 13 and Android 14 allows local attackers to bypass restrictions on starting services from the background. | ||||
| CVE-2024-34638 | 1 Samsung | 1 Android | 2024-09-05 | 6.7 Medium |
| Improper handling of exceptional conditions in ThemeCenter prior to SMR Sep-2024 Release 1 allows local attackers to delete non-preloaded applications. | ||||
| CVE-2024-34648 | 1 Samsung | 1 Android | 2024-09-05 | 5.1 Medium |
| Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1 allows local attackers to access sensitive data. | ||||