Filtered by vendor Samsung
Subscribe
Total
989 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-49408 | 1 Samsung | 2 Galaxy S24, Galaxy S24 Firmware | 2024-11-13 | N/A | 6.7 MEDIUM |
| Out-of-bounds write in usb driver prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulnerability. | |||||
| CVE-2024-49409 | 1 Samsung | 2 Galaxy S24, Galaxy S24 Firmware | 2024-11-13 | N/A | 6.7 MEDIUM |
| Out-of-bounds write in Battery Full Capacity node prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulnerability. | |||||
| CVE-2024-49401 | 1 Samsung | 1 Android | 2024-11-12 | N/A | 7.1 HIGH |
| Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2024-34679 | 1 Samsung | 1 Android | 2024-11-12 | N/A | 7.1 HIGH |
| Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege. | |||||
| CVE-2024-34674 | 1 Samsung | 1 Android | 2024-11-12 | N/A | 4.6 MEDIUM |
| Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles. | |||||
| CVE-2024-34675 | 1 Samsung | 1 Android | 2024-11-12 | N/A | 4.6 MEDIUM |
| Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen. | |||||
| CVE-2024-34677 | 1 Samsung | 1 Android | 2024-11-12 | N/A | 3.3 LOW |
| Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate. | |||||
| CVE-2024-34680 | 1 Samsung | 1 Android | 2024-11-12 | N/A | 5.5 MEDIUM |
| Use of implicit intent for sensitive communication in WlanTest prior to SMR Nov-2024 Release 1 allows local attackers to get sensitive information. | |||||
| CVE-2024-34676 | 1 Samsung | 1 Android | 2024-11-12 | N/A | 7.3 HIGH |
| Out-of-bounds write in parsing subtitle file in libsubextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. User interaction is required for triggering this vulnerability. | |||||
| CVE-2024-34678 | 1 Samsung | 1 Android | 2024-11-12 | N/A | 7.8 HIGH |
| Out-of-bounds write in libsapeextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. | |||||
| CVE-2024-49402 | 1 Samsung | 1 Android | 2024-11-12 | N/A | 4.6 MEDIUM |
| Improper input validation in Dressroom prior to SMR Nov-2024 Release 1 allow physical attackers to access data across multiple user profiles. | |||||
| CVE-2024-27360 | 1 Samsung | 16 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 13 more | 2024-10-30 | N/A | 7.5 HIGH |
| A vulnerability was discovered in Samsung Mobile Processors Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, and Exynos W930 where they do not properly check length of the data, which can lead to a Denial of Service. | |||||
| CVE-2024-28067 | 1 Samsung | 2 Exynos Modem 5300, Exynos Modem 5300 Firmware | 2024-10-30 | N/A | 3.7 LOW |
| A vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle (MITM) attacker to downgrade the security mode of packets going to the victim, enabling the attacker to send messages to the victim in plaintext. | |||||
| CVE-2024-34668 | 1 Samsung | 1 Android | 2024-10-30 | N/A | 8.8 HIGH |
| Out-of-bounds write in parsing h.263 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | |||||
| CVE-2024-34667 | 1 Samsung | 1 Android | 2024-10-30 | N/A | 8.8 HIGH |
| Out-of-bounds write in parsing h.265 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | |||||
| CVE-2024-34666 | 1 Samsung | 1 Android | 2024-10-30 | N/A | 8.8 HIGH |
| Out-of-bounds write in parsing h.264 format in a specific mode in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | |||||
| CVE-2024-34665 | 1 Samsung | 1 Android | 2024-10-30 | N/A | 8.8 HIGH |
| Out-of-bounds write in parsing h.264 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | |||||
| CVE-2024-34669 | 1 Samsung | 1 Android | 2024-10-30 | N/A | 8.8 HIGH |
| Out-of-bounds write in parsing h.263+ format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | |||||
| CVE-2024-29152 | 1 Samsung | 32 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 29 more | 2024-10-27 | N/A | 7.5 HIGH |
| An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, and Exynos Modem 5300. The baseband software does not properly check states specified by the RRC (Radio Resource Control) Reconfiguration message. This can lead to disclosure of sensitive information. | |||||
| CVE-2023-30691 | 1 Samsung | 1 Android | 2024-10-11 | N/A | 7.8 HIGH |
| Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to privilege escalation. | |||||