Filtered by vendor Samsung
Subscribe
Total
1008 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-20895 | 1 Samsung | 1 Android | 2024-07-05 | N/A | 5.5 MEDIUM |
| Improper access control in Dar service prior to SMR Jul-2024 Release 1 allows local attackers to bypass restriction for calling SDP features. | |||||
| CVE-2024-20894 | 1 Samsung | 1 Android | 2024-07-05 | N/A | 4.3 MEDIUM |
| Improper handling of exceptional conditions in Secure Folder prior to SMR Jul-2024 Release 1 allows physical attackers to bypass authentication under certain condition. User interaction is required for triggering this vulnerability. | |||||
| CVE-2024-20893 | 1 Samsung | 1 Android | 2024-07-05 | N/A | 7.8 HIGH |
| Improper input validation in libmediaextractorservice.so prior to SMR Jul-2024 Release 1 allows local attackers to trigger memory corruption. | |||||
| CVE-2024-20892 | 1 Samsung | 1 Android | 2024-07-05 | N/A | 7.8 HIGH |
| Improper verification of signature in FilterProvider prior to SMR Jul-2024 Release 1 allows local attackers to execute privileged behaviors. User interaction is required for triggering this vulnerability. | |||||
| CVE-2024-20891 | 1 Samsung | 1 Android | 2024-07-05 | N/A | 7.8 HIGH |
| Improper access control in launchFullscreenIntent of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2024-20890 | 1 Samsung | 1 Android | 2024-07-05 | N/A | 8.8 HIGH |
| Improper input validation in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to trigger abnormal behavior. | |||||
| CVE-2024-20889 | 1 Samsung | 1 Android | 2024-07-05 | N/A | 4.3 MEDIUM |
| Improper authentication in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to pair with devices. | |||||
| CVE-2024-20888 | 1 Samsung | 1 Android | 2024-07-05 | N/A | 7.8 HIGH |
| Improper access control in OneUIHome prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability. | |||||
| CVE-2024-34590 | 1 Samsung | 1 Android | 2024-07-03 | N/A | 4.3 MEDIUM |
| Improper input validation혻in parsing an item type from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability. | |||||
| CVE-2024-27374 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more | 2024-07-03 | N/A | 7.8 HIGH |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_publish_get_nl_params(), there is no input validation check on hal_req->service_specific_info_len coming from userspace, which can lead to a heap overwrite. | |||||
| CVE-2024-34601 | 1 Samsung | 1 Galaxystore | 2024-07-02 | N/A | 5.3 MEDIUM |
| Improper verification of intent by broadcast receiver vulnerability in GalaxyStore prior to version 4.5.81.0 allows local attackers to launch unexported activities of GalaxyStore. | |||||
| CVE-2024-34600 | 1 Samsung | 1 Flow | 2024-07-02 | N/A | 3.3 LOW |
| Improper verification of intent by broadcast receiver vulnerability in Samsung Flow prior to version 4.9.13.0 allows local attackers to copy image files to external storage. | |||||
| CVE-2024-34599 | 2 Google, Samsung | 2 Android, Tips | 2024-07-02 | N/A | 3.3 LOW |
| Improper input validation in Tips prior to version 6.2.9.4 in Android 14 allows local attacker to send broadcast with Tips' privilege. | |||||
| CVE-2024-34597 | 1 Samsung | 1 Health | 2024-07-02 | N/A | 3.3 LOW |
| Improper input validation in Samsung Health prior to version 6.27.0.113 allows local attackers to write arbitrary document files to the sandbox of Samsung Health. User interaction is required for triggering this vulnerability. | |||||
| CVE-2024-34596 | 1 Samsung | 1 Smartthings | 2024-07-02 | N/A | 7.5 HIGH |
| Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner. | |||||
| CVE-2024-34595 | 1 Samsung | 1 Android | 2024-07-02 | N/A | 7.8 HIGH |
| Improper access control in clickAdapterItem of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2024-34594 | 1 Samsung | 1 Android | 2024-07-02 | N/A | 5.5 MEDIUM |
| Exposure of sensitive information in proc file system prior to SMR Jul-2024 Release 1 allows local attackers to read kernel memory address. | |||||
| CVE-2024-34593 | 1 Samsung | 1 Android | 2024-07-02 | N/A | 8.8 HIGH |
| Improper input validation in parsing and distributing RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | |||||
| CVE-2024-34592 | 1 Samsung | 1 Android | 2024-07-02 | N/A | 4.3 MEDIUM |
| Improper input validation in parsing RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability. | |||||
| CVE-2024-34591 | 1 Samsung | 1 Android | 2024-07-02 | N/A | 4.3 MEDIUM |
| Improper input validation in parsing an item data from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability. | |||||