mobile devices
CVEs (911)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-34667 | 0.00 | — | 0.01 | Oct 8, 2024 | Out-of-bounds write in parsing h.265 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-34666 | 0.00 | — | 0.01 | Oct 8, 2024 | Out-of-bounds write in parsing h.264 format in a specific mode in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-34665 | 0.00 | — | 0.01 | Oct 8, 2024 | Out-of-bounds write in parsing h.264 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-34664 | 0.00 | — | 0.00 | Oct 8, 2024 | Improper check for exception conditions in Knox Guard prior to SMR Oct-2024 Release 1 allows physical attackers to bypass Knox Guard in a multi-user environment. | |||
| CVE-2024-34663 | 0.00 | — | 0.00 | Oct 8, 2024 | Integer overflow in libSEF.quram.so prior to SMR Oct-2024 Release 1 allows local attackers to write out-of-bounds memory. | |||
| CVE-2024-34662 | 0.00 | — | 0.00 | Oct 8, 2024 | Improper access control in ActivityManager prior to SMR Oct-2024 Release 1 in select Android 12, 13 and SMR Sep-2024 Release 1 in select Android 14 allows local attackers to execute privileged behaviors. | |||
| CVE-2024-34655 | 0.00 | — | 0.00 | Sep 4, 2024 | Incorrect use of privileged API in UniversalCredentialManager prior to SMR Sep-2024 Release 1 allows local attackers to access privileged API related to UniversalCredentialManager. | |||
| CVE-2024-34654 | 0.00 | — | 0.00 | Sep 4, 2024 | Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files' privilege. | |||
| CVE-2024-34653 | 0.00 | — | 0.00 | Sep 4, 2024 | Path Traversal in My Files prior to SMR Sep-2024 Release 1 allows physical attackers to access directories with My Files' privilege. | |||
| CVE-2024-34652 | 0.00 | — | 0.00 | Sep 4, 2024 | Incorrect authorization in kperfmon prior to SMR Sep-2024 Release 1 allows local attackers to access information related to performance including app usage. | |||
| CVE-2024-34651 | 0.00 | — | 0.00 | Sep 4, 2024 | Improper authorization in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access restricted data in My Files. | |||
| CVE-2024-34650 | 0.00 | — | 0.00 | Sep 4, 2024 | Incorrect authorization in CocktailbarService prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to Edge panel. | |||
| CVE-2024-34649 | 0.00 | — | 0.00 | Sep 4, 2024 | Improper access control in new Dex Mode in multitasking framework prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access an unlocked screen. | |||
| CVE-2024-34648 | 0.00 | — | 0.00 | Sep 4, 2024 | Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1 allows local attackers to access sensitive data. | |||
| CVE-2024-34647 | 0.00 | — | 0.00 | Sep 4, 2024 | Incorrect use of privileged API in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to knox without proper license. | |||
| CVE-2024-34646 | 0.00 | — | 0.00 | Sep 4, 2024 | Improper access control in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to cause local permanent denial of service. | |||
| CVE-2024-34645 | 0.00 | — | 0.00 | Sep 4, 2024 | Improper input validation in ThemeCenter prior to SMR Sep-2024 Release 1 allows physical attackers to install privileged applications. | |||
| CVE-2024-34644 | 0.00 | — | 0.00 | Sep 4, 2024 | Improper access control in item selection related in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-34643 | 0.00 | — | 0.00 | Sep 4, 2024 | Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-34642 | 0.00 | — | 0.00 | Sep 4, 2024 | Improper authorization in One UI Home prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access sensitive information. |
- CVE-2024-34667Oct 8, 2024risk 0.00cvss —epss 0.01
Out-of-bounds write in parsing h.265 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
- CVE-2024-34666Oct 8, 2024risk 0.00cvss —epss 0.01
Out-of-bounds write in parsing h.264 format in a specific mode in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
- CVE-2024-34665Oct 8, 2024risk 0.00cvss —epss 0.01
Out-of-bounds write in parsing h.264 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
- CVE-2024-34664Oct 8, 2024risk 0.00cvss —epss 0.00
Improper check for exception conditions in Knox Guard prior to SMR Oct-2024 Release 1 allows physical attackers to bypass Knox Guard in a multi-user environment.
- CVE-2024-34663Oct 8, 2024risk 0.00cvss —epss 0.00
Integer overflow in libSEF.quram.so prior to SMR Oct-2024 Release 1 allows local attackers to write out-of-bounds memory.
- CVE-2024-34662Oct 8, 2024risk 0.00cvss —epss 0.00
Improper access control in ActivityManager prior to SMR Oct-2024 Release 1 in select Android 12, 13 and SMR Sep-2024 Release 1 in select Android 14 allows local attackers to execute privileged behaviors.
- CVE-2024-34655Sep 4, 2024risk 0.00cvss —epss 0.00
Incorrect use of privileged API in UniversalCredentialManager prior to SMR Sep-2024 Release 1 allows local attackers to access privileged API related to UniversalCredentialManager.
- CVE-2024-34654Sep 4, 2024risk 0.00cvss —epss 0.00
Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files' privilege.
- CVE-2024-34653Sep 4, 2024risk 0.00cvss —epss 0.00
Path Traversal in My Files prior to SMR Sep-2024 Release 1 allows physical attackers to access directories with My Files' privilege.
- CVE-2024-34652Sep 4, 2024risk 0.00cvss —epss 0.00
Incorrect authorization in kperfmon prior to SMR Sep-2024 Release 1 allows local attackers to access information related to performance including app usage.
- CVE-2024-34651Sep 4, 2024risk 0.00cvss —epss 0.00
Improper authorization in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access restricted data in My Files.
- CVE-2024-34650Sep 4, 2024risk 0.00cvss —epss 0.00
Incorrect authorization in CocktailbarService prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to Edge panel.
- CVE-2024-34649Sep 4, 2024risk 0.00cvss —epss 0.00
Improper access control in new Dex Mode in multitasking framework prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access an unlocked screen.
- CVE-2024-34648Sep 4, 2024risk 0.00cvss —epss 0.00
Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1 allows local attackers to access sensitive data.
- CVE-2024-34647Sep 4, 2024risk 0.00cvss —epss 0.00
Incorrect use of privileged API in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to knox without proper license.
- CVE-2024-34646Sep 4, 2024risk 0.00cvss —epss 0.00
Improper access control in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to cause local permanent denial of service.
- CVE-2024-34645Sep 4, 2024risk 0.00cvss —epss 0.00
Improper input validation in ThemeCenter prior to SMR Sep-2024 Release 1 allows physical attackers to install privileged applications.
- CVE-2024-34644Sep 4, 2024risk 0.00cvss —epss 0.00
Improper access control in item selection related in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability.
- CVE-2024-34643Sep 4, 2024risk 0.00cvss —epss 0.00
Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability.
- CVE-2024-34642Sep 4, 2024risk 0.00cvss —epss 0.00
Improper authorization in One UI Home prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access sensitive information.
Page 41 of 46