mobile devices
CVEs (911)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-34605 | 0.00 | — | 0.00 | Aug 7, 2024 | Improper access control in SamsungHealthService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background. | |||
| CVE-2024-34604 | 0.00 | — | 0.00 | Aug 7, 2024 | Improper access control in LedCoverService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background. | |||
| CVE-2024-34603 | 0.00 | — | 0.00 | Jul 8, 2024 | Improper access control in Samsung Message prior to SMR Jul-2024 Release 1 allows local attackers to access location data. | |||
| CVE-2024-34602 | 0.00 | — | 0.00 | Jul 8, 2024 | Use of implicit intent for sensitive communication in Samsung Messages prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-34595 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper access control in clickAdapterItem of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities. | |||
| CVE-2024-34594 | 0.00 | — | 0.00 | Jul 2, 2024 | Exposure of sensitive information in proc file system prior to SMR Jul-2024 Release 1 allows local attackers to read kernel memory address. | |||
| CVE-2024-34593 | 0.00 | — | 0.01 | Jul 2, 2024 | Improper input validation in parsing and distributing RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-34592 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper input validation in parsing RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-34591 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper input validation in parsing an item data from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-34590 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper input validation혻in parsing an item type from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-34589 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper input validation in parsing RTCP RR packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-34588 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper input validation혻in parsing RTCP SR packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-34587 | 0.00 | — | 0.01 | Jul 2, 2024 | Improper input validation in parsing application information from RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-34586 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper access control in KnoxCustomManagerService prior to SMR Jul-2024 Release 1 allows local attackers to configure Knox privacy policy. | |||
| CVE-2024-34585 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper access control in launchApp of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities. | |||
| CVE-2024-34583 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper access control in system property prior to SMR Jul-2024 Release 1 allows local attackers to get device identifier. | |||
| CVE-2024-20901 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper input validation in copying data to buffer cache in libsaped prior to SMR Jul-2024 Release 1 allows local attackers to write out-of-bounds memory. | |||
| CVE-2024-20900 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper authentication in MTP application prior to SMR Jul-2024 Release 1 allows local attackers to enter MTP mode without proper authentication. | |||
| CVE-2024-20899 | 0.00 | — | 0.00 | Jul 2, 2024 | Use of implicit intent for sensitive communication in RCS function in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information. | |||
| CVE-2024-20898 | 0.00 | — | 0.00 | Jul 2, 2024 | Use of implicit intent for sensitive communication in SoftphoneClient in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information. |
- CVE-2024-34605Aug 7, 2024risk 0.00cvss —epss 0.00
Improper access control in SamsungHealthService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.
- CVE-2024-34604Aug 7, 2024risk 0.00cvss —epss 0.00
Improper access control in LedCoverService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.
- CVE-2024-34603Jul 8, 2024risk 0.00cvss —epss 0.00
Improper access control in Samsung Message prior to SMR Jul-2024 Release 1 allows local attackers to access location data.
- CVE-2024-34602Jul 8, 2024risk 0.00cvss —epss 0.00
Use of implicit intent for sensitive communication in Samsung Messages prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.
- CVE-2024-34595Jul 2, 2024risk 0.00cvss —epss 0.00
Improper access control in clickAdapterItem of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.
- CVE-2024-34594Jul 2, 2024risk 0.00cvss —epss 0.00
Exposure of sensitive information in proc file system prior to SMR Jul-2024 Release 1 allows local attackers to read kernel memory address.
- CVE-2024-34593Jul 2, 2024risk 0.00cvss —epss 0.01
Improper input validation in parsing and distributing RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
- CVE-2024-34592Jul 2, 2024risk 0.00cvss —epss 0.00
Improper input validation in parsing RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.
- CVE-2024-34591Jul 2, 2024risk 0.00cvss —epss 0.00
Improper input validation in parsing an item data from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.
- CVE-2024-34590Jul 2, 2024risk 0.00cvss —epss 0.00
Improper input validation혻in parsing an item type from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.
- CVE-2024-34589Jul 2, 2024risk 0.00cvss —epss 0.00
Improper input validation in parsing RTCP RR packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.
- CVE-2024-34588Jul 2, 2024risk 0.00cvss —epss 0.00
Improper input validation혻in parsing RTCP SR packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.
- CVE-2024-34587Jul 2, 2024risk 0.00cvss —epss 0.01
Improper input validation in parsing application information from RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
- CVE-2024-34586Jul 2, 2024risk 0.00cvss —epss 0.00
Improper access control in KnoxCustomManagerService prior to SMR Jul-2024 Release 1 allows local attackers to configure Knox privacy policy.
- CVE-2024-34585Jul 2, 2024risk 0.00cvss —epss 0.00
Improper access control in launchApp of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.
- CVE-2024-34583Jul 2, 2024risk 0.00cvss —epss 0.00
Improper access control in system property prior to SMR Jul-2024 Release 1 allows local attackers to get device identifier.
- CVE-2024-20901Jul 2, 2024risk 0.00cvss —epss 0.00
Improper input validation in copying data to buffer cache in libsaped prior to SMR Jul-2024 Release 1 allows local attackers to write out-of-bounds memory.
- CVE-2024-20900Jul 2, 2024risk 0.00cvss —epss 0.00
Improper authentication in MTP application prior to SMR Jul-2024 Release 1 allows local attackers to enter MTP mode without proper authentication.
- CVE-2024-20899Jul 2, 2024risk 0.00cvss —epss 0.00
Use of implicit intent for sensitive communication in RCS function in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.
- CVE-2024-20898Jul 2, 2024risk 0.00cvss —epss 0.00
Use of implicit intent for sensitive communication in SoftphoneClient in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.
Page 43 of 46