mobile devices
CVEs (911)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-20897 | 0.00 | — | 0.00 | Jul 2, 2024 | Use of implicit intent for sensitive communication in FCM function in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information. | |||
| CVE-2024-20896 | 0.00 | — | 0.00 | Jul 2, 2024 | Use of implicit intent for sensitive communication in Configuration message prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information. | |||
| CVE-2024-20895 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper access control in Dar service prior to SMR Jul-2024 Release 1 allows local attackers to bypass restriction for calling SDP features. | |||
| CVE-2024-20894 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper handling of exceptional conditions in Secure Folder prior to SMR Jul-2024 Release 1 allows physical attackers to bypass authentication under certain condition. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-20893 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper input validation in libmediaextractorservice.so prior to SMR Jul-2024 Release 1 allows local attackers to trigger memory corruption. | |||
| CVE-2024-20892 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper verification of signature in FilterProvider prior to SMR Jul-2024 Release 1 allows local attackers to execute privileged behaviors. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-20891 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper access control in launchFullscreenIntent of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities. | |||
| CVE-2024-20890 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper input validation in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to trigger abnormal behavior. | |||
| CVE-2024-20889 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper authentication in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to pair with devices. | |||
| CVE-2024-20888 | 0.00 | — | 0.00 | Jul 2, 2024 | Improper access control in OneUIHome prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-20885 | 0.00 | — | 0.00 | Jun 4, 2024 | Improper component protection vulnerability in Samsung Dialer prior to SMR May-2024 Release 1 allows local attackers to make a call without proper permission. | |||
| CVE-2024-20884 | 0.00 | — | 0.00 | Jun 4, 2024 | Incorrect use of privileged API vulnerability in getSemBatteryUsageStats in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged API. | |||
| CVE-2024-20883 | 0.00 | — | 0.00 | Jun 4, 2024 | Incorrect use of privileged API vulnerability in registerBatteryStatsCallback in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged API. | |||
| CVE-2024-20882 | 0.00 | — | 0.00 | Jun 4, 2024 | Out-of-bounds read vulnerability in bootloader prior to SMR June-2024 Release 1 allows physical attackers to arbitrary data access. | |||
| CVE-2024-20881 | 0.00 | — | 0.00 | Jun 4, 2024 | Improper input validation vulnerability in chnactiv TA prior to SMR Jun-2024 Release 1 allows local privileged attackers lead to potential arbitrary code execution. | |||
| CVE-2024-20880 | 0.00 | — | 0.00 | Jun 4, 2024 | Stack-based buffer overflow vulnerability in bootloader prior to SMR Jun-2024 Release 1 allows physical attackers to overwrite memory. | |||
| CVE-2024-20879 | 0.00 | — | 0.00 | Jun 4, 2024 | Improper input validation vulnerability in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to write out-of-bounds memory. | |||
| CVE-2024-20878 | 0.00 | — | 0.00 | Jun 4, 2024 | Heap out-of-bound write vulnerability in parsing grid image in libsavscmn.so prior to SMR June-2024 Release 1 allows local attackers to execute arbitrary code. | |||
| CVE-2024-20877 | 0.00 | — | 0.00 | Jun 4, 2024 | Heap out-of-bound write vulnerability in parsing grid image header in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to execute arbitrary code. | |||
| CVE-2024-20876 | 0.00 | — | 0.00 | Jun 4, 2024 | Improper input validation in libsheifdecadapter.so prior to SMR Jun-2024 Release 1 allows local attackers to lead to memory corruption. |
- CVE-2024-20897Jul 2, 2024risk 0.00cvss —epss 0.00
Use of implicit intent for sensitive communication in FCM function in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.
- CVE-2024-20896Jul 2, 2024risk 0.00cvss —epss 0.00
Use of implicit intent for sensitive communication in Configuration message prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.
- CVE-2024-20895Jul 2, 2024risk 0.00cvss —epss 0.00
Improper access control in Dar service prior to SMR Jul-2024 Release 1 allows local attackers to bypass restriction for calling SDP features.
- CVE-2024-20894Jul 2, 2024risk 0.00cvss —epss 0.00
Improper handling of exceptional conditions in Secure Folder prior to SMR Jul-2024 Release 1 allows physical attackers to bypass authentication under certain condition. User interaction is required for triggering this vulnerability.
- CVE-2024-20893Jul 2, 2024risk 0.00cvss —epss 0.00
Improper input validation in libmediaextractorservice.so prior to SMR Jul-2024 Release 1 allows local attackers to trigger memory corruption.
- CVE-2024-20892Jul 2, 2024risk 0.00cvss —epss 0.00
Improper verification of signature in FilterProvider prior to SMR Jul-2024 Release 1 allows local attackers to execute privileged behaviors. User interaction is required for triggering this vulnerability.
- CVE-2024-20891Jul 2, 2024risk 0.00cvss —epss 0.00
Improper access control in launchFullscreenIntent of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.
- CVE-2024-20890Jul 2, 2024risk 0.00cvss —epss 0.00
Improper input validation in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to trigger abnormal behavior.
- CVE-2024-20889Jul 2, 2024risk 0.00cvss —epss 0.00
Improper authentication in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to pair with devices.
- CVE-2024-20888Jul 2, 2024risk 0.00cvss —epss 0.00
Improper access control in OneUIHome prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability.
- CVE-2024-20885Jun 4, 2024risk 0.00cvss —epss 0.00
Improper component protection vulnerability in Samsung Dialer prior to SMR May-2024 Release 1 allows local attackers to make a call without proper permission.
- CVE-2024-20884Jun 4, 2024risk 0.00cvss —epss 0.00
Incorrect use of privileged API vulnerability in getSemBatteryUsageStats in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged API.
- CVE-2024-20883Jun 4, 2024risk 0.00cvss —epss 0.00
Incorrect use of privileged API vulnerability in registerBatteryStatsCallback in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged API.
- CVE-2024-20882Jun 4, 2024risk 0.00cvss —epss 0.00
Out-of-bounds read vulnerability in bootloader prior to SMR June-2024 Release 1 allows physical attackers to arbitrary data access.
- CVE-2024-20881Jun 4, 2024risk 0.00cvss —epss 0.00
Improper input validation vulnerability in chnactiv TA prior to SMR Jun-2024 Release 1 allows local privileged attackers lead to potential arbitrary code execution.
- CVE-2024-20880Jun 4, 2024risk 0.00cvss —epss 0.00
Stack-based buffer overflow vulnerability in bootloader prior to SMR Jun-2024 Release 1 allows physical attackers to overwrite memory.
- CVE-2024-20879Jun 4, 2024risk 0.00cvss —epss 0.00
Improper input validation vulnerability in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to write out-of-bounds memory.
- CVE-2024-20878Jun 4, 2024risk 0.00cvss —epss 0.00
Heap out-of-bound write vulnerability in parsing grid image in libsavscmn.so prior to SMR June-2024 Release 1 allows local attackers to execute arbitrary code.
- CVE-2024-20877Jun 4, 2024risk 0.00cvss —epss 0.00
Heap out-of-bound write vulnerability in parsing grid image header in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to execute arbitrary code.
- CVE-2024-20876Jun 4, 2024risk 0.00cvss —epss 0.00
Improper input validation in libsheifdecadapter.so prior to SMR Jun-2024 Release 1 allows local attackers to lead to memory corruption.
Page 44 of 46