Vendor CVEs
Samsung Mobile
All CVEs
2,204 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-20915 | 0.00 | — | 0.00 | Mar 6, 2025 | Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. | |||
| CVE-2025-20914 | 0.00 | — | 0.00 | Mar 6, 2025 | Out-of-bounds read in applying binary of hand writing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. | |||
| CVE-2025-20913 | 0.00 | — | 0.00 | Mar 6, 2025 | Out-of-bounds read in applying binary of drawing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. | |||
| CVE-2025-20912 | 0.00 | — | 0.00 | Mar 6, 2025 | Incorrect default permission in DiagMonAgent prior to SMR Mar-2025 Release 1 allows local attackers to access data within Galaxy Watch. | |||
| CVE-2025-20911 | 0.00 | — | 0.00 | Mar 6, 2025 | Improper access control in sem_wifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of Galaxy Watch. | |||
| CVE-2025-20910 | 0.00 | — | 0.00 | Mar 6, 2025 | Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local attackers to access data in Galaxy Watch Gallery. | |||
| CVE-2025-20909 | 0.00 | — | 0.00 | Mar 6, 2025 | Use of implicit intent for sensitive communication in Settings prior to SMR Mar-2025 Release 1 allows local attackers to access sensitive information. | |||
| CVE-2025-20908 | 0.00 | — | 0.00 | Mar 6, 2025 | Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting. | |||
| CVE-2025-20903 | 0.00 | — | 0.00 | Mar 6, 2025 | Improper access control in SecSettingsIntelligence prior to SMR Mar-2025 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-52924 | 0.00 | — | 0.00 | Mar 6, 2025 | An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of boundary check during the… | |||
| CVE-2024-50600 | 0.00 | — | 0.00 | Mar 6, 2025 | An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOP_KEEP_ALIVE_OFFLOAD leads to out-of-bounds access. An attacker can send a malformed message to the… | |||
| CVE-2024-52923 | 0.00 | — | 0.00 | Mar 6, 2025 | An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of a boundary check during the… | |||
| CVE-2024-46923 | 0.00 | — | 0.01 | Feb 12, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_ib_fill in the Xclipse Driver. | |||
| CVE-2024-46922 | 0.00 | — | 0.01 | Feb 12, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_parser_bos in the Xclipse Driver. | |||
| CVE-2025-20907 | 0.00 | — | 0.00 | Feb 4, 2025 | Improper privilege management in Samsung Find prior to SMR Feb-2025 Release 1 allows local privileged attackers to disable Samsung Find. | |||
| CVE-2025-20905 | 0.00 | — | 0.00 | Feb 4, 2025 | Out-of-bounds read and write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to read and write out-of-bounds memory. | |||
| CVE-2025-20904 | 0.00 | — | 0.00 | Feb 4, 2025 | Out-of-bounds write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to cause memory corruption. | |||
| CVE-2025-20901 | 0.00 | — | 0.00 | Feb 4, 2025 | Out-of-bounds read in Blockchain Keystore prior to version 1.3.16.5 allows local privileged attackers to read out-of-bounds memory. | |||
| CVE-2025-20900 | 0.00 | — | 0.00 | Feb 4, 2025 | Out-of-bounds write in Blockchain Keystore prior to version 1.3.16.5 allows local privileged attackers to write out-of-bounds memory. | |||
| CVE-2025-20898 | 0.00 | — | 0.00 | Feb 4, 2025 | Improper input validation in Samsung Members prior to version 5.2.00.12 allows physical attackers to access data across multiple user profiles. | |||
| CVE-2025-20895 | 0.00 | — | 0.00 | Feb 4, 2025 | Authentication Bypass Using an Alternate Path in Galaxy Store prior to version 4.5.87.6 allows physical attackers to install arbitrary applications to bypass restrictions of Setupwizard. | |||
| CVE-2025-20894 | 0.00 | — | 0.00 | Feb 4, 2025 | Improper access control in Samsung Email prior to version 6.1.97.1 allows physical attackers to access data across multiple user profiles. | |||
| CVE-2025-20893 | 0.00 | — | 0.00 | Feb 4, 2025 | Improper access control in NotificationManager prior to SMR Jan-2025 Release 1 allows local attackers to change the configuration of notifications. | |||
| CVE-2025-20892 | 0.00 | — | 0.00 | Feb 4, 2025 | Protection Mechanism Failure in bootloader prior to SMR Jan-2025 Release 1 allows physical attackers to allow to execute fastboot command. User interaction is required for triggering this vulnerability. | |||
| CVE-2025-20891 | 0.00 | — | 0.00 | Feb 4, 2025 | Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability. | |||
| CVE-2025-20890 | 0.00 | — | 0.00 | Feb 4, 2025 | Out-of-bounds write in decoding frame buffer in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability. | |||
| CVE-2025-20889 | 0.00 | — | 0.00 | Feb 4, 2025 | Out-of-bounds read in decoding malformed bitstream for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability. | |||
| CVE-2025-20888 | 0.00 | — | 0.00 | Feb 4, 2025 | Out-of-bounds write in handling the block size for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability. | |||
| CVE-2025-20887 | 0.00 | — | 0.00 | Feb 4, 2025 | Out-of-bounds read in accessing table used for svp8t in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability. | |||
| CVE-2025-20886 | 0.00 | — | 0.00 | Feb 4, 2025 | Inclusion of sensitive information in test code in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged attackers to get test key. | |||
| CVE-2025-20885 | 0.00 | — | 0.00 | Feb 4, 2025 | Out-of-bounds write in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged attackers to cause memory corruption. | |||
| CVE-2025-20884 | 0.00 | — | 0.00 | Feb 4, 2025 | Improper access control in Samsung Message prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles. | |||
| CVE-2025-20883 | 0.00 | — | 0.00 | Feb 4, 2025 | Improper access control in SoundPicker prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles. | |||
| CVE-2025-20882 | 0.00 | — | 0.00 | Feb 4, 2025 | Out-of-bounds write in accessing uninitialized memory for svc1td in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability. | |||
| CVE-2025-20881 | 0.00 | — | 0.00 | Feb 4, 2025 | Out-of-bounds write in accessing buffer storing the decoded video frames in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-46919 | 0.00 | — | 0.00 | Jan 13, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100, and 1280. Lack of a length check leads to a stack out-of-bounds write at loadOutputBuffers. | |||
| CVE-2024-48883 | 0.00 | — | 0.00 | Jan 13, 2025 | An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, and Modem 5300. The UE incorrectly handles a malformed uplink scheduling… | |||
| CVE-2024-46921 | 0.00 | — | 0.00 | Jan 13, 2025 | An issue was discovered in Samsung Mobile Processor and Modem Exynos 9820, 9825, 980, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W1000, Modem 5123, Modem 5300, Modem 5400. UE does not limit the number of attempts for the RRC Setup procedure in the 5G SA, leading… | |||
| CVE-2024-46920 | 0.00 | — | 0.00 | Jan 13, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100, and 1280. Lack of a length check leads to a stack out-of-bounds write at loadInputBuffers. | |||
| CVE-2024-49422 | 0.00 | — | 0.00 | Dec 31, 2024 | Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-49417 | 0.00 | — | 0.00 | Dec 3, 2024 | Use of implicit intent for sensitive communication in Smart Touch Call prior to 1.0.0.8 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability. | |||
| CVE-2024-49416 | 0.00 | — | 0.00 | Dec 3, 2024 | Use of implicit intent for sensitive communication in SmartThings prior to version 1.8.21 allows local attackers to get sensitive information. | |||
| CVE-2024-49414 | 0.00 | — | 0.00 | Dec 3, 2024 | Authentication Bypass Using an Alternate Path in Dex Mode prior to SMR Dec-2024 Release 1 allows physical attackers to temporarily access to recent app list. | |||
| CVE-2024-49413 | 0.00 | — | 0.00 | Dec 3, 2024 | Improper Verification of Cryptographic Signature in SmartSwitch prior to SMR Dec-2024 Release 1 allows local attackers to install malicious applications. | |||
| CVE-2024-49411 | 0.00 | — | 0.00 | Dec 3, 2024 | Path Traversal in ThemeCenter prior to SMR Dec-2024 Release 1 allows physical attackers to copy apk files to arbitrary path with ThemeCenter privilege. | |||
| CVE-2024-49410 | 0.00 | — | 0.00 | Dec 3, 2024 | Out-of-bounds write in libswmfextractor.so prior to SMR Dec-2024 Release 1 allows local attackers to execute arbitrary code. | |||
| CVE-2024-53921 | 0.00 | — | 0.00 | Dec 3, 2024 | An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process. | |||
| CVE-2024-39343 | 0.00 | — | 0.00 | Dec 2, 2024 | An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, Modem 5123, and Modem 5300. The baseband software does not properly check the length specified by the MM (Mobility Management) module, which can lead… | |||
| CVE-2024-39890 | 0.00 | — | 0.00 | Dec 2, 2024 | An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The baseband software does not properly check the length… | |||
| CVE-2024-49409 | 0.00 | — | 0.00 | Nov 6, 2024 | Out-of-bounds write in Battery Full Capacity node prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulnerability. |
- CVE-2025-20915Mar 6, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
- CVE-2025-20914Mar 6, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in applying binary of hand writing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
- CVE-2025-20913Mar 6, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in applying binary of drawing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
- CVE-2025-20912Mar 6, 2025risk 0.00cvss —epss 0.00
Incorrect default permission in DiagMonAgent prior to SMR Mar-2025 Release 1 allows local attackers to access data within Galaxy Watch.
- CVE-2025-20911Mar 6, 2025risk 0.00cvss —epss 0.00
Improper access control in sem_wifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of Galaxy Watch.
- CVE-2025-20910Mar 6, 2025risk 0.00cvss —epss 0.00
Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local attackers to access data in Galaxy Watch Gallery.
- CVE-2025-20909Mar 6, 2025risk 0.00cvss —epss 0.00
Use of implicit intent for sensitive communication in Settings prior to SMR Mar-2025 Release 1 allows local attackers to access sensitive information.
- CVE-2025-20908Mar 6, 2025risk 0.00cvss —epss 0.00
Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting.
- CVE-2025-20903Mar 6, 2025risk 0.00cvss —epss 0.00
Improper access control in SecSettingsIntelligence prior to SMR Mar-2025 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability.
- CVE-2024-52924Mar 6, 2025risk 0.00cvss —epss 0.00
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of boundary check during the…
- CVE-2024-50600Mar 6, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOP_KEEP_ALIVE_OFFLOAD leads to out-of-bounds access. An attacker can send a malformed message to the…
- CVE-2024-52923Mar 6, 2025risk 0.00cvss —epss 0.00
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of a boundary check during the…
- CVE-2024-46923Feb 12, 2025risk 0.00cvss —epss 0.01
An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_ib_fill in the Xclipse Driver.
- CVE-2024-46922Feb 12, 2025risk 0.00cvss —epss 0.01
An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_parser_bos in the Xclipse Driver.
- CVE-2025-20907Feb 4, 2025risk 0.00cvss —epss 0.00
Improper privilege management in Samsung Find prior to SMR Feb-2025 Release 1 allows local privileged attackers to disable Samsung Find.
- CVE-2025-20905Feb 4, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read and write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to read and write out-of-bounds memory.
- CVE-2025-20904Feb 4, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to cause memory corruption.
- CVE-2025-20901Feb 4, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in Blockchain Keystore prior to version 1.3.16.5 allows local privileged attackers to read out-of-bounds memory.
- CVE-2025-20900Feb 4, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in Blockchain Keystore prior to version 1.3.16.5 allows local privileged attackers to write out-of-bounds memory.
- CVE-2025-20898Feb 4, 2025risk 0.00cvss —epss 0.00
Improper input validation in Samsung Members prior to version 5.2.00.12 allows physical attackers to access data across multiple user profiles.
- CVE-2025-20895Feb 4, 2025risk 0.00cvss —epss 0.00
Authentication Bypass Using an Alternate Path in Galaxy Store prior to version 4.5.87.6 allows physical attackers to install arbitrary applications to bypass restrictions of Setupwizard.
- CVE-2025-20894Feb 4, 2025risk 0.00cvss —epss 0.00
Improper access control in Samsung Email prior to version 6.1.97.1 allows physical attackers to access data across multiple user profiles.
- CVE-2025-20893Feb 4, 2025risk 0.00cvss —epss 0.00
Improper access control in NotificationManager prior to SMR Jan-2025 Release 1 allows local attackers to change the configuration of notifications.
- CVE-2025-20892Feb 4, 2025risk 0.00cvss —epss 0.00
Protection Mechanism Failure in bootloader prior to SMR Jan-2025 Release 1 allows physical attackers to allow to execute fastboot command. User interaction is required for triggering this vulnerability.
- CVE-2025-20891Feb 4, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability.
- CVE-2025-20890Feb 4, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in decoding frame buffer in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.
- CVE-2025-20889Feb 4, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in decoding malformed bitstream for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability.
- CVE-2025-20888Feb 4, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in handling the block size for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.
- CVE-2025-20887Feb 4, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in accessing table used for svp8t in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability.
- CVE-2025-20886Feb 4, 2025risk 0.00cvss —epss 0.00
Inclusion of sensitive information in test code in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged attackers to get test key.
- CVE-2025-20885Feb 4, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged attackers to cause memory corruption.
- CVE-2025-20884Feb 4, 2025risk 0.00cvss —epss 0.00
Improper access control in Samsung Message prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles.
- CVE-2025-20883Feb 4, 2025risk 0.00cvss —epss 0.00
Improper access control in SoundPicker prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles.
- CVE-2025-20882Feb 4, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in accessing uninitialized memory for svc1td in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.
- CVE-2025-20881Feb 4, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in accessing buffer storing the decoded video frames in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.
- CVE-2024-46919Jan 13, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100, and 1280. Lack of a length check leads to a stack out-of-bounds write at loadOutputBuffers.
- CVE-2024-48883Jan 13, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, and Modem 5300. The UE incorrectly handles a malformed uplink scheduling…
- CVE-2024-46921Jan 13, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor and Modem Exynos 9820, 9825, 980, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W1000, Modem 5123, Modem 5300, Modem 5400. UE does not limit the number of attempts for the RRC Setup procedure in the 5G SA, leading…
- CVE-2024-46920Jan 13, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100, and 1280. Lack of a length check leads to a stack out-of-bounds write at loadInputBuffers.
- CVE-2024-49422Dec 31, 2024risk 0.00cvss —epss 0.00
Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability.
- CVE-2024-49417Dec 3, 2024risk 0.00cvss —epss 0.00
Use of implicit intent for sensitive communication in Smart Touch Call prior to 1.0.0.8 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability.
- CVE-2024-49416Dec 3, 2024risk 0.00cvss —epss 0.00
Use of implicit intent for sensitive communication in SmartThings prior to version 1.8.21 allows local attackers to get sensitive information.
- CVE-2024-49414Dec 3, 2024risk 0.00cvss —epss 0.00
Authentication Bypass Using an Alternate Path in Dex Mode prior to SMR Dec-2024 Release 1 allows physical attackers to temporarily access to recent app list.
- CVE-2024-49413Dec 3, 2024risk 0.00cvss —epss 0.00
Improper Verification of Cryptographic Signature in SmartSwitch prior to SMR Dec-2024 Release 1 allows local attackers to install malicious applications.
- CVE-2024-49411Dec 3, 2024risk 0.00cvss —epss 0.00
Path Traversal in ThemeCenter prior to SMR Dec-2024 Release 1 allows physical attackers to copy apk files to arbitrary path with ThemeCenter privilege.
- CVE-2024-49410Dec 3, 2024risk 0.00cvss —epss 0.00
Out-of-bounds write in libswmfextractor.so prior to SMR Dec-2024 Release 1 allows local attackers to execute arbitrary code.
- CVE-2024-53921Dec 3, 2024risk 0.00cvss —epss 0.00
An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process.
- CVE-2024-39343Dec 2, 2024risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, Modem 5123, and Modem 5300. The baseband software does not properly check the length specified by the MM (Mobility Management) module, which can lead…
- CVE-2024-39890Dec 2, 2024risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The baseband software does not properly check the length…
- CVE-2024-49409Nov 6, 2024risk 0.00cvss —epss 0.00
Out-of-bounds write in Battery Full Capacity node prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulnerability.
Page 14 of 45