VYPR

Vendor CVEs

Samsung Mobile

All CVEs

2,204 total · sorted by risk
  • CVE-2024-34649Sep 4, 2024
    risk 0.00cvss epss 0.00

    Improper access control in new Dex Mode in multitasking framework prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access an unlocked screen.

  • CVE-2024-34648Sep 4, 2024
    risk 0.00cvss epss 0.00

    Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1 allows local attackers to access sensitive data.

  • CVE-2024-34647Sep 4, 2024
    risk 0.00cvss epss 0.00

    Incorrect use of privileged API in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to knox without proper license.

  • CVE-2024-34646Sep 4, 2024
    risk 0.00cvss epss 0.00

    Improper access control in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to cause local permanent denial of service.

  • CVE-2024-34645Sep 4, 2024
    risk 0.00cvss epss 0.00

    Improper input validation in ThemeCenter prior to SMR Sep-2024 Release 1 allows physical attackers to install privileged applications.

  • CVE-2024-34644Sep 4, 2024
    risk 0.00cvss epss 0.00

    Improper access control in item selection related in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability.

  • CVE-2024-34643Sep 4, 2024
    risk 0.00cvss epss 0.00

    Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability.

  • CVE-2024-34642Sep 4, 2024
    risk 0.00cvss epss 0.00

    Improper authorization in One UI Home prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access sensitive information.

  • CVE-2024-34641Sep 4, 2024
    risk 0.00cvss epss 0.00

    Improper Export of Android Application Components in FeliCaTest prior to SMR Sep-2024 Release 1 allows local attackers to enable NFC configuration.

  • CVE-2024-34640Sep 4, 2024
    risk 0.00cvss epss 0.00

    Improper access control vulnerability in BGProtectManager prior to SMR Sep-2024 Release 1 allows local attackers to bypass restriction of process expiration.

  • CVE-2024-34639Sep 4, 2024
    risk 0.00cvss epss 0.00

    Improper handling of exceptional conditions in Setupwizard prior to SMR Aug-2024 Release 1 allows physical attackers to bypass proper validation.

  • CVE-2024-34638Sep 4, 2024
    risk 0.00cvss epss 0.00

    Improper handling of exceptional conditions in ThemeCenter prior to SMR Sep-2024 Release 1 allows local attackers to delete non-preloaded applications.

  • CVE-2024-34637Sep 4, 2024
    risk 0.00cvss epss 0.00

    Improper access control in WindowManagerService prior to SMR Sep-2024 Release 1 in Android 12, and SMR Jun-2024 Release 1 in Android 13 and Android 14 allows local attackers to bypass restrictions on starting services from the background.

  • CVE-2024-39771Aug 28, 2024
    risk 0.00cvss epss 0.00

    QBiC CLOUD CC-2L v1.1.30 and earlier and Safie One v1.8.2 and earlier do not properly validate certificates, which may allow a network-adjacent unauthenticated attacker to obtain and/or alter communications of the affected product via a man-in-the-middle attack.

  • CVE-2024-34636Aug 7, 2024
    risk 0.00cvss epss 0.00

    Use of implicit intent for sensitive communication in Samsung Email prior to version 6.1.94.2 allows local attackers to get sensitive information.

  • CVE-2024-34635Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.

  • CVE-2024-34634Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.

  • CVE-2024-34633Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bounds read in parsing object header in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.

  • CVE-2024-34632Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bounds read in uuid parsing in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.

  • CVE-2024-34631Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bounds read in applying new binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.

  • CVE-2024-34630Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bounds read in applying own binary with textbox in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.

  • CVE-2024-34629Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bounds read in applying binary with text common object in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.

  • CVE-2024-34628Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bounds read in applying binary with path in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.

  • CVE-2024-34627Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bounds read in parsing implemention in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.

  • CVE-2024-34626Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bounds read in applying own binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.

  • CVE-2024-34625Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bounds read in applying connection point in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.

  • CVE-2024-34624Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bounds read in applying paragraphs in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.

  • CVE-2024-34623Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bounds write in applying connected information in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege.

  • CVE-2024-34622Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bounds write in appending paragraph in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege.

  • CVE-2024-34621Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bounds read in applying binary with data in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.

  • CVE-2024-34620Aug 7, 2024
    risk 0.00cvss epss 0.00

    Improper privilege management in SumeNNService prior to SMR Aug-2024 Release 1 allows local attackers to start privileged service.

  • CVE-2024-34619Aug 7, 2024
    risk 0.00cvss epss 0.01

    Improper input validation in librtp.so prior to SMR Aug-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

  • CVE-2024-34618Aug 7, 2024
    risk 0.00cvss epss 0.00

    Improper access control in System property prior to SMR Aug-2024 Release 1 allows local attackers to access cell related information.

  • CVE-2024-34617Aug 7, 2024
    risk 0.00cvss epss 0.00

    Improper handling of insufficient permission in Telephony prior to SMR Aug-2024 Release 1 allows local attackers to configure default Message application.

  • CVE-2024-34616Aug 7, 2024
    risk 0.00cvss epss 0.00

    Improper handling of insufficient permission in KnoxDualDARPolicy prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive data.

  • CVE-2024-34615Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allows local attackers to cause memory corruption.

  • CVE-2024-34614Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allows local attackers to execute arbitrary code.

  • CVE-2024-34613Aug 7, 2024
    risk 0.00cvss epss 0.00

    Improper access control in Galaxy Watch prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive information of Galaxy watch.

  • CVE-2024-34612Aug 7, 2024
    risk 0.00cvss epss 0.00

    Out-of-bound write in libcodec2secmp4vdec.so prior to SMR Aug-2024 Release 1 allows local attackers to execute arbitrary code.

  • CVE-2024-34611Aug 7, 2024
    risk 0.00cvss epss 0.00

    Improper access control in KnoxService prior to SMR Aug-2024 Release 1 allows local attackers to get sensitive information.

  • CVE-2024-34610Aug 7, 2024
    risk 0.00cvss epss 0.00

    Improper access control in ExtControlDeviceService prior to SMR Aug-2024 Release 1 allows local attackers to access protected data.

  • CVE-2024-34609Aug 7, 2024
    risk 0.00cvss epss 0.00

    Improper access control in VoiceNoteService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.

  • CVE-2024-34608Aug 7, 2024
    risk 0.00cvss epss 0.00

    Improper access control in PaymentManagerService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.

  • CVE-2024-34607Aug 7, 2024
    risk 0.00cvss epss 0.00

    Improper access control in SamsungNotesService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.

  • CVE-2024-34606Aug 7, 2024
    risk 0.00cvss epss 0.00

    Improper access control in SmartThingsService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.

  • CVE-2024-34605Aug 7, 2024
    risk 0.00cvss epss 0.00

    Improper access control in SamsungHealthService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.

  • CVE-2024-34604Aug 7, 2024
    risk 0.00cvss epss 0.00

    Improper access control in LedCoverService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.

  • CVE-2024-32671Jul 29, 2024
    risk 0.00cvss epss 0.00

    Heap-based Buffer Overflow vulnerability in Samsung Open Source Escargot JavaScript engine allows Overflow Buffers.This issue affects Escargot: 4.0.0.

  • CVE-2024-27386Jul 9, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was discovered in the slsi_handle_nan_rx_event_log_ind function in Samsung Mobile Processor Exynos 1380 and Exynos 1480 related to no input validation check on tag_len for tx coming from userspace, which can lead to heap overwrite.

  • CVE-2024-27385Jul 9, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was discovered in the slsi_handle_nan_rx_event_log_ind function in Samsung Mobile Processor Exynos 1380 and Exynos 1480 related to no input validation check on tag_len for rx coming from userspace, which can lead to heap overwrite.

Page 16 of 45