Filtered by vendor Samsung
Subscribe
Total
1324 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21492 | 1 Samsung | 1 Android | 2025-02-07 | N/A | 4.4 MEDIUM |
| Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. | |||||
| CVE-2023-29091 | 1 Samsung | 12 Exynos 1080, Exynos 1080 Firmware, Exynos 5123 and 9 more | 2025-02-06 | N/A | 7.5 HIGH |
| An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP URI. | |||||
| CVE-2023-29092 | 1 Samsung | 8 Exynos 1080, Exynos 1080 Firmware, Exynos 5123 and 5 more | 2025-01-28 | N/A | 7.8 HIGH |
| An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, and Exynos 1080. Binding of a wrong resource can occur due to improper handling of parameters while binding a network interface. | |||||
| CVE-2023-31115 | 1 Samsung | 4 Exynos 5123, Exynos 5123 Firmware, Exynos 5300 and 1 more | 2025-01-07 | N/A | 7.5 HIGH |
| An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause changes to the activation mode of RCS via a crafted application. | |||||
| CVE-2023-31114 | 1 Samsung | 4 Exynos 5123, Exynos 5123 Firmware, Exynos 5300 and 1 more | 2025-01-07 | N/A | 9.1 CRITICAL |
| An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause unintended querying of the SIM status via a crafted application. | |||||
| CVE-2023-31116 | 1 Samsung | 4 Exynos 5123, Exynos 5123 Firmware, Exynos 5300 and 1 more | 2025-01-07 | N/A | 9.8 CRITICAL |
| An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. An incorrect default permission can cause unintended querying of RCS capability via a crafted application. | |||||
| CVE-2024-34601 | 1 Samsung | 1 Galaxy Store | 2025-01-03 | N/A | 5.3 MEDIUM |
| Improper verification of intent by broadcast receiver vulnerability in GalaxyStore prior to version 4.5.81.0 allows local attackers to launch unexported activities of GalaxyStore. | |||||
| CVE-2024-20839 | 2 Google, Samsung | 2 Android, Voice Recorder | 2024-12-23 | N/A | 4.6 MEDIUM |
| Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers to access recording files on the lock screen. | |||||
| CVE-2024-20838 | 1 Samsung | 1 Internet | 2024-12-23 | N/A | 7.8 HIGH |
| Improper validation vulnerability in Samsung Internet prior to version 24.0.3.2 allows local attackers to execute arbitrary code. | |||||
| CVE-2024-20837 | 1 Samsung | 1 Internet | 2024-12-23 | N/A | 5.3 MEDIUM |
| Improper handling of granting permission for Trusted Web Activities in Samsung Internet prior to version 24.0.0.41 allows local attackers to grant permission to their own TWA WebApps without user interaction. | |||||
| CVE-2023-21513 | 1 Samsung | 1 Android | 2024-12-05 | N/A | 6.8 MEDIUM |
| Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition. | |||||
| CVE-2024-34662 | 1 Samsung | 1 Android | 2024-11-15 | N/A | 7.8 HIGH |
| Improper access control in ActivityManager prior to SMR Oct-2024 Release 1 in select Android 12, 13 and SMR Sep-2024 Release 1 in select Android 14 allows local attackers to execute privileged behaviors. | |||||
| CVE-2024-34673 | 1 Samsung | 1 Android | 2024-11-13 | N/A | 5.5 MEDIUM |
| Improper Input Validation in IpcProtocol in Modem prior to SMR Nov-2024 Release 1 allows local attackers to cause Denial-of-Service. | |||||
| CVE-2024-34682 | 1 Samsung | 1 Android | 2024-11-13 | N/A | 2.4 LOW |
| Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode. | |||||
| CVE-2024-49404 | 1 Samsung | 2 Android, Video Player | 2024-11-13 | N/A | 4.6 MEDIUM |
| Improper Access Control in Samsung Video Player prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows physical attackers to access video file of other users. | |||||
| CVE-2024-49403 | 1 Samsung | 1 Voice Recorder | 2024-11-13 | N/A | 4.6 MEDIUM |
| Improper access control in Samsung Voice Recorder prior to version 21.5.40.37 allows physical attackers to access recording files on the lock screen. | |||||
| CVE-2024-49405 | 1 Samsung | 1 Pass | 2024-11-13 | N/A | 4.6 MEDIUM |
| Improper authentication in Private Info in Samsung Pass in prior to version 4.4.04.7 allows physical attackers to access sensitive information in a specific scenario. | |||||
| CVE-2024-49406 | 1 Samsung | 1 Blockchain Keystore | 2024-11-13 | N/A | 4.4 MEDIUM |
| Improper validation of integrity check value in Blockchain Keystore prior to version 1.3.16 allows local attackers to modify transaction. Root privilege is required for triggering this vulnerability. | |||||
| CVE-2024-49407 | 1 Samsung | 1 Flow | 2024-11-13 | N/A | 4.6 MEDIUM |
| Improper access control in Samsung Flow prior to version 4.9.15.7 allows physical attackers to access data across multiple user profiles. | |||||
| CVE-2024-49409 | 1 Samsung | 2 Galaxy S24, Galaxy S24 Firmware | 2024-11-13 | N/A | 6.7 MEDIUM |
| Out-of-bounds write in Battery Full Capacity node prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulnerability. | |||||