Filtered by vendor Samsung
Subscribe
Total
951 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-29152 | 1 Samsung | 32 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 29 more | 2024-06-11 | N/A | 7.5 HIGH |
| An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 2400, 9110, W920, W930, Modem 5123, Modem 5300, and Auto T5123. The baseband software does not properly check states specified by the RRC (Radio Resource Control) Reconfiguration message. This can lead to disclosure of sensitive information. | |||||
| CVE-2023-41270 | 1 Samsung | 2 Ue40d7000, Ue40d7000 Firmware | 2024-05-17 | N/A | 4.3 MEDIUM |
| Improper Restriction of Excessive Authentication Attempts vulnerability in Samsung Smart TV UE40D7000 version T-GAPDEUC-1033.2 and before allows attackers to cause a denial of service via WPS attack tools. | |||||
| CVE-2019-12087 | 1 Samsung | 6 S10, S10 Firmware, S9\+ and 3 more | 2024-05-17 | 4.9 MEDIUM | 5.5 MEDIUM |
| Samsung S9+, S10, and XCover 4 P(9.0) devices can become temporarily inoperable because of an unprotected intent in the ContainerAgent application. For example, the victim becomes stuck in a launcher with their Secure Folder locked. NOTE: the researcher mentions "the Samsung Security Team considered this issue as no/little security impact. | |||||
| CVE-2024-20820 | 1 Samsung | 1 Android | 2024-04-02 | N/A | 7.1 HIGH |
| Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows local privileged attackers to cause an Out-Of-Bounds read. | |||||
| CVE-2024-20814 | 1 Samsung | 1 Android | 2024-04-02 | N/A | 5.5 MEDIUM |
| Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows local attackers access unauthorized information. | |||||
| CVE-2024-20810 | 1 Samsung | 1 Android | 2024-04-02 | N/A | 3.3 LOW |
| Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows local attackers to get sensitive information. | |||||
| CVE-2024-20807 | 1 Samsung | 1 Email | 2024-04-02 | N/A | 3.3 LOW |
| Implicit intent hijacking vulnerability in Samsung Email prior to version 6.1.90.16 allows local attacker to get sensitive information. | |||||
| CVE-2024-20805 | 1 Samsung | 2 Android, Myfiles | 2024-04-02 | N/A | 5.5 MEDIUM |
| Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file. | |||||
| CVE-2024-20804 | 1 Samsung | 2 Android, Myfiles | 2024-04-02 | N/A | 5.5 MEDIUM |
| Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file. | |||||
| CVE-2023-42538 | 1 Samsung | 1 Android | 2024-03-12 | N/A | 7.8 HIGH |
| An improper input validation in saped_rec_silence in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write. | |||||
| CVE-2023-42537 | 1 Samsung | 1 Android | 2024-03-12 | N/A | 7.8 HIGH |
| An improper input validation in get_head_crc in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write. | |||||
| CVE-2023-42536 | 1 Samsung | 1 Android | 2024-03-12 | N/A | 7.8 HIGH |
| An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write. | |||||
| CVE-2023-42531 | 1 Samsung | 1 Android | 2024-03-12 | N/A | 7.1 HIGH |
| Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local attackers to bypass restrictions on starting activities from the background. | |||||
| CVE-2023-30733 | 1 Samsung | 1 Android | 2024-03-12 | N/A | 7.8 HIGH |
| Stack-based Buffer Overflow in vulnerability HDCP trustlet prior to SMR Oct-2023 Release 1 allows local privileged attackers to perform code execution. | |||||
| CVE-2024-20819 | 1 Samsung | 1 Android | 2024-03-12 | N/A | 7.8 HIGH |
| Out-of-bounds Write vulnerabilities in svc1td_vld_plh_ap of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow. | |||||
| CVE-2024-20818 | 1 Samsung | 1 Android | 2024-03-12 | N/A | 7.8 HIGH |
| Out-of-bounds Write vulnerabilities in svc1td_vld_elh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow. | |||||
| CVE-2024-20817 | 1 Samsung | 1 Android | 2024-03-12 | N/A | 7.8 HIGH |
| Out-of-bounds Write vulnerabilities in svc1td_vld_slh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow. | |||||
| CVE-2024-23769 | 2 Microsoft, Samsung | 2 Windows, Magician | 2024-02-15 | N/A | 5.5 MEDIUM |
| Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 (for Windows) allows a local attacker to read privileged data. | |||||
| CVE-2024-20816 | 1 Samsung | 1 Android | 2024-02-14 | N/A | 6.5 MEDIUM |
| Improper authentication vulnerability in onCharacteristicWriteRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness. | |||||
| CVE-2024-20815 | 1 Samsung | 1 Android | 2024-02-14 | N/A | 6.5 MEDIUM |
| Improper authentication vulnerability in onCharacteristicReadRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness. | |||||