Total
243 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-20805 | 1 Samsung | 2 Android, Myfiles | 2024-11-21 | N/A | 3.3 LOW |
| Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file. | |||||
| CVE-2024-20804 | 1 Samsung | 2 Android, Myfiles | 2024-11-21 | N/A | 4.0 MEDIUM |
| Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file. | |||||
| CVE-2024-20803 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 6.8 MEDIUM |
| Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction. | |||||
| CVE-2023-42577 | 1 Samsung | 2 Android, Samsung Voice Recorder | 2024-11-21 | N/A | 6.8 MEDIUM |
| Improper Access Control in Samsung Voice Recorder prior to versions 21.4.15.01 in Android 12 and Android 13, 21.4.50.17 in Android 14 allows physical attackers to access Voice Recorder information on the lock screen. | |||||
| CVE-2023-42570 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.9 MEDIUM |
| Improper access control vulnerability in KnoxCustomManagerService prior to SMR Dec-2023 Release 1 allows attacker to access device SIM PIN. | |||||
| CVE-2023-42569 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
| Improper authorization verification vulnerability in AR Emoji prior to SMR Dec-2023 Release 1 allows attackers to read sandbox data of AR Emoji. | |||||
| CVE-2023-42552 | 1 Samsung | 2 Android, Firewall | 2024-11-21 | N/A | 4.4 MEDIUM |
| Implicit intent hijacking vulnerability in Firewall application prior to versions 12.1.00.24 in Android 11, 13.1.00.16 in Android 12 and 14.1.00.7 in Android 13 allows 3rd party application to tamper the database of Firewall. | |||||
| CVE-2023-42545 | 1 Samsung | 2 Android, Phone | 2024-11-21 | N/A | 5.5 MEDIUM |
| Use of implicit intent for sensitive communication vulnerability in Phone prior to versions 12.7.20.12 in Android 11, 13.1.48, 13.5.28 in Android 12, and 14.7.38 in Android 13 allows attackers to access location data. | |||||
| CVE-2023-42538 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.9 MEDIUM |
| An improper input validation in saped_rec_silence in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write. | |||||
| CVE-2023-42537 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 8.4 HIGH |
| An improper input validation in get_head_crc in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write. | |||||
| CVE-2023-42536 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 8.4 HIGH |
| An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write. | |||||
| CVE-2023-42535 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 8.4 HIGH |
| Out-of-bounds Write in read_block of vold prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2023-42534 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 6.3 MEDIUM |
| Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows local attackers to read arbitrary files with system privilege. | |||||
| CVE-2023-42533 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 6.6 MEDIUM |
| Improper Input Validation with USB Gadget Interface prior to SMR Nov-2023 Release 1 allows a physical attacker to execute arbitrary code in Kernel. | |||||
| CVE-2023-42532 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.9 MEDIUM |
| Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote attacker to intercept the network traffic including Firmware information. | |||||
| CVE-2023-42531 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 6.2 MEDIUM |
| Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local attackers to bypass restrictions on starting activities from the background. | |||||
| CVE-2023-42530 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
| Improper access control vulnerability in SecSettings prior to SMR Nov-2023 Release 1 allows attackers to enable Wi-Fi and Wi-Fi Direct without User Interaction. | |||||
| CVE-2023-42529 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
| Out-of-bound write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to execute arbitrary code. | |||||
| CVE-2023-42528 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
| Improper Input Validation vulnerability in ProcessNvBuffering of libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2023-42527 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.6 MEDIUM |
| Improper input validation vulnerability in ProcessWriteFile of libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to expose sensitive information. | |||||