CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34663
https://notcve.org/view.php?id=CVE-2024-34663
08 Oct 2024 — Integer overflow in libSEF.quram.so prior to SMR Oct-2024 Release 1 allows local attackers to write out-of-bounds memory. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=10 •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34662
https://notcve.org/view.php?id=CVE-2024-34662
08 Oct 2024 — Improper access control in ActivityManager prior to SMR Oct-2024 Release 1 in select Android 12, 13 and SMR Sep-2024 Release 1 in select Android 14 allows local attackers to execute privileged behaviors. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=10 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-31960
https://notcve.org/view.php?id=CVE-2024-31960
10 Sep 2024 — An issue was discovered in Samsung Mobile Processor Exynos 1480, Exynos 2400. The xclipse amdgpu driver has a reference count bug. This can lead to a use after free. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-34623
https://notcve.org/view.php?id=CVE-2024-34623
07 Aug 2024 — Out-of-bounds write in applying connected information in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege. • https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=08 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-34619
https://notcve.org/view.php?id=CVE-2024-34619
07 Aug 2024 — Improper input validation in librtp.so prior to SMR Aug-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=08 •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20886
https://notcve.org/view.php?id=CVE-2024-20886
04 Jun 2024 — Arbitrary directory creation in Samsung Live Wallpaper PC prior to version 3.3.8.0 allows attacker to create arbitrary directory. La creación arbitraria de directorios en Samsung Live Wallpaper PC antes de la versión 3.3.8.0 permite al atacante crear directorios arbitrarios. • https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=06 •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-20885
https://notcve.org/view.php?id=CVE-2024-20885
04 Jun 2024 — Improper component protection vulnerability in Samsung Dialer prior to SMR May-2024 Release 1 allows local attackers to make a call without proper permission. Una vulnerabilidad de protección de componentes incorrecta en Samsung Dialer anterior a SMR, versión 1 de mayo de 2024, permite a atacantes locales realizar una llamada sin el permiso adecuado. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=06 •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20872
https://notcve.org/view.php?id=CVE-2024-20872
07 May 2024 — Improper handling of insufficient privileges vulnerability in TalkbackSE prior to version Android 14 allows local attackers to modify setting value of TalkbackSE. El manejo inadecuado de la vulnerabilidad de privilegios insuficientes en TalkbackSE anterior a la versión Android 14 permite a atacantes locales modificar el valor de configuración de TalkbackSE. • https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=05 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20869
https://notcve.org/view.php?id=CVE-2024-20869
07 May 2024 — Improper privilege management vulnerability in Samsung Internet prior to version 25.0.0.41 allows local attackers to bypass protection for cookies. Una vulnerabilidad de gestión de privilegios inadecuada en Samsung Internet anterior a la versión 25.0.0.41 permite a atacantes locales eludir la protección de cookies. • https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=05 •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-20862
https://notcve.org/view.php?id=CVE-2024-20862
07 May 2024 — Out-of-bounds write in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary code. La escritura fuera de los límites en SveService antes de SMR, mayo de 2024, versión 1, permite a atacantes locales con privilegios ejecutar código arbitrario. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=05 •