CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49402
https://notcve.org/view.php?id=CVE-2024-49402
06 Nov 2024 — Improper input validation in Dressroom prior to SMR Nov-2024 Release 1 allow physical attackers to access data across multiple user profiles. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11 •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49401
https://notcve.org/view.php?id=CVE-2024-49401
06 Nov 2024 — Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11 •
CVSS: 2.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-34682
https://notcve.org/view.php?id=CVE-2024-34682
06 Nov 2024 — Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11 •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34681
https://notcve.org/view.php?id=CVE-2024-34681
06 Nov 2024 — Improper input validation in BluetoothAdapter prior to SMR Nov-2024 Release 1 allows local attackers to cause local permanent denial of service on Galaxy Watch. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11 •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34680
https://notcve.org/view.php?id=CVE-2024-34680
06 Nov 2024 — Use of implicit intent for sensitive communication in WlanTest prior to SMR Nov-2024 Release 1 allows local attackers to get sensitive information. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11 •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34679
https://notcve.org/view.php?id=CVE-2024-34679
06 Nov 2024 — Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11 •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34678
https://notcve.org/view.php?id=CVE-2024-34678
06 Nov 2024 — Out-of-bounds write in libsapeextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11 •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34677
https://notcve.org/view.php?id=CVE-2024-34677
06 Nov 2024 — Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11 •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34676
https://notcve.org/view.php?id=CVE-2024-34676
06 Nov 2024 — Out-of-bounds write in parsing subtitle file in libsubextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. User interaction is required for triggering this vulnerability. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11 •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34675
https://notcve.org/view.php?id=CVE-2024-34675
06 Nov 2024 — Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=11 •