CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-34622
https://notcve.org/view.php?id=CVE-2024-34622
Out-of-bounds write in appending paragraph in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege. • https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=08 •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-34619
https://notcve.org/view.php?id=CVE-2024-34619
Improper input validation in librtp.so prior to SMR Aug-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=08 •
CVSS: 7.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-34614
https://notcve.org/view.php?id=CVE-2024-34614
Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allows local attackers to execute arbitrary code. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=08 •
CVSS: 7.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-34612
https://notcve.org/view.php?id=CVE-2024-34612
Out-of-bound write in libcodec2secmp4vdec.so prior to SMR Aug-2024 Release 1 allows local attackers to execute arbitrary code. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=08 •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-41239
https://notcve.org/view.php?id=CVE-2024-41239
A Stored Cross Site Scripting (XSS) vulnerability was found in "/smsa/add_class_submit.php" in Kashipara Responsive School Management System v1.0, which allows remote attackers to execute arbitrary code via "class_name" parameter field. A Stored Cross Site Scripting (XSS) vulnerability was found in "/smsa/add_class_submit.php" in Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "class_name" parameter field. • https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Responsive%20School%20Management%20System%20v3.2.0/Stored%20XSS.pdf https://www.kashipara.com/project/php/12362/responsive-school-management-system-php-project-source-code • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •