Lucene search
K

25 matches found

Cvelist
Cvelist
added 2024/11/06 2:17 a.m.33 views

CVE-2024-49409

Out-of-bounds write in Battery Full Capacity node prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulnerability...

6.4CVSS0.00135EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/06 2:17 a.m.14 views

CVE-2024-49409

Out-of-bounds write in Battery Full Capacity node prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulnerability...

6.4CVSS6.8AI score0.00135EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/05 12:0 a.m.8 views

PT-2024-33519 · Samsung · Galaxy S24

Name of the Vulnerable Software and Affected Versions: Galaxy S24 versions prior to Firmware update Sep-2024 Release Description: The issue is an out-of-bounds write in the usb driver, allowing local attackers to write out-of-bounds memory. This requires system privilege to trigger...

6.7CVSS7.1AI score0.00135EPSS
Exploits0References4
CVE
CVE
added 2024/10/08 6:30 a.m.55 views

CVE-2024-34662

CVE-2024-34662 involves improper access control in Android’s ActivityManager. The issue affects select Android 12 and 13 earlier than SMR Oct-2024 Release 1, and select Android 14 earlier than SMR Sep-2024 Release 1, enabling local attackers to perform privileged actions. Mitigation is via update...

7.8CVSS7.1AI score0.0014EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/09/04 6:15 a.m.26 views

CVE-2024-34654

Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files' privilege...

6.2CVSS0.00137EPSS
Exploits0References1
NVD
NVD
added 2024/09/04 6:15 a.m.32 views

CVE-2024-34655

Incorrect use of privileged API in UniversalCredentialManager prior to SMR Sep-2024 Release 1 allows local attackers to access privileged API related to UniversalCredentialManager...

6.2CVSS0.00137EPSS
Exploits0References1
NVD
NVD
added 2024/09/04 6:15 a.m.33 views

CVE-2024-34650

Incorrect authorization in CocktailbarService prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to Edge panel...

4CVSS0.00132EPSS
Exploits0References1
NVD
NVD
added 2024/09/04 6:15 a.m.15 views

CVE-2024-34646

Improper access control in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to cause local permanent denial of service...

6.6CVSS0.00127EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/04 5:32 a.m.29 views

CVE-2024-34655

Incorrect use of privileged API in UniversalCredentialManager prior to SMR Sep-2024 Release 1 allows local attackers to access privileged API related to UniversalCredentialManager...

6.2CVSS0.00137EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/04 5:32 a.m.21 views

CVE-2024-34655

Incorrect use of privileged API in UniversalCredentialManager prior to SMR Sep-2024 Release 1 allows local attackers to access privileged API related to UniversalCredentialManager...

6.2CVSS6.6AI score0.00137EPSS
Exploits0References1
CVE
CVE
added 2024/09/04 5:32 a.m.50 views

CVE-2024-34653

CVE-2024-34653 describes a path-traversal vulnerability in Samsung Mobile’s My Files prior to SMR Sep-2024 Release 1. The issue permits a physical attacker to access directories using My Files’ privileges, indicating a local/physical attack surface with impact on confidentiality but not integrity...

4.6CVSS6.8AI score0.00253EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/09/04 5:32 a.m.52 views

CVE-2024-34652

The CVE-2024-34652 entry corresponds to an incorrect authorization issue in the kperfmon component of Samsung Mobile devices prior to SMR Sep-2024 Release 1. The vulnerability allows local attackers to access performance-related information, including app usage. Affected scope and root cause are ...

4CVSS6.6AI score0.00132EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/09/04 5:32 a.m.27 views

CVE-2024-34652

Incorrect authorization in kperfmon prior to SMR Sep-2024 Release 1 allows local attackers to access information related to performance including app usage...

4CVSS0.00132EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/04 5:32 a.m.24 views

CVE-2024-34652

Incorrect authorization in kperfmon prior to SMR Sep-2024 Release 1 allows local attackers to access information related to performance including app usage...

4CVSS6.4AI score0.00132EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/04 5:32 a.m.15 views

CVE-2024-34651

Improper authorization in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access restricted data in My Files...

6.2CVSS6.6AI score0.00129EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/04 5:32 a.m.12 views

CVE-2024-34649

Improper access control in new Dex Mode in multitasking framework prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access an unlocked screen...

2.4CVSS6.6AI score0.00192EPSS
Exploits0References1
CVE
CVE
added 2024/09/04 5:32 a.m.46 views

CVE-2024-34649

CVE-2024-34649 describes an improper access control flaw in the Dex Mode of Samsung’s multitasking framework, before SMR Sep-2024 Release 1. The issue could allow a physical attacker to temporarily access an unlocked screen. Affected context is limited to Samsung Mobile devices with the Dex Mode/...

2.4CVSS6.8AI score0.00192EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/04 5:32 a.m.17 views

CVE-2024-34646

Improper access control in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to cause local permanent denial of service...

6.6CVSS6.6AI score0.00127EPSS
Exploits0References1
CVE
CVE
added 2024/09/04 5:32 a.m.55 views

CVE-2024-34646

CVE-2024-34646 affects DualDarManagerProxy in Samsung Mobile devices prior to SMR Sep-2024 Release 1. The connected sources describe an improper access control vulnerability in that component, enabling local attackers to cause a local permanent denial of service. The issue is tied to the DualDarM...

6.6CVSS6.8AI score0.00127EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/09/04 5:32 a.m.54 views

CVE-2024-34645

The CVE-2024-34645 issue is confirmed in ThemeCenter prior to the SMR Sep-2024 Release 1. It stems from improper input validation, enabling a physical attacker to install privileged applications. Evidence across connected docs (PT-2024-26064, Red Hat/NVD/NEWS references) identifies ThemeCenter as...

6.1CVSS6.7AI score0.00207EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder