Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability.
5.5CVSS
6.8AI Score
0.001EPSS
Improper access control in item selection related in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability.
5.5CVSS
6.8AI Score
0.001EPSS
Improper input validation in ThemeCenter prior to SMR Sep-2024 Release 1 allows physical attackers to install privileged applications.
6.1CVSS
6.7AI Score
0.0004EPSS
Improper access control in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to cause local permanent denial of service.
6.6CVSS
6.8AI Score
0.0004EPSS
Incorrect use of privileged API in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to knox without proper license.
5.5CVSS
6.8AI Score
0.0004EPSS
Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1 allows local attackers to access sensitive data.
5.5CVSS
6.7AI Score
0.0004EPSS
Improper access control in new Dex Mode in multitasking framework prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access an unlocked screen.
2.4CVSS
6.8AI Score
0.0004EPSS
Incorrect authorization in CocktailbarService prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to Edge panel.
4CVSS
6.8AI Score
0.0004EPSS
Improper authorization in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access restricted data in My Files.
6.2CVSS
6.8AI Score
0.0004EPSS
Incorrect authorization in kperfmon prior to SMR Sep-2024 Release 1 allows local attackers to access information related to performance including app usage.
4CVSS
6.6AI Score
0.0004EPSS
Path Traversal in My Files prior to SMR Sep-2024 Release 1 allows physical attackers to access directories with My Files' privilege.
4.6CVSS
6.8AI Score
0.001EPSS
Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files' privilege.
6.2CVSS
6.8AI Score
0.0004EPSS
Incorrect use of privileged API in UniversalCredentialManager prior to SMR Sep-2024 Release 1 allows local attackers to access privileged API related to UniversalCredentialManager.
6.2CVSS
6.8AI Score
0.0004EPSS
Path traversal in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code.
7.8CVSS
7.6AI Score
0.0004EPSS
Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote attackers to execute arbitrary code.
9.8CVSS
8AI Score
0.001EPSS
7.1CVSS
6.9AI Score
0.0004EPSS
Exposure of sensitive information in GroupSharing prior to version 13.6.13.3 allows remote attackers can force the victim to join the group.
7.5CVSS
6.8AI Score
0.0005EPSS
Heap-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code.
7.8CVSS
7.7AI Score
0.0004EPSS
Improper handling of insufficient permissions in Samsung Assistant prior to version 9.1.00.7 allows remote attackers to access location data. User interaction is required for triggering this vulnerability.
4.3CVSS
7.2AI Score
0.0005EPSS
The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018.
7.8CVSS
7.5AI Score
0.0004EPSS
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to write arbitrary file as system authority.
8.8CVSS
7AI Score
0.001EPSS