Improper access control in LedCoverService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.
6.2CVSS
6.9AI Score
0.0004EPSS
Improper access control in SamsungHealthService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.
6.2CVSS
6.9AI Score
0.0004EPSS
Improper access control in SmartThingsService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.
6.2CVSS
6.9AI Score
0.0004EPSS
Improper access control in SamsungNotesService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.
6.2CVSS
6.9AI Score
0.0004EPSS
Improper access control in PaymentManagerService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.
6.2CVSS
6.9AI Score
0.0004EPSS
Improper access control in VoiceNoteService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.
6.2CVSS
6.9AI Score
0.0004EPSS
Improper access control in ExtControlDeviceService prior to SMR Aug-2024 Release 1 allows local attackers to access protected data.
5.5CVSS
6.8AI Score
0.0004EPSS
Improper access control in KnoxService prior to SMR Aug-2024 Release 1 allows local attackers to get sensitive information.
5.5CVSS
6.7AI Score
0.0004EPSS
Out-of-bound write in libcodec2secmp4vdec.so prior to SMR Aug-2024 Release 1 allows local attackers to execute arbitrary code.
7.8CVSS
7.6AI Score
0.0004EPSS
Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allows local attackers to execute arbitrary code.
7.8CVSS
7.4AI Score
0.0004EPSS
Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allows local attackers to cause memory corruption.
7.8CVSS
5.2AI Score
0.0004EPSS
Improper handling of insufficient permission in KnoxDualDARPolicy prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive data.
5.5CVSS
5.1AI Score
0.0004EPSS
Improper handling of insufficient permission in Telephony prior to SMR Aug-2024 Release 1 allows local attackers to configure default Message application.
4CVSS
4.3AI Score
0.0004EPSS
Improper access control in System property prior to SMR Aug-2024 Release 1 allows local attackers to access cell related information.
4CVSS
4.2AI Score
0.0004EPSS
Improper input validation in librtp.so prior to SMR Aug-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
8.8CVSS
7.9AI Score
0.001EPSS
Improper privilege management in SumeNNService prior to SMR Aug-2024 Release 1 allows local attackers to start privileged service.
8.4CVSS
8.1AI Score
0.0004EPSS
Improper access control in WindowManagerService prior to SMR Sep-2024 Release 1 in Android 12, and SMR Jun-2024 Release 1 in Android 13 and Android 14 allows local attackers to bypass restrictions on starting services from the background.
6.2CVSS
6.8AI Score
0.0004EPSS
Improper handling of exceptional conditions in ThemeCenter prior to SMR Sep-2024 Release 1 allows local attackers to delete non-preloaded applications.
7.1CVSS
6.8AI Score
0.0004EPSS
Improper handling of exceptional conditions in Setupwizard prior to SMR Aug-2024 Release 1 allows physical attackers to bypass proper validation.
4.6CVSS
6.8AI Score
0.0004EPSS
Improper access control vulnerability in BGProtectManager prior to SMR Sep-2024 Release 1 allows local attackers to bypass restriction of process expiration.
3.3CVSS
6.9AI Score
0.0004EPSS
Improper Export of Android Application Components in FeliCaTest prior to SMR Sep-2024 Release 1 allows local attackers to enable NFC configuration.
5.1CVSS
6.8AI Score
0.0004EPSS
Improper authorization in One UI Home prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access sensitive information.
4.6CVSS
6.7AI Score
0.001EPSS
Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability.
5.5CVSS
6.8AI Score
0.001EPSS
Improper access control in item selection related in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability.
5.5CVSS
6.8AI Score
0.001EPSS
Improper input validation in ThemeCenter prior to SMR Sep-2024 Release 1 allows physical attackers to install privileged applications.
6.1CVSS
6.7AI Score
0.0004EPSS
Improper access control in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to cause local permanent denial of service.
6.6CVSS
6.8AI Score
0.0004EPSS
Incorrect use of privileged API in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to knox without proper license.
5.5CVSS
6.8AI Score
0.0004EPSS
Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1 allows local attackers to access sensitive data.
5.5CVSS
6.7AI Score
0.0004EPSS
Improper access control in new Dex Mode in multitasking framework prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access an unlocked screen.
2.4CVSS
6.8AI Score
0.0004EPSS
Incorrect authorization in CocktailbarService prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to Edge panel.
4CVSS
6.8AI Score
0.0004EPSS
Improper authorization in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access restricted data in My Files.
6.2CVSS
6.8AI Score
0.0004EPSS
Incorrect authorization in kperfmon prior to SMR Sep-2024 Release 1 allows local attackers to access information related to performance including app usage.
4CVSS
6.6AI Score
0.0004EPSS
Path Traversal in My Files prior to SMR Sep-2024 Release 1 allows physical attackers to access directories with My Files' privilege.
4.6CVSS
6.8AI Score
0.001EPSS
Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files' privilege.
6.2CVSS
6.8AI Score
0.0004EPSS
Incorrect use of privileged API in UniversalCredentialManager prior to SMR Sep-2024 Release 1 allows local attackers to access privileged API related to UniversalCredentialManager.
6.2CVSS
6.8AI Score
0.0004EPSS