Lucene search

K
SamsungAndroid14.0

179 matches found

CVE
CVE
added 2024/12/03 6:15 a.m.39 views

CVE-2024-49411

Path Traversal in ThemeCenter prior to SMR Dec-2024 Release 1 allows physical attackers to copy apk files to arbitrary path with ThemeCenter privilege.

4.6CVSS4.7AI score0.00039EPSS
CVE
CVE
added 2024/04/02 3:15 a.m.38 views

CVE-2024-20843

Out-of-bound write vulnerability in command parsing implementation of libIfaaCa prior to SMR Apr-2024 Release 1 allows local privileged attackers to execute arbitrary code.

6.7CVSS7.4AI score0.0005EPSS
CVE
CVE
added 2024/07/02 10:15 a.m.38 views

CVE-2024-20894

Improper handling of exceptional conditions in Secure Folder prior to SMR Jul-2024 Release 1 allows physical attackers to bypass authentication under certain condition. User interaction is required for triggering this vulnerability.

4.3CVSS7AI score0.00041EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.38 views

CVE-2024-34651

Improper authorization in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access restricted data in My Files.

6.2CVSS6.8AI score0.00034EPSS
CVE
CVE
added 2024/11/06 3:15 a.m.38 views

CVE-2024-34678

Out-of-bounds write in libsapeextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption.

7.8CVSS5.7AI score0.00033EPSS
CVE
CVE
added 2024/11/06 3:15 a.m.38 views

CVE-2024-34680

Use of implicit intent for sensitive communication in WlanTest prior to SMR Nov-2024 Release 1 allows local attackers to get sensitive information.

5.5CVSS4.3AI score0.00027EPSS
CVE
CVE
added 2024/12/03 6:15 a.m.38 views

CVE-2024-49410

Out-of-bounds write in libswmfextractor.so prior to SMR Dec-2024 Release 1 allows local attackers to execute arbitrary code.

7.8CVSS6.1AI score0.00029EPSS
CVE
CVE
added 2024/12/03 6:15 a.m.38 views

CVE-2024-49414

Authentication Bypass Using an Alternate Path in Dex Mode prior to SMR Dec-2024 Release 1 allows physical attackers to temporarily access to recent app list.

2.4CVSS3.6AI score0.00045EPSS
CVE
CVE
added 2024/12/03 6:15 a.m.38 views

CVE-2024-49415

Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code.

9.8CVSS8.4AI score0.00707EPSS
CVE
CVE
added 2025/05/07 9:15 a.m.38 views

CVE-2025-20955

Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification images.

5.5CVSS5.3AI score0.00018EPSS
CVE
CVE
added 2024/02/06 3:15 a.m.37 views

CVE-2024-20812

Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.

8.4CVSS7.7AI score0.00064EPSS
CVE
CVE
added 2024/07/02 10:15 a.m.37 views

CVE-2024-20890

Improper input validation in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to trigger abnormal behavior.

8.8CVSS7AI score0.00059EPSS
CVE
CVE
added 2024/07/02 10:15 a.m.37 views

CVE-2024-34588

Improper input validation혻in parsing RTCP SR packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.

6.5CVSS5.5AI score0.00297EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.37 views

CVE-2024-34654

Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files' privilege.

6.2CVSS6.8AI score0.00038EPSS
CVE
CVE
added 2024/10/08 7:15 a.m.37 views

CVE-2024-34667

Out-of-bounds write in parsing h.265 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

8.8CVSS8.2AI score0.00567EPSS
CVE
CVE
added 2024/11/06 3:15 a.m.37 views

CVE-2024-34673

Improper Input Validation in IpcProtocol in Modem prior to SMR Nov-2024 Release 1 allows local attackers to cause Denial-of-Service.

5.5CVSS4.4AI score0.00019EPSS
CVE
CVE
added 2024/11/06 3:15 a.m.37 views

CVE-2024-34675

Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen.

4.6CVSS3.6AI score0.00041EPSS
CVE
CVE
added 2024/11/06 3:15 a.m.37 views

CVE-2024-34679

Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege.

7.1CVSS4.3AI score0.00022EPSS
CVE
CVE
added 2025/05/07 9:15 a.m.37 views

CVE-2025-20959

Use of implicit intent for sensitive communication in Wi-Fi P2P service prior to SMR May-2025 Release 1 allows local attackers to access sensitive information.

5.5CVSS5.1AI score0.00018EPSS
CVE
CVE
added 2024/01/04 1:15 a.m.36 views

CVE-2024-20806

Improper access control in Notification service prior to SMR Jan-2024 Release 1 allows local attacker to access notification data.

6.2CVSS5.3AI score0.00054EPSS
CVE
CVE
added 2024/02/06 3:15 a.m.36 views

CVE-2024-20816

Improper authentication vulnerability in onCharacteristicWriteRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness.

8CVSS6.5AI score0.00086EPSS
CVE
CVE
added 2024/06/04 7:15 a.m.36 views

CVE-2024-20873

Improper input validation vulnerability in caminfo driver prior to SMR Jun-2024 Release 1 allows local privileged attackers to write out-of-bounds memory.

6CVSS6.8AI score0.0007EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.36 views

CVE-2024-34637

Improper access control in WindowManagerService prior to SMR Sep-2024 Release 1 in Android 12, and SMR Jun-2024 Release 1 in Android 13 and Android 14 allows local attackers to bypass restrictions on starting services from the background.

6.2CVSS6.8AI score0.0004EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.36 views

CVE-2024-34638

Improper handling of exceptional conditions in ThemeCenter prior to SMR Sep-2024 Release 1 allows local attackers to delete non-preloaded applications.

7.1CVSS6.8AI score0.0003EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.36 views

CVE-2024-34642

Improper authorization in One UI Home prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access sensitive information.

4.6CVSS6.7AI score0.00056EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.36 views

CVE-2024-34653

Path Traversal in My Files prior to SMR Sep-2024 Release 1 allows physical attackers to access directories with My Files' privilege.

4.6CVSS6.8AI score0.0008EPSS
CVE
CVE
added 2024/11/06 3:15 a.m.36 views

CVE-2024-34676

Out-of-bounds write in parsing subtitle file in libsubextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. User interaction is required for triggering this vulnerability.

7.3CVSS4.7AI score0.00026EPSS
CVE
CVE
added 2025/05/07 9:15 a.m.36 views

CVE-2025-20953

Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch activities within SmartManagerCN.

5.1CVSS5.1AI score0.00021EPSS
CVE
CVE
added 2025/05/07 9:15 a.m.36 views

CVE-2025-20958

Improper verification of intent by broadcast receiver in UnifiedWFC prior to SMR May-2025 Release 1 allows local attackers to manipulate VoWiFi related behaviors.

4.4CVSS4.6AI score0.00023EPSS
CVE
CVE
added 2024/08/07 2:15 a.m.35 views

CVE-2024-34614

Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allows local attackers to execute arbitrary code.

7.8CVSS7.4AI score0.00037EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.35 views

CVE-2024-34639

Improper handling of exceptional conditions in Setupwizard prior to SMR Aug-2024 Release 1 allows physical attackers to bypass proper validation.

4.6CVSS6.8AI score0.00065EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.35 views

CVE-2024-34644

Improper access control in item selection related in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability.

5.5CVSS6.8AI score0.00028EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.35 views

CVE-2024-34649

Improper access control in new Dex Mode in multitasking framework prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access an unlocked screen.

2.4CVSS6.8AI score0.0006EPSS
CVE
CVE
added 2024/10/08 7:15 a.m.35 views

CVE-2024-34665

Out-of-bounds write in parsing h.264 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.

8.8CVSS8.2AI score0.00567EPSS
CVE
CVE
added 2023/12/05 3:15 a.m.34 views

CVE-2023-42559

Improper exception management vulnerability in Knox Guard prior to SMR Dec-2023 Release 1 allows Knox Guard lock bypass via changing system time.

5.2CVSS5.2AI score0.00045EPSS
CVE
CVE
added 2023/12/05 3:15 a.m.34 views

CVE-2023-42566

Out-of-bound write vulnerability in libsavsvc prior to SMR Dec-2023 Release 1 allows local attackers to execute arbitrary code.

7.8CVSS7.7AI score0.00089EPSS
CVE
CVE
added 2023/12/05 3:15 a.m.33 views

CVE-2023-42557

Out-of-bound write vulnerability in libIfaaCa prior to SMR Dec-2023 Release 1 allows local system attackers to execute arbitrary code.

6.7CVSS6.7AI score0.00065EPSS
CVE
CVE
added 2024/02/06 3:15 a.m.33 views

CVE-2024-20815

Improper authentication vulnerability in onCharacteristicReadRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness.

8CVSS6.5AI score0.00152EPSS
CVE
CVE
added 2024/06/04 7:15 a.m.33 views

CVE-2024-20877

Heap out-of-bound write vulnerability in parsing grid image header in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to execute arbitrary code.

7.8CVSS7.6AI score0.00129EPSS
CVE
CVE
added 2024/06/04 7:15 a.m.33 views

CVE-2024-20885

Improper component protection vulnerability in Samsung Dialer prior to SMR May-2024 Release 1 allows local attackers to make a call without proper permission.

5.1CVSS6.8AI score0.00171EPSS
CVE
CVE
added 2024/08/07 2:15 a.m.33 views

CVE-2024-34609

Improper access control in VoiceNoteService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.

6.2CVSS6.9AI score0.0004EPSS
CVE
CVE
added 2024/09/04 6:15 a.m.33 views

CVE-2024-34640

Improper access control vulnerability in BGProtectManager prior to SMR Sep-2024 Release 1 allows local attackers to bypass restriction of process expiration.

3.3CVSS6.9AI score0.00045EPSS
CVE
CVE
added 2024/11/06 3:15 a.m.33 views

CVE-2024-34682

Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode.

2.4CVSS3.6AI score0.00044EPSS
CVE
CVE
added 2023/12/05 3:15 a.m.32 views

CVE-2023-42556

Improper usage of implicit intent in Contacts prior to SMR Dec-2023 Release 1 allows attacker to get sensitive information.

5.5CVSS5.4AI score0.00105EPSS
CVE
CVE
added 2023/12/05 3:15 a.m.32 views

CVE-2023-42565

Improper input validation vulnerability in Smart Clip prior to SMR Dec-2023 Release 1 allows local attackers with shell privilege to execute arbitrary code.

7.3CVSS6.7AI score0.00082EPSS
CVE
CVE
added 2023/12/05 3:15 a.m.32 views

CVE-2023-42567

Improper size check vulnerability in softsimd prior to SMR Dec-2023 Release 1 allows stack-based buffer overflow.

7.8CVSS7.6AI score0.00123EPSS
CVE
CVE
added 2024/06/04 7:15 a.m.32 views

CVE-2024-20878

Heap out-of-bound write vulnerability in parsing grid image in libsavscmn.so prior to SMR June-2024 Release 1 allows local attackers to execute arbitrary code.

7.8CVSS7.6AI score0.00129EPSS
CVE
CVE
added 2024/06/04 7:15 a.m.32 views

CVE-2024-20880

Stack-based buffer overflow vulnerability in bootloader prior to SMR Jun-2024 Release 1 allows physical attackers to overwrite memory.

6.8CVSS7.3AI score0.00245EPSS
CVE
CVE
added 2023/12/05 3:15 a.m.31 views

CVE-2023-42561

Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical attacker to execute arbitrary code.

7.1CVSS6.8AI score0.00211EPSS
CVE
CVE
added 2024/06/04 7:15 a.m.31 views

CVE-2024-20874

Improper access control vulnerability in SmartManagerCN prior to SMR Jun-2024 Release 1 allows local attackers to launch privileged activities.

7.9CVSS6.8AI score0.00131EPSS
Total number of security vulnerabilities179