Samsung Latest Vulnerabilities
November 6
Out-of-Bounds Write Vulnerability Affects Samsung Galaxy S24
CVE-2024-49409
SamsungSamsung Devices6.7MEDIUM
Out-of-bounds write in USB driver before Firmware update on Galaxy S24 allows local attackers to write out-of-bounds memory.
CVE-2024-49408
SamsungSamsung Devices6.7MEDIUM
Samsung Flow Vulnerability Allows Physical Attackers to Access Data Across Multiple User Profiles
CVE-2024-49407
SamsungSamsung Flow4.6MEDIUM
Untrusted Modification of Transactions Possible in Pre-1.3.16 Versions of Blockchain Keystore
CVE-2024-49406
SamsungBlockchain Keystore4.4MEDIUM
Samsung Pass Vulnerability Allows Physical Attackers to Access Sensitive Information
CVE-2024-49405
SamsungSamsung Pass4.6MEDIUM
Physical Attackers Can Access Other Users' Video Files via Improper Access Control in Samsung Video Player
CVE-2024-49404
SamsungSamsung Video Player4.6MEDIUM
Security Vulnerability in Samsung Voice Recorder Allows Access to Recordings
CVE-2024-49403
SamsungSamsung Voice Recorder4.6MEDIUM
Physical Attackers Access Data Across Multiple User Profiles
CVE-2024-49402
SamsungSamsung Devices4.6MEDIUM
Privileged Activities Attack via Improper Input Validation
CVE-2024-49401
SamsungSamsung Devices7.1HIGH
Physical Attackers Can Access Stored WiFi Password in Maintenance Mode
CVE-2024-34682
SamsungSamsung Devices2.4LOW
BluetoothAdapter Vulnerability Affects Galaxy Watch
CVE-2024-34681
SamsungSamsung Devices6.6MEDIUM
Sensitive Communication Vulnerability in WlanTest
CVE-2024-34680
SamsungSamsung Devices5.5MEDIUM
Local Attackers Can Access Sensitive Files with Phone Privilege Due to Incorrect Default Permissions in Crane SMR Nov-2024 Release 1
CVE-2024-34679
SamsungSamsung Devices7.1HIGH
LibSAPExtractor Memory Corruption Vulnerability
CVE-2024-34678
SamsungSamsung Devices7.8HIGH
Malicious Apps Disguised as Legitimate Apps in System UI Prior to SMR Nov-2024 Release 1
CVE-2024-34677
SamsungSamsung Devices3.3LOW
Memory Corruption Vulnerability in libsubextractor.so Prior to SMR Nov-2024 Release 1
CVE-2024-34676
SamsungSamsung Devices7.3HIGH
Unlocked Screens Vulnerable to Physical Attacks
CVE-2024-34675
SamsungSamsung Devices4.6MEDIUM
Physical Attackers Can Access Data Across Multiple User Profiles Due to Lack of Access Control in iPhone
CVE-2024-34674
SamsungSamsung Devices4.6MEDIUM
Denial-of-Service Vulnerability in IpcProtocol Modem
CVE-2024-34673
SamsungSamsung Devices5.5MEDIUM
November 4
Samsung Exynos Processors Vulnerable to Heap Overflow Attacks
CVE-2024-45185
Samsung
October 8
Attackers Can Access Other Users' Video Files Through Improper Input Validation in SamsungVideoPlayer
CVE-2024-34672
SamsungSamsungvideoplayer5.5MEDIUM
Local Attackers Can Access Sensitive Information Through Implicit Intent in Prior Versions of Samsung Internet
CVE-2024-34671
SamsungSamsung Internet3.3LOW
Local Attackers Can Steal Sensitive Information Using Implicit Intent Before Version 6.1.0.9
CVE-2024-34670
SamsungSound Assistant4MEDIUM
Remote Execution of Arbitrary Code with System Privileges Through Out-of-Bounds Write in librtppayload.so Prior to SMR Oct-2024 Release 1
CVE-2024-34669
SamsungSamsung Devices8.8HIGH
Remote Code Execution Vulnerability in librtppayload.so Prior to SMR Oct-2024 Release 1
CVE-2024-34668
SamsungSamsung Devices8.8HIGH
Remotely Exploitable Out-of-Bounds Write Vulnerability in librtppayload.so Prior to SMR Oct-2024 Release 1
CVE-2024-34667
SamsungSamsung Devices8.8HIGH
Arbitrary Code Execution Vulnerability in Librtppayload.so Pre-Oct-2024 Release 1
CVE-2024-34666
SamsungSamsung Devices8.8HIGH
Remote Arbitrary Code Execution Vulnerability in librtppayload.so Prior to SMR Oct-2024 Release 1
CVE-2024-34665
SamsungSamsung Devices8.8HIGH
Bypassancy of Knox Guard in a Multi-User Environment Due to Improper Check for Exception Conditions
CVE-2024-34664
SamsungSamsung Devices4.1MEDIUM
Out-of-Bounds Memory Write Vulnerability in libSEF.quram.so Prior to SMR Oct-2024 Release 1
CVE-2024-34663
SamsungSamsung Devices5.3MEDIUM
Improper Access Control in ActivityManager Leads to Privileged Behaviors
CVE-2024-34662
SamsungSamsung Devices7.8HIGH
October 7
Samsung's Exynos Processors Vulnerable to Privilege Escalation Due to Use-After-Free Bug
CVE-2024-44068
Samsung👾
September 10
CVE-2024-31960
SamsungExynos 1480 Firmware7.8HIGH
September 9
Heap Over-read Vulnerability in Samsung Exynos Processors
CVE-2024-27365
SamsungExynos 980 Firmware5.5MEDIUM
CVE-2024-27367
SamsungExynos 980 Firmware5.5MEDIUM
Samsung Exynos Processor Vulnerable to Heap Over-Read Due to Lack of Input Validation
CVE-2024-27368
SamsungExynos 980 Firmware5.5MEDIUM
Heap Overwrite Vulnerability in Exynos Mobile Processor
CVE-2024-27387
SamsungExynos 1080 Firmware7.8HIGH
Samsung Mobile Processor Vulnerable to Heap Over-Read
CVE-2024-27366
SamsungExynos 980 Firmware5.5MEDIUM
Exynos Processors Vulnerable to Heap Over-Read Due to Lack of Input Validation
CVE-2024-27364
SamsungExynos 980 Firmware5.5MEDIUM
Heap Overwrite Vulnerability Affects Samsung Mobile Processors
CVE-2024-27383
SamsungExynos 980 Firmware7.8HIGH
September 4
Samsung Assistant Location Data Vulnerability
CVE-2024-34661
SamsungSamsung Assistant4.3MEDIUM
Samsung Notes vulnerability allows local attackers to execute arbitrary code
CVE-2024-34660
SamsungSamsung Notes7.8HIGH
Remotely Forced Group Join Vulnerability in GroupSharing Prior to Version 13.6.13.3
CVE-2024-34659
SamsungGroup Sharing5.3MEDIUM
Samsung Notes Vulnerability Allows Local Attackers to Bypass ASLR
CVE-2024-34658
SamsungSamsung Notes7.1HIGH
Samsung Notes vulnerability allows remote attackers to execute arbitrary code
CVE-2024-34657
SamsungSamsung Notes9.8CRITICAL
Samsung Notes Path Traversal Vulnerability Allows Local Attackers to Execute Arbitrary Code
CVE-2024-34656
SamsungSamsung Notes7.8HIGH
Local Attackers Can Access Privileged API in UniversalCredentialManager Prior to Sep-2024 Release 1
CVE-2024-34655
SamsungSamsung Devices5.5MEDIUM
local attackers can access files with increased privileges
CVE-2024-34654
SamsungSamsung Devices5.5MEDIUM
Physical Attackers Can Access Your Files
CVE-2024-34653
SamsungSamsung Devices4.6MEDIUM
Local Attackers Can Access Performance Information Through Incorrect Authorization in kperfmon
CVE-2024-34652
SamsungSamsung Devices3.3LOW
My Files Vulnerability: Local Attackers Can Access Restricted Data Prior to Sep-2024 Release 1
CVE-2024-34651
SamsungSamsung Devices5.5MEDIUM
Local Attackers Can Access Privileged APIs After Incorrect Authorization Prior to Sep-2024 Release 1
CVE-2024-34650
SamsungSamsung Devices3.3LOW
Physical Attackers Can Temporarily Access Unlocked Screens Through Improper Access Control
CVE-2024-34649
SamsungSamsung Devices2.4LOW
Attackers Can Access Sensitive Data Due to Improper Handling of Insufficient Permissions
CVE-2024-34648
SamsungSamsung Devices5.5MEDIUM
Local Attackers Gain Access to Privileged APIs through Incorrect Use of DualDarManagerProxy Prior to SMR Sep-2024 Release 1
CVE-2024-34647
SamsungSamsung Devices5.5MEDIUM
Local Attackers Can Cause Permanent Denial of Service with Improper Access Control Before Sep-2024 Release 1
CVE-2024-34646
SamsungSamsung Devices5.5MEDIUM
Physical Attackers Can Install Privileged Applications via Improper Input Validation vulnerability
CVE-2024-34645
SamsungSamsung Devices4.6MEDIUM
Local Attackers Can Access Protected Data Due to Improper Access Control in Dressroom's Item Selection Before Sep-2024 Release 1
CVE-2024-34644
SamsungSamsung Devices5.5MEDIUM
Local Attackers Can Access Protected Data Through Improper Access Control
CVE-2024-34643
SamsungSamsung Devices5.5MEDIUM
Samsung One UI Home Vulnerable to Physical Attacks
CVE-2024-34642
SamsungSamsung Devices4.6MEDIUM
Improper Export of Android Application Components in FeliCaTest Prior to SMR Sep-2024 Release Allows Local Attackers to Enable NFC Configuration
CVE-2024-34641
SamsungSamsung Devices3.3LOW
Bypassing Process Expiration via Improper Access Control in BGProtectManager
CVE-2024-34640
SamsungSamsung Devices3.3LOW
Bypass Proper Validation Through Physical Attack
CVE-2024-34639
SamsungSamsung Devices4.6MEDIUM
Local Attackers Can Delete Non-Preloaded Applications
CVE-2024-34638
SamsungSamsung Devices7.1HIGH
Bypassing Restrictions on Starting Services from Background in Android
CVE-2024-34637
SamsungSamsung Devices5.5MEDIUM
August 7
Attackers can Steal Sensitive Information via Implicit Intent in Pre-6.1.94.2 Samsung Email
CVE-2024-34636
SamsungSamsung Email5.5MEDIUM
Samsung Notes Vulnerability Allows Local Access to Unauthorized Memory
CVE-2024-34635
SamsungSamsung Notes3.3LOW
Samsung Notes Vulnerability Allows Local Attacker Access to Unauthorized Memory
CVE-2024-34634
SamsungSamsung Notes3.3LOW
Memory Tampering Vulnerability in Samsung Notes
CVE-2024-34633
SamsungSamsung Notes3.3LOW
Local Attacker can Access Unauthorized Memory through Uuid Parsing Bug
CVE-2024-34632
SamsungSamsung Notes3.3LOW
Samsung Notes Vulnerability Allows Local Attackers to Read Memory
CVE-2024-34631
SamsungSamsung Notes5.5MEDIUM
Samsung Notes Vulnerability Allows Local Attackers to Read Memory
CVE-2024-34630
SamsungSamsung Notes5.5MEDIUM
Samsung Notes Vulnerability Could Allow Local Attackers to Read Memory
CVE-2024-34629
SamsungSamsung Notes5.5MEDIUM
Samsung Notes Vulnerability Allows Local Attackers to Read Memory
CVE-2024-34628
SamsungSamsung Notes5.5MEDIUM
Samsung Notes Vulnerability: Local Attackers Can Access Memory
CVE-2024-34627
SamsungSamsung Notes5.5MEDIUM
Samsung Notes Vulnerability Allows Local Attackers to Access Memory
CVE-2024-34626
SamsungSamsung Notes5.5MEDIUM
Samsung Notes Prior to 4.4.21.62 Vulnerable to Local Attackers via Out-of-Bounds Read
CVE-2024-34625
SamsungSamsung Notes5.5MEDIUM
Samsung Notes Vulnerability Allows Local Attackers to Read Memory
CVE-2024-34624
SamsungSamsung Notes5.5MEDIUM
Samsung Notes Vulnerability Affects Android Devices
CVE-2024-34623
SamsungSamsung Notes7.8HIGH
Samsung Notes Vulnerability Allows Local Attackers to Execute Arbitrary Code
CVE-2024-34622
SamsungSamsung Notes7.8HIGH
Samsung Notes Vulnerability Allows Local Attackers to Read Memory
CVE-2024-34621
SamsungSamsung Notes5.5MEDIUM
Privilege Escalation Vulnerability in SumeNNService
CVE-2024-34620
SamsungSamsung Devices7.8HIGH
Remote Code Execution Vulnerability in librtp.so
CVE-2024-34619
SamsungSamsung Devices8.8HIGH
Attackers Can Access Cell Related Information via Improper Access Control
CVE-2024-34618
SamsungSamsung Devices3.3LOW
Local Attackers Can Configure Default Message App Prior to SMR Aug-2024 Release 1
CVE-2024-34617
SamsungSamsung Devices3.3LOW
Local Attackers Can Access Sensitive Data Due to Improper Handling of Insufficient Permissions
CVE-2024-34616
SamsungSamsung Devices5.5MEDIUM
libsmat.so Memory Corruption Vulnerability
CVE-2024-34615
SamsungSamsung Devices7.8HIGH
Local Attackers Can Execute Arbitrary Code via Out-of-Bound Write Prior to SMR Aug-2024 Release 1
CVE-2024-34614
SamsungSamsung Devices7.8HIGH
Samsung Galaxy Watch Vulnerability Allows Local Access to Sensitive Information
CVE-2024-34613
SamsungSamsung Devices5.5MEDIUM
Arbitrary Code Execution Vulnerability in libcodec2secmp4vdec Prior to SMR Aug-2024 Release 1
CVE-2024-34612
SamsungSamsung Devices7.8HIGH
Sensitive Information Exposed through Improper Access Control in KnoxService
CVE-2024-34611
SamsungSamsung Devices5.5MEDIUM
Local Attackers Can Access Protected Data via Improper Access Control Prior to SMR Aug-2024 Release 1
CVE-2024-34610
SamsungSamsung Devices5.5MEDIUM
Background Service Bypass Vulnerability
CVE-2024-34609
SamsungSamsung Devices5.5MEDIUM
Bypassing Access Control Restrictions in PaymentManagerService
CVE-2024-34608
SamsungSamsung Devices5.5MEDIUM
Bypass Restrictions on Starting Services from Background in SamsungNotesService Prior to SMR Aug-2024 Release 1
CVE-2024-34607
SamsungSamsung Devices5.5MEDIUM
Bypass Restrictions on Starting Services from Background
CVE-2024-34606
SamsungSamsung Devices5.5MEDIUM
Bypassing Restrictions: SamsungHealthService Security Vulnerability
CVE-2024-34605
SamsungSamsung Devices5.5MEDIUM
Background Service Bypass Vulnerability
CVE-2024-34604
SamsungSamsung Devices5.5MEDIUM
July 29
Unauthorized File Uploads through Async Upload Functionality
CVE-2024-6366
SamsungUser Profile Builder
July 10
Samsung Galaxy SmartTag2 Vulnerability Allows Unauthorized Access to Location Information
CVE-2024-32670
SamsungGalaxy Smarttag2