Samsung

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-39890 1Samsung 19Exynos 1080 Firmware Exynos 1280 FirmwareExynos 1330 Firmware+16 more Jul 1, 2025 Dec 2, 2024 N/A· v4 8.1 HIGH· v3 N/A· v2 An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The ba...Show more An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The baseband software does not properly check the length specified by the CC (Call Control). This can lead to an Out-of-Bounds write.Show less
CVE-2024-39343 1Samsung 9Exynos 1280 Firmware Exynos 1330 FirmwareExynos 1380 Firmware+6 more Jul 1, 2025 Dec 2, 2024 N/A· v4 7.0 HIGH· v3 N/A· v2 An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, Modem 5123, and Modem 5300. The baseband software does not properly check the length speci...Show more An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, Modem 5123, and Modem 5300. The baseband software does not properly check the length specified by the MM (Mobility Management) module, which can lead to Denial of Service.Show less
CVE-2024-49409 1Samsung 1Galaxy S24 Firmware Nov 13, 2024 Nov 6, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Out-of-bounds write in Battery Full Capacity node prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulnerabili...Show more Out-of-bounds write in Battery Full Capacity node prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulnerability.Show less
CVE-2024-49408 1Samsung 1Galaxy S24 Firmware Nov 13, 2024 Nov 6, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Out-of-bounds write in usb driver prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulnerability.
CVE-2024-49407 1Samsung 1Flow Nov 13, 2024 Nov 6, 2024 N/A· v4 4.6 MEDIUM· v3 N/A· v2 Improper access control in Samsung Flow prior to version 4.9.15.7 allows physical attackers to access data across multiple user profiles.
CVE-2024-49406 1Samsung 1Blockchain Keystore Nov 13, 2024 Nov 6, 2024 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Improper validation of integrity check value in Blockchain Keystore prior to version 1.3.16 allows local attackers to modify transaction. Root privilege is required for triggering this vulnerability.
CVE-2024-49405 1Samsung 1Pass Nov 13, 2024 Nov 6, 2024 N/A· v4 4.6 MEDIUM· v3 N/A· v2 Improper authentication in Private Info in Samsung Pass in prior to version 4.4.04.7 allows physical attackers to access sensitive information in a specific scenario.
CVE-2024-49404 1Samsung 1Video Player Nov 13, 2024 Nov 6, 2024 N/A· v4 4.6 MEDIUM· v3 N/A· v2 Improper Access Control in Samsung Video Player prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows physical attackers to access video file of other users.
CVE-2024-49403 1Samsung 1Voice Recorder Nov 13, 2024 Nov 6, 2024 N/A· v4 4.6 MEDIUM· v3 N/A· v2 Improper access control in Samsung Voice Recorder prior to version 21.5.40.37 allows physical attackers to access recording files on the lock screen.
CVE-2024-49402 1Samsung 1Android Nov 12, 2024 Nov 6, 2024 N/A· v4 4.6 MEDIUM· v3 N/A· v2 Improper input validation in Dressroom prior to SMR Nov-2024 Release 1 allow physical attackers to access data across multiple user profiles.
CVE-2024-49401 1Samsung 1Android Nov 12, 2024 Nov 6, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities.
CVE-2024-34682 1Samsung 1Android Nov 13, 2024 Nov 6, 2024 N/A· v4 2.4 LOW· v3 N/A· v2 Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode.
CVE-2024-34680 1Samsung 1Android Nov 12, 2024 Nov 6, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Use of implicit intent for sensitive communication in WlanTest prior to SMR Nov-2024 Release 1 allows local attackers to get sensitive information.
CVE-2024-34679 1Samsung 1Android Nov 12, 2024 Nov 6, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege.
CVE-2024-34678 1Samsung 1Android Nov 12, 2024 Nov 6, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Out-of-bounds write in libsapeextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption.
CVE-2024-34677 1Samsung 1Android Nov 12, 2024 Nov 6, 2024 N/A· v4 3.3 LOW· v3 N/A· v2 Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate.
CVE-2024-34676 1Samsung 1Android Nov 12, 2024 Nov 6, 2024 N/A· v4 7.3 HIGH· v3 N/A· v2 Out-of-bounds write in parsing subtitle file in libsubextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. User interaction is required for triggering this vulnerability.
CVE-2024-34675 1Samsung 1Android Nov 12, 2024 Nov 6, 2024 N/A· v4 4.6 MEDIUM· v3 N/A· v2 Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen.
CVE-2024-34674 1Samsung 1Android Nov 12, 2024 Nov 6, 2024 N/A· v4 4.6 MEDIUM· v3 N/A· v2 Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles.
CVE-2024-34673 1Samsung 1Android Nov 13, 2024 Nov 6, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Improper Input Validation in IpcProtocol in Modem prior to SMR Nov-2024 Release 1 allows local attackers to cause Denial-of-Service.

Previous 1...212223...76 Next