Samsung

Android

374 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2024-34647

  • EPSS 0.03%
  • Published 04.09.2024 06:15:13
  • Last modified 05.09.2024 18:00:35

Incorrect use of privileged API in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to knox without proper license.

3.3

CVE-2024-34640

  • EPSS 0.04%
  • Published 04.09.2024 06:15:12
  • Last modified 05.09.2024 18:04:28

Improper access control vulnerability in BGProtectManager prior to SMR Sep-2024 Release 1 allows local attackers to bypass restriction of process expiration.

3.3

CVE-2024-34641

  • EPSS 0.04%
  • Published 04.09.2024 06:15:12
  • Last modified 06.09.2024 15:27:40

Improper Export of Android Application Components in FeliCaTest prior to SMR Sep-2024 Release 1 allows local attackers to enable NFC configuration.

4.6

CVE-2024-34642

  • EPSS 0.06%
  • Published 04.09.2024 06:15:12
  • Last modified 05.09.2024 18:03:57

Improper authorization in One UI Home prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access sensitive information.

5.5

CVE-2024-34643

  • EPSS 0.03%
  • Published 04.09.2024 06:15:12
  • Last modified 05.09.2024 18:03:12

Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability.

5.5

CVE-2024-34637

  • EPSS 0.04%
  • Published 04.09.2024 06:15:11
  • Last modified 05.09.2024 18:05:27

Improper access control in WindowManagerService prior to SMR Sep-2024 Release 1 in Android 12, and SMR Jun-2024 Release 1 in Android 13 and Android 14 allows local attackers to bypass restrictions on starting services from the background.

7.1

CVE-2024-34638

  • EPSS 0.03%
  • Published 04.09.2024 06:15:11
  • Last modified 05.09.2024 18:05:03

Improper handling of exceptional conditions in ThemeCenter prior to SMR Sep-2024 Release 1 allows local attackers to delete non-preloaded applications.

4.6

CVE-2024-34639

  • EPSS 0.06%
  • Published 04.09.2024 06:15:11
  • Last modified 05.09.2024 18:04:37

Improper handling of exceptional conditions in Setupwizard prior to SMR Aug-2024 Release 1 allows physical attackers to bypass proper validation.

5.5

CVE-2024-34616

  • EPSS 0.09%
  • Published 07.08.2024 02:15:37
  • Last modified 12.08.2024 18:40:12

Improper handling of insufficient permission in KnoxDualDARPolicy prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive data.

3.3

CVE-2024-34617

  • EPSS 0.1%
  • Published 07.08.2024 02:15:37
  • Last modified 12.08.2024 18:40:21

Improper handling of insufficient permission in Telephony prior to SMR Aug-2024 Release 1 allows local attackers to configure default Message application.