Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Android
(Samsung)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 252 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-11-06 | CVE-2024-49401 | Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities. | Android | 7.1 | ||
| 2024-11-06 | CVE-2024-49402 | Improper input validation in Dressroom prior to SMR Nov-2024 Release 1 allow physical attackers to access data across multiple user profiles. | Android | 4.6 | ||
| 2024-10-08 | CVE-2024-34665 | Out-of-bounds write in parsing h.264 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | Android | 8.8 | ||
| 2024-10-08 | CVE-2024-34667 | Out-of-bounds write in parsing h.265 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | Android | 8.8 | ||
| 2024-10-08 | CVE-2024-34666 | Out-of-bounds write in parsing h.264 format in a specific mode in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | Android | 8.8 | ||
| 2024-10-08 | CVE-2024-34668 | Out-of-bounds write in parsing h.263 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | Android | 8.8 | ||
| 2024-10-08 | CVE-2024-34669 | Out-of-bounds write in parsing h.263+ format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | Android | 8.8 | ||
| 2024-09-04 | CVE-2024-34641 | Improper Export of Android Application Components in FeliCaTest prior to SMR Sep-2024 Release 1 allows local attackers to enable NFC configuration. | Android | 3.3 | ||
| 2024-09-04 | CVE-2024-34637 | Improper access control in WindowManagerService prior to SMR Sep-2024 Release 1 in Android 12, and SMR Jun-2024 Release 1 in Android 13 and Android 14 allows local attackers to bypass restrictions on starting services from the background. | Android | 5.5 | ||
| 2024-09-04 | CVE-2024-34647 | Incorrect use of privileged API in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to knox without proper license. | Android | 5.5 |