This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Samsung First view 2023-02-09
Product Android Last view 2024-02-06
Version 11.0 Type Os
Update smr-jul-2023-r1  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:samsung:android

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.1 2024-02-06 CVE-2024-20820

Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows local privileged attackers to cause an Out-Of-Bounds read.

7.8 2024-02-06 CVE-2024-20819

Out-of-bounds Write vulnerabilities in svc1td_vld_plh_ap of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.

7.8 2024-02-06 CVE-2024-20818

Out-of-bounds Write vulnerabilities in svc1td_vld_elh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.

7.8 2024-02-06 CVE-2024-20817

Out-of-bounds Write vulnerabilities in svc1td_vld_slh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.

6.5 2024-02-06 CVE-2024-20816

Improper authentication vulnerability in onCharacteristicWriteRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness.

6.5 2024-02-06 CVE-2024-20815

Improper authentication vulnerability in onCharacteristicReadRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness.

5.5 2024-02-06 CVE-2024-20814

Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows local attackers access unauthorized information.

7.8 2024-02-06 CVE-2024-20813

Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.

7.8 2024-02-06 CVE-2024-20812

Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.

3.3 2024-02-06 CVE-2024-20811

Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer.

5.5 2024-01-04 CVE-2024-20806

Improper access control in Notification service prior to SMR Jan-2024 Release 1 allows local attacker to access notification data.

5.5 2024-01-04 CVE-2024-20805

Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file.

5.5 2024-01-04 CVE-2024-20804

Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file.

6.5 2024-01-04 CVE-2024-20803

Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction.

3.3 2023-12-05 CVE-2023-42570

Improper access control vulnerability in KnoxCustomManagerService prior to SMR Dec-2023 Release 1 allows attacker to access device SIM PIN.

3.3 2023-12-05 CVE-2023-42569

Improper authorization verification vulnerability in AR Emoji prior to SMR Dec-2023 Release 1 allows attackers to read sandbox data of AR Emoji.

4.4 2023-12-05 CVE-2023-42568

Improper access control vulnerability in SmartManagerCN prior to SMR Dec-2023 Release 1 allows local attackers to access arbitrary files with system privilege.

7.8 2023-12-05 CVE-2023-42566

Out-of-bound write vulnerability in libsavsvc prior to SMR Dec-2023 Release 1 allows local attackers to execute arbitrary code.

6.7 2023-12-05 CVE-2023-42565

Improper input validation vulnerability in Smart Clip prior to SMR Dec-2023 Release 1 allows local attackers with shell privilege to execute arbitrary code.

5.5 2023-12-05 CVE-2023-42564

Improper access control in knoxcustom service prior to SMR Dec-2023 Release 1 allows attacker to send broadcast with system privilege.

7.8 2023-12-05 CVE-2023-42563

Integer overflow vulnerability in landmarkCopyImageToNative of libFacePreProcessingjni.camera.samsung.so prior to SMR Dec-2023 Release 1 allows attacker to trigger heap overflow.

7.8 2023-12-05 CVE-2023-42562

Integer overflow vulnerability in detectionFindFaceSupportMultiInstance of libFacePreProcessingjni.camera.samsung.so prior to SMR Dec-2023 Release 1 allows attacker to trigger heap overflow.

6.8 2023-12-05 CVE-2023-42561

Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical attacker to execute arbitrary code.

7.8 2023-12-05 CVE-2023-42560

Heap out-of-bounds write vulnerability in dec_mono_audb of libsavsac.so prior to SMR Dec-2023 Release 1 allows an attacker to execute arbitrary code.

5.2 2023-12-05 CVE-2023-42559

Improper exception management vulnerability in Knox Guard prior to SMR Dec-2023 Release 1 allows Knox Guard lock bypass via changing system time.

CWE : Common Weakness Enumeration

%idName
42% (24) CWE-787 Out-of-bounds Write
12% (7) CWE-287 Improper Authentication
10% (6) CWE-125 Out-of-bounds Read
8% (5) CWE-20 Improper Input Validation
3% (2) CWE-668 Exposure of Resource to Wrong Sphere
3% (2) CWE-532 Information Leak Through Log Files
3% (2) CWE-269 Improper Privilege Management
3% (2) CWE-190 Integer Overflow or Wraparound
3% (2) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
1% (1) CWE-755 Improper Handling of Exceptional Conditions
1% (1) CWE-345 Insufficient Verification of Data Authenticity
1% (1) CWE-295 Certificate Issues
1% (1) CWE-134 Uncontrolled Format String