|
901
|
2.4 |
LOW
Physics
|
samsung
|
android
|
Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode.
Update
|
NVD-CWE-noinfo
|
CVE-2024-34682
|
2024-11-13 09:56 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
902
|
5.5 |
MEDIUM
Local
|
samsung
|
android
|
Improper Input Validation in IpcProtocol in Modem prior to SMR Nov-2024 Release 1 allows local attackers to cause Denial-of-Service.
Update
|
NVD-CWE-noinfo
|
CVE-2024-34673
|
2024-11-13 09:56 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
903
|
4.6 |
MEDIUM
Physics
|
samsung
|
video_player
|
Improper Access Control in Samsung Video Player prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows physical attackers to access video file of other …
Update
|
NVD-CWE-noinfo
|
CVE-2024-49404
|
2024-11-13 09:55 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
904
|
4.6 |
MEDIUM
Physics
|
samsung
|
voice_recorder
|
Improper access control in Samsung Voice Recorder prior to version 21.5.40.37 allows physical attackers to access recording files on the lock screen.
Update
|
NVD-CWE-noinfo
|
CVE-2024-49403
|
2024-11-13 09:55 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
905
|
4.4 |
MEDIUM
Local
|
samsung
|
blockchain_keystore
|
Improper validation of integrity check value in Blockchain Keystore prior to version 1.3.16 allows local attackers to modify transaction. Root privilege is required for triggering this vulnerability.
Update
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2024-49406
|
2024-11-13 09:54 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
906
|
4.6 |
MEDIUM
Physics
|
samsung
|
pass
|
Improper authentication in Private Info in Samsung Pass in prior to version 4.4.04.7 allows physical attackers to access sensitive information in a specific scenario.
Update
|
NVD-CWE-noinfo
|
CVE-2024-49405
|
2024-11-13 09:54 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
907
|
4.6 |
MEDIUM
Physics
|
samsung
|
flow
|
Improper access control in Samsung Flow prior to version 4.9.15.7 allows physical attackers to access data across multiple user profiles.
Update
|
NVD-CWE-noinfo
|
CVE-2024-49407
|
2024-11-13 09:53 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
908
|
6.7 |
MEDIUM
Local
|
samsung
|
galaxy_s24_firmware
|
Out-of-bounds write in Battery Full Capacity node prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for trigge…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-49409
|
2024-11-13 09:51 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
909
|
6.7 |
MEDIUM
Local
|
samsung
|
galaxy_s24_firmware
|
Out-of-bounds write in usb driver prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. System privilege is required for triggering this vulner…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-49408
|
2024-11-13 09:51 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
910
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: prevent nf_skb_duplicated corruption
syzbot found that nf_dup_ipv4() or nf_dup_ipv6() could write
per-cpu v…
Update
|
NVD-CWE-noinfo
|
CVE-2024-49952
|
2024-11-13 09:46 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
