cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-31960,https://securityvulnerability.io/vulnerability/CVE-2024-31960,Use After Free Vulnerability in Samsung Exynos Mobile Processors,"A reference count bug in the xclipse amdgpu driver used within Samsung's Exynos 1480 and Exynos 2400 mobile processors creates a vulnerability that may result in a use after free condition. This issue has potential implications for system stability and security, making affected devices susceptible to exploitation. Addressing this vulnerability is critical for maintaining the integrity and safety of the mobile platform.",Samsung,Exynos 1480 Firmware,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-10T00:00:00.000Z,0
CVE-2024-27368,https://securityvulnerability.io/vulnerability/CVE-2024-27368,Samsung Exynos Processor Vulnerable to Heap Over-Read Due to Lack of Input Validation,"An issue was discovered in Samsung Mobile Processor Exynos Mobile Processor, Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_received_frame_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read.",Samsung,Exynos 980 Firmware,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-09T00:00:00.000Z,0
CVE-2024-27387,https://securityvulnerability.io/vulnerability/CVE-2024-27387,Heap Overwrite Vulnerability in Exynos Mobile Processor,"A vulnerability has been identified in various Samsung Exynos Mobile Processors, specifically within the function slsi_rx_range_done_ind(). This flaw stems from the absence of input validation checks on the rtt_id parameter received from userspace. Without proper validation, an attacker could potentially exploit this weakness, resulting in a heap overwrite condition that could compromise system integrity and lead to unauthorized access or manipulation of sensitive data.",Samsung,Exynos 1080 Firmware,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-09T00:00:00.000Z,0
CVE-2024-27364,https://securityvulnerability.io/vulnerability/CVE-2024-27364,Exynos Processors Vulnerable to Heap Over-Read Due to Lack of Input Validation,"An issue was discovered in Mobile Processor, Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_roamed_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read.",Samsung,Exynos 980 Firmware,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-09T00:00:00.000Z,0
CVE-2024-27366,https://securityvulnerability.io/vulnerability/CVE-2024-27366,Samsung Mobile Processor Vulnerable to Heap Over-Read,"An issue was discovered in Samsung Mobile Processor, Wearable Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_scan_done_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read.",Samsung,Exynos 980 Firmware,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-09T00:00:00.000Z,0
CVE-2024-27367,https://securityvulnerability.io/vulnerability/CVE-2024-27367,Input Validation Flaw in Samsung Exynos Wearable Processors,"An input validation issue has been identified in various Samsung Exynos Wearable Processors, including Exynos 980, 850, 1080, 1280, 1380, 1330, 1480, W920, and W930. The flaw exists in the slsi_rx_scan_ind() function, where user-supplied data length is not properly validated. This oversight can result in an integer overflow, potentially leading to a heap over-read situation, exposing sensitive data and increasing the risk for exploitation.",Samsung,Exynos 980 Firmware,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-09T00:00:00.000Z,0
CVE-2024-27365,https://securityvulnerability.io/vulnerability/CVE-2024-27365,Heap Over-read Vulnerability in Samsung Exynos Processors,"An issue was discovered in Samsung Mobile Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_blockack_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read.",Samsung,Exynos 980 Firmware,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-09T00:00:00.000Z,0
CVE-2024-27383,https://securityvulnerability.io/vulnerability/CVE-2024-27383,Heap Overwrite Vulnerability Affects Samsung Mobile Processors,"A vulnerability affecting Samsung's Exynos mobile processors including models 980, 850, 1280, 1380, and 1330 has been identified. The flaw arises in the function slsi_get_scan_extra_ies(), where the system fails to perform adequate input validation on data sourced from userspace. This oversight can potentially lead to a heap overwrite, allowing attackers to manipulate the memory allocation process and execute arbitrary code, posing significant security risks to devices utilizing these processors.",Samsung,Exynos 980 Firmware,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-09-09T00:00:00.000Z,0
CVE-2024-31957,https://securityvulnerability.io/vulnerability/CVE-2024-31957,Denial of Service Vulnerability in Samsung Exynos Mobile Processors,"A critical vulnerability has been identified in Samsung's Exynos 2200 and Exynos 2400 mobile processors that allows for the exploitation of native handle validation flaws. This inadequacy permits malicious actors to unmap an invalid length, potentially resulting in Denial of Service attacks that could disrupt device operations. Organizations using devices equipped with these processors should be aware of the risks associated and take precautionary measures to mitigate potential service interruptions.",Samsung,Exynos 2200 Firmware,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-07-09T18:15:00.000Z,0
CVE-2024-28067,https://securityvulnerability.io/vulnerability/CVE-2024-28067,Man-in-the-Middle Vulnerability in Samsung Exynos Modem 5300,"A security flaw in the Samsung Exynos Modem 5300 enables a potential Man-in-the-Middle (MITM) attack. This vulnerability allows attackers to downgrade the security mode of communication packets directed towards the victim. As a result, sensitive messages can be transmitted in plaintext, exposing them to interception and misuse. This situation poses significant risks for users relying on affected devices for secure communications.",Samsung,Exynos Modem 5300 Firmware,3.7,LOW,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-07-09T18:15:00.000Z,0
CVE-2024-27362,https://securityvulnerability.io/vulnerability/CVE-2024-27362,Information Disclosure Vulnerability in Samsung Mobile Processors,"A specific vulnerability exists in Samsung's Exynos mobile processors where the system does not adequately validate the length of incoming data. This flaw could potentially enable unauthorized access to sensitive information, leading to data exposure and privacy risks. Affected models include Exynos 1280, Exynos 2200, Exynos 1330, Exynos 1380, and Exynos 2400. Due diligence in monitoring updates and applying security patches is essential to mitigate risks associated with this vulnerability.",Samsung,Exynos 1280 Firmware,7.5,HIGH,0.0006799999973736703,false,,false,false,false,,,false,false,,2024-07-09T18:15:00.000Z,0
CVE-2024-27360,https://securityvulnerability.io/vulnerability/CVE-2024-27360,Denial of Service Vulnerability in Samsung Exynos Mobile Processors,"Samsung has identified a critical vulnerability within several of its Exynos mobile processors including the Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, and Exynos W930. This vulnerability arises due to inadequate validation of data length, which could be exploited to cause a Denial of Service (DoS), potentially disrupting the functionality of affected devices. Users of these processors should be aware of the implications for system stability and security, and follow recommended security practices to mitigate risks.",Samsung,Exynos 850 Firmware,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-07-09T18:15:00.000Z,0
CVE-2024-32504,https://securityvulnerability.io/vulnerability/CVE-2024-32504,Out-of-Bounds Write Vulnerability in Samsung Exynos Mobile and Wearable Processors,"A vulnerability has been identified in several Samsung Exynos mobile and wearable processors, specifically regarding inadequate length checking during processing. This flaw may permit an Out-of-Bounds Write scenario, potentially leading to unauthorized access or manipulation of memory, which can compromise device integrity and user data security. Products affected include the Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, and Exynos W930. Mitigation steps are currently under review, and users are encouraged to stay updated through Samsung's official product security updates.",Samsung,Exynos 850 Firmware,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-13T00:00:00.000Z,0
CVE-2024-31956,https://securityvulnerability.io/vulnerability/CVE-2024-31956,Buffer Overflow Vulnerability in Samsung Mobile Processors,"A vulnerability has been identified in Samsung's Exynos 2200, Exynos 1480, and Exynos 2400 mobile processors due to inadequate buffer length checking. This oversight can lead to Out-of-Bounds Write conditions, potentially allowing unauthorized access and manipulation of memory. Addressing this issue is critical to ensuring the integrity and security of devices utilizing these processors.",Samsung,Exynos 2200 Firmware,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-13T00:00:00.000Z,0
CVE-2024-32503,https://securityvulnerability.io/vulnerability/CVE-2024-32503,Use-After-Free Vulnerability in Samsung Exynos Mobile and Wearable Processors,"A vulnerability has been identified in Samsung's Exynos mobile and wearable processors, stemming from inadequate memory deallocation checking. This flaw could lead to a Use-After-Free (UAF) scenario, potentially allowing attackers to exploit the system and execute arbitrary code or cause unintended behavior. The affected models include Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, and Exynos W930. Users and developers are advised to explore available mitigations and security recommendations.",Samsung,Exynos 850 Firmware,7.8,HIGH,0.01,false,,false,false,false,,,false,false,,2024-06-07T16:15:00.000Z,0
CVE-2024-27379,https://securityvulnerability.io/vulnerability/CVE-2024-27379,Heap Overwrite Vulnerability in Samsung Mobile Processors,"A vulnerability exists in Samsung's Mobile Processor series, specifically affecting the Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330 models. This vulnerability arises from a failure to perform input validation checks on the hal_req->num_intf_addr_present parameter sourced from userspace within the function slsi_nan_subscribe_get_nl_params(). Without appropriate validation, this flaw can be exploited to facilitate a heap overwrite, potentially allowing an attacker to manipulate memory and execute arbitrary code, thereby compromising the affected device's security.",Samsung,Exynos 980 Firmware,7.8,HIGH,0.01,false,,false,false,false,,,false,false,,2024-06-05T19:15:00.000Z,0
CVE-2024-27382,https://securityvulnerability.io/vulnerability/CVE-2024-27382,Heap Over-read Vulnerability in Samsung Mobile Processors,"A vulnerability has been identified in select Samsung Mobile Processors where the function slsi_send_action_frame() lacks proper input validation for data received from user space. This oversight can result in a heap over-read, potentially allowing malicious entities to exploit the flaw and access sensitive information or disrupt service. The impacted processors include the Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. Immediate scrutiny and protective measures are recommended to safeguard systems utilizing these processors.",Samsung,Exynos 980 Firmware,7.1,HIGH,0.01,false,,false,false,false,,,false,false,,2024-06-05T19:15:00.000Z,0
CVE-2024-27378,https://securityvulnerability.io/vulnerability/CVE-2024-27378,Heap Over-Read Vulnerability in Samsung Mobile Processors,"A vulnerability exists in multiple Samsung Mobile Processors, specifically Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330, due to inadequate input validation within the slsi_send_action_frame_cert() function. This oversight allows for potential heap over-reads, which may lead to exposure of sensitive information and enable further exploitation by malicious actors. Mitigating this issue requires the implementation of proper input validation protocols to secure the affected processors against unauthorized access and attacks.",Samsung,Exynos 980 Firmware,6,MEDIUM,0.01,false,,false,false,false,,,false,false,,2024-06-05T19:15:00.000Z,0
CVE-2024-27381,https://securityvulnerability.io/vulnerability/CVE-2024-27381,Heap Over-read Vulnerability in Samsung Mobile Processors,"A vulnerability exists in the Samsung Mobile Processor models Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. The flaw arises from the function slsi_send_action_frame_ut(), which lacks proper input validation for the length parameter received from userspace. This oversight can lead to a heap over-read, potentially allowing an attacker to exploit system memory. Affected users should evaluate their systems and implement necessary security measures.",Samsung,Exynos 980 Firmware,6,MEDIUM,0.01,false,,false,false,false,,,false,false,,2024-06-05T19:15:00.000Z,0
CVE-2024-27377,https://securityvulnerability.io/vulnerability/CVE-2024-27377,Heap Overflow Vulnerability in Samsung Mobile Processors,"A vulnerability exists in select Samsung Mobile Processor models, specifically Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. The issue arises from a lack of input validation in the function slsi_nan_get_security_info_nl(), which processes user input. As a result, an attacker could exploit this flaw to manipulate memory allocation, potentially leading to a heap overwrite. This can adversely affect the operation of the affected devices, compromising their security and stability.",Samsung,Exynos 980 Firmware,7.8,HIGH,0.01,false,,false,false,false,,,false,false,,2024-06-05T19:15:00.000Z,0
CVE-2024-27374,https://securityvulnerability.io/vulnerability/CVE-2024-27374,Heap Overwrite Vulnerability in Samsung Mobile Processors,"A security vulnerability has been identified in several models of Samsung's Exynos mobile processors, specifically in the function slsi_nan_publish_get_nl_params(). The flaw arises from the absence of input validation checks for hal_req->service_specific_info_len when data is received from userspace. This oversight can potentially lead to a heap overwrite, allowing malicious actors to exploit the vulnerability to compromise the integrity of the system and execute arbitrary code, posing a risk to user data and device functionality.",Samsung,Exynos 980 Firmware,7.8,HIGH,0.01,false,,false,false,false,,,false,false,,2024-06-05T19:15:00.000Z,0
CVE-2023-50803,https://securityvulnerability.io/vulnerability/CVE-2023-50803,Samsung Exynos Processors and Modems Vulnerable to Denial of Service Attacks,"An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay protection specified by the NAS (Non-Access-Stratum) module. This can lead to denial of service.",Samsung,Exynos 9820 Firmware,3.7,LOW,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-06-05T19:15:00.000Z,0
CVE-2023-50804,https://securityvulnerability.io/vulnerability/CVE-2023-50804,Authentication Bypass Vulnerability in Samsung Mobile Processors,"A vulnerability has been identified in the Samsung Mobile Processor series, particularly impacting the baseband software associated with various Exynos models. The issue arises from improper validation of format types specified by the NAS (Non-Access-Stratum) module, potentially allowing unauthorized access or actions by bypassing authentication processes. This presents a significant security risk for devices utilizing these processors.",Samsung,Exynos 9820 Firmware,5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-06-05T19:15:00.000Z,0
CVE-2024-27375,https://securityvulnerability.io/vulnerability/CVE-2024-27375,Heap Overflow Vulnerability in Samsung Mobile Processors,"A vulnerability has emerged in several models of Samsung's Exynos mobile processors, specifically in the slsi_nan_followup_get_nl_params() function. This vulnerability arises from inadequate input validation on the hal_req->sdea_service_specific_info_len parameter, which originates from userspace. As a result, this oversight can lead to a heap overwrite condition, potentially compromising the security of devices powered by these processors. Users are advised to be aware of this vulnerability and implement any available security updates to protect their devices.",Samsung,Exynos 980 Firmware,7.8,HIGH,0.01,false,,false,false,false,,,false,false,,2024-06-05T19:15:00.000Z,0
CVE-2024-28818,https://securityvulnerability.io/vulnerability/CVE-2024-28818,Samsung Exynos Processors and Modems Vulnerable to Information Disclosure Due to Incorrect State Checking,"A serious vulnerability has been identified within the Samsung Exynos Mobile Processors and Wearable Processors, particularly affecting multiple generations including Exynos 980, 990, 1080, 2100, 2200, 1280, 1380, 1330, 2400, along with Exynos Modem 5123 and 5300. This issue arises from inadequate verification of states as dictated by the Radio Resource Control (RRC) module within the baseband software. As a consequence, this flaw may allow unauthorized access to sensitive information, posing significant risks to users relying on devices powered by these processors.",Samsung,Exynos 980 Firmware,7.5,HIGH,0.0006799999973736703,false,,false,false,false,,,false,false,,2024-06-05T19:15:00.000Z,0