cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-20815,https://securityvulnerability.io/vulnerability/CVE-2024-20815,Adjacent Attackers Can Secretly Connect to Victim's Mobile Hotspot Without User Awareness,Improper authentication vulnerability in onCharacteristicReadRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim&#39;s mobile hotspot without user awareness.,Samsung,Samsung Mobile Devices,6.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-02-06T02:23:06.078Z,0
CVE-2024-20813,https://securityvulnerability.io/vulnerability/CVE-2024-20813,Arbitrary Code Execution Vulnerability in libpadm.so's padmd_vld_qtbl,"An out-of-bounds write vulnerability exists in the padmd_vld_qtbl component of libpadm.so, present in Samsung products before the SMR Feb-2024 Release 1. This flaw enables a local attacker to manipulate memory, potentially leading to arbitrary code execution. Exploiting this vulnerability can allow attackers to gain unauthorized access and control over affected systems. Ensuring timely updates and patches is crucial to maintain system integrity and security.",Samsung,Samsung Mobile Devices,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-02-06T02:23:04.035Z,0
CVE-2024-20812,https://securityvulnerability.io/vulnerability/CVE-2024-20812,Arbitrary Code Execution Vulnerability in libpadm's padmd_vld_htbl Prior to SMR Feb-2024 Release 1,"The vulnerability identified allows local attackers to exploit an out-of-bounds write condition in the padmd_vld_htbl function of the libpadm.so library, posing security risks to affected Samsung mobile devices. This vulnerability can enable attackers to execute arbitrary code, potentially compromising the integrity of the device and exposing sensitive data.",Samsung,Samsung Mobile Devices,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-02-06T02:23:02.443Z,0
CVE-2024-20811,https://securityvulnerability.io/vulnerability/CVE-2024-20811,Local Attackers Can Configure GameOptimizer Prior to SMR Feb-2024 Release 1,Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer.,Samsung,Samsung Mobile Devices,3.3,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-02-06T02:23:01.334Z,0
CVE-2024-20806,https://securityvulnerability.io/vulnerability/CVE-2024-20806,Improper Access Control in Samsung Notification Service,"An improper access control vulnerability exists in Samsung's Notification service, which may allow a local attacker to access sensitive notification data. This vulnerability is present in versions of the Notification service prior to the SMR January 2024 Release 1, potentially compromising user privacy and data integrity.",Samsung,Samsung Mobile Devices,6.2,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-01-04T01:15:00.000Z,0
CVE-2024-20802,https://securityvulnerability.io/vulnerability/CVE-2024-20802,Improper Access Control in Samsung DeX Affects Multi-User Environments,"An improper access control vulnerability exists in Samsung DeX, which allows the device owner to access notifications of other users in environments where multiple users are set up. This flaw poses significant risks as it undermines user privacy by enabling unauthorized access to personal notifications, highlighting the need for robust access control measures in multi-user scenarios.",Samsung,Samsung Mobile Devices,4.6,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-01-04T01:15:00.000Z,0
CVE-2024-20803,https://securityvulnerability.io/vulnerability/CVE-2024-20803,Improper Authentication Vulnerability in Bluetooth Pairing for Samsung Devices,"An improper authentication vulnerability exists in the Bluetooth pairing process prior to the SMR Jan-2024 Release 1. This flaw allows remote attackers to initiate the pairing process without requiring any user interaction, potentially leading to unauthorized access or control over the Bluetooth-enabled devices. Users should ensure their devices are updated to the latest security patches to mitigate this risk.",Samsung,Samsung Mobile Devices,6.8,MEDIUM,0.000699999975040555,false,,false,false,false,,,false,false,,2024-01-04T01:15:00.000Z,0
CVE-2023-42557,https://securityvulnerability.io/vulnerability/CVE-2023-42557,Out-of-Bounds Write Vulnerability in libIfaaCa Affects Samsung Products,"An out-of-bounds write vulnerability exists in libIfaaCa prior to the SMR Dec-2023 Release 1, allowing local system attackers to potentially execute arbitrary code. This flaw may lead to severe security implications, as it can be exploited by unauthorized users to manipulate system processes.",Samsung,Samsung Mobile Devices,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-12-05T03:15:00.000Z,0
CVE-2023-42561,https://securityvulnerability.io/vulnerability/CVE-2023-42561,Heap Overflow Vulnerability in Samsung Bootloader Affects Devices,A heap out-of-bounds write vulnerability exists in the Samsung bootloader that permits a physical attacker to execute arbitrary code. This flaw impacts devices running versions of the bootloader before SMR Dec-2023 Release 1. Attackers exploiting this vulnerability can gain unauthorized control and potentially compromise sensitive data and system integrity.,Samsung,Samsung Mobile Devices,6.8,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2023-12-05T03:15:00.000Z,0
CVE-2023-42568,https://securityvulnerability.io/vulnerability/CVE-2023-42568,Improper Access Control in SmartManagerCN by Samsung,"An improper access control vulnerability in SmartManagerCN prior to the SMR Dec-2023 Release 1 enables local attackers to access arbitrary files, potentially compromising sensitive information and system integrity. This vulnerability poses a significant threat to users who have not yet updated their systems.",Samsung,Samsung Mobile Devices,4.4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-12-05T03:15:00.000Z,0
CVE-2023-42560,https://securityvulnerability.io/vulnerability/CVE-2023-42560,Heap Out-of-Bounds Write Vulnerability in libsavsac.so by Samsung,"The vulnerability found in libsavsac.so allows for a heap out-of-bounds write, enabling an attacker to execute arbitrary code. This issue exists in the dec_mono_audb function and affects versions prior to the SMR December 2023 Release 1, posing a significant risk to system integrity and security. Users are advised to update to the latest release to protect against potential exploitation.",Samsung,Samsung Mobile Devices,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-12-05T03:15:00.000Z,0
CVE-2023-42565,https://securityvulnerability.io/vulnerability/CVE-2023-42565,Improper Input Validation in Smart Clip Affects Samsung Devices,"An improper input validation vulnerability exists in the Smart Clip software, which allows local attackers who have shell privileges to execute arbitrary code. This weakness may enable an attacker to manipulate the execution flow of the application, potentially leading to unauthorized actions and security breaches. Users are recommended to update to the latest version to mitigate risks associated with this vulnerability.",Samsung,Samsung Mobile Devices,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-12-05T03:15:00.000Z,0
CVE-2023-42562,https://securityvulnerability.io/vulnerability/CVE-2023-42562,Heap Overflow Vulnerability in Samsung's Face Preprocessing Library,"An integer overflow vulnerability has been identified in the detectionFindFaceSupportMultiInstance function of Samsung's libFacePreProcessingjni.camera library. This can enable an attacker to exploit the flaw and potentially trigger a heap overflow, compromising system integrity and allowing for unauthorized access or manipulation of data. It is crucial for users of affected versions to update to the latest SMR Dec-2023 Release 1 to mitigate risks associated with this vulnerability.",Samsung,Samsung Mobile Devices,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-12-05T03:15:00.000Z,0
CVE-2023-42570,https://securityvulnerability.io/vulnerability/CVE-2023-42570,Access Control Flaw in Samsung KnoxCustomManagerService,"An improper access control vulnerability exists in KnoxCustomManagerService, allowing unauthorized access to the device's SIM PIN. This flaw affects devices prior to the SMR Dec-2023 Release 1, posing a risk of unauthorized SIM PIN exposure. Users are encouraged to ensure their systems are updated to the latest security releases to mitigate potential risks associated with this vulnerability.",Samsung,Samsung Mobile Devices,5.9,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-12-05T03:15:00.000Z,0
CVE-2023-42567,https://securityvulnerability.io/vulnerability/CVE-2023-42567,Stack-Based Buffer Overflow in Softsimd by Samsung,"The Softsimd product by Samsung is susceptible to a vulnerability due to improper size checks, which can lead to a stack-based buffer overflow. This flaw exists in versions prior to SMR Dec-2023 Release 1, allowing for potential exploitation that may affect system integrity and data security.",Samsung,Samsung Mobile Devices,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-12-05T03:15:00.000Z,0
CVE-2023-42556,https://securityvulnerability.io/vulnerability/CVE-2023-42556,Sensitive Information Exposure in Samsung Contacts Application,"The Contacts application by Samsung has a flaw due to improper usage of implicit intents, which can allow attackers to access sensitive user information. This vulnerability affects versions of Contacts prior to the SMR December 2023 Release 1, highlighting a critical area for users protecting their personal data.",Samsung,Samsung Mobile Devices,5.5,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2023-12-05T03:15:00.000Z,0
CVE-2023-42566,https://securityvulnerability.io/vulnerability/CVE-2023-42566,Out-of-Bound Write Vulnerability in Samsung Mobile Services,"An out-of-bound write vulnerability in the libsavsvc component of Samsung Mobile Services allows local attackers to execute arbitrary code. This issue exists in versions prior to the SMR December 2023 Release 1, highlighting the importance of timely updates and patches to mitigate potential exploitation.",Samsung,Samsung Mobile Devices,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-12-05T03:15:00.000Z,0
CVE-2023-42559,https://securityvulnerability.io/vulnerability/CVE-2023-42559,Improper Exception Management in Knox Guard by Samsung,"An improper exception management vulnerability in Knox Guard can be exploited by altering the system time, potentially allowing unauthorized access to locked features. This flaw affects Knox Guard versions released prior to the SMR Dec-2023 Release 1, highlighting an urgent need for users to update their systems to mitigate this risk.",Samsung,Samsung Mobile Devices,5.2,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2023-12-05T03:15:00.000Z,0
CVE-2023-42563,https://securityvulnerability.io/vulnerability/CVE-2023-42563,Integer Overflow Vulnerability in Samsung's Camera Processing Library,"An integer overflow vulnerability has been identified in the landmarkCopyImageToNative function within Samsung's camera processing library, libFacePreProcessingjni.camera.samsung.so. This flaw may allow an attacker to exploit the overflow condition, resulting in a heap overflow that could compromise the affected systems. Users are advised to apply updates as per Samsung's security advisories to mitigate potential risks associated with this vulnerability.",Samsung,Samsung Mobile Devices,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-12-05T03:15:00.000Z,0
CVE-2023-21501,https://securityvulnerability.io/vulnerability/CVE-2023-21501,Improper Input Validation Vulnerability in mPOS Fiserv Trustlet,"An improper input validation flaw in the mPOS Fiserv Trustlet allows local attackers to execute arbitrary code. This vulnerability affects versions released before the SMR May-2023 Release 1, posing a significant risk to devices utilizing the affected software. Users are encouraged to update their systems to mitigate potential exploitation.",Samsung,Samsung Mobile Devices,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-05-04T00:00:00.000Z,0
CVE-2023-21500,https://securityvulnerability.io/vulnerability/CVE-2023-21500,Double Free Validation Issue in Samsung mPOS TUI Trustlet,"A double free validation vulnerability exists in the setPinPadImages function of the mPOS TUI trustlet prior to the May-2023 SMR Release 1. This flaw may allow local attackers to exploit the trustlet's memory space, potentially exposing sensitive information or enabling unauthorized access. It's critical to apply the latest security updates to mitigate the risks associated with this vulnerability.",Samsung,Samsung Mobile Devices,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-05-04T00:00:00.000Z,0
CVE-2023-21498,https://securityvulnerability.io/vulnerability/CVE-2023-21498,Improper Input Validation in Samsung mPOS TUI Trustlet,"An improper input validation vulnerability exists in the mPOS TUI Trustlet, which allows local attackers to manipulate certain operations. Specifically, this flaw enables unauthorized modifications to trustlet memory, posing potential risks for integrity and confidentiality. Users are advised to apply the latest security updates to mitigate these risks.",Samsung,Samsung Mobile Devices,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-05-04T00:00:00.000Z,0
CVE-2023-21495,https://securityvulnerability.io/vulnerability/CVE-2023-21495,Improper Access Control in Knox Enrollment Service by Samsung,"An improper access control vulnerability exists in Knox Enrollment Service which allows an attacker to install the KSP app on a device where device administration is enabled. This flaw, if exploited, could lead to unauthorized access and potential misuse of the KSP functionalities, emphasizing the need for timely updates and security assessments.",Samsung,Samsung Mobile Devices,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-05-04T00:00:00.000Z,0
CVE-2023-21493,https://securityvulnerability.io/vulnerability/CVE-2023-21493,Improper Access Control Vulnerability in SemShareFileProvider by Samsung,"An improper access control vulnerability exists in SemShareFileProvider versions prior to SMR May-2023 Release 1, which allows local attackers to gain unauthorized access to protected data. This vulnerability highlights significant security weaknesses that could be exploited to breach sensitive information, underscoring the importance of addressing access control mechanisms in software applications.",Samsung,Samsung Mobile Devices,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-05-04T00:00:00.000Z,0
CVE-2023-21499,https://securityvulnerability.io/vulnerability/CVE-2023-21499,Out-of-Bounds Write Vulnerability in Samsung mPOS TUI Trustlet,An out-of-bounds write vulnerability has been identified in the TA_Communication_mpos_encrypt_pin function within Samsung's mPOS TUI trustlet. This flaw allows local attackers to potentially execute arbitrary code by exploiting the vulnerability prior to the SMR May-2023 Release 1. Users are encouraged to update the product to ensure protection against such threats.,Samsung,Samsung Mobile Devices,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-05-04T00:00:00.000Z,0