Vulnerabilities > Samsung > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2024-20814 | Out-of-bounds Read vulnerability in Samsung Android 11.0/12.0 Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows local attackers access unauthorized information. | 5.5 |
| 2024-02-06 | CVE-2024-20815 | Improper Authentication vulnerability in Samsung Android 11.0/12.0 Improper authentication vulnerability in onCharacteristicReadRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness. | 6.5 |
| 2024-02-06 | CVE-2024-20816 | Improper Authentication vulnerability in Samsung Android 11.0/12.0 Improper authentication vulnerability in onCharacteristicWriteRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness. | 6.5 |
| 2024-01-04 | CVE-2024-20803 | Improper Authentication vulnerability in Samsung Android 11.0/12.0 Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction. | 6.5 |
| 2024-01-04 | CVE-2024-20804 | Path Traversal vulnerability in Samsung Android 11.0/12.0 Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file. | 5.5 |
| 2024-01-04 | CVE-2024-20805 | Path Traversal vulnerability in Samsung Android 11.0/12.0 Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file. | 5.5 |
| 2024-01-04 | CVE-2024-20806 | Unspecified vulnerability in Samsung Android 11.0/12.0 Improper access control in Notification service prior to SMR Jan-2024 Release 1 allows local attacker to access notification data. | 5.5 |
| 2023-12-05 | CVE-2023-42556 | Unspecified vulnerability in Samsung Android 11.0/14.0 Improper usage of implicit intent in Contacts prior to SMR Dec-2023 Release 1 allows attacker to get sensitive information. | 5.5 |
| 2023-12-05 | CVE-2023-42557 | Out-of-bounds Write vulnerability in Samsung Android 12.0/13.0/14.0 Out-of-bound write vulnerability in libIfaaCa prior to SMR Dec-2023 Release 1 allows local system attackers to execute arbitrary code. | 6.7 |
| 2023-12-05 | CVE-2023-42559 | Improper Handling of Exceptional Conditions vulnerability in Samsung Android 11.0/14.0 Improper exception management vulnerability in Knox Guard prior to SMR Dec-2023 Release 1 allows Knox Guard lock bypass via changing system time. | 5.2 |