Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-05 | CVE-2024-20837 | Unspecified vulnerability in Samsung Internet Improper handling of granting permission for Trusted Web Activities in Samsung Internet prior to version 24.0.0.41 allows local attackers to grant permission to their own TWA WebApps without user interaction. | 5.3 |
| 2024-03-05 | CVE-2024-20839 | Unspecified vulnerability in Samsung Voice Recorder Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers to access recording files on the lock screen. low complexity samsung | 4.6 |
| 2024-03-05 | CVE-2024-20841 | Incorrect Default Permissions vulnerability in Samsung Account Improper Handling of Insufficient Privileges in Samsung Account prior to version 14.8.00.3 allows local attackers to access data. | 5.5 |
| 2024-02-07 | CVE-2024-23769 | Unspecified vulnerability in Samsung Magician 8.0.0 Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 (for Windows) allows a local attacker to read privileged data. | 5.5 |
| 2024-02-06 | CVE-2024-20814 | Out-of-bounds Read vulnerability in Samsung Android 11.0/12.0 Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows local attackers access unauthorized information. | 5.5 |
| 2024-02-06 | CVE-2024-20815 | Improper Authentication vulnerability in Samsung Android 11.0/12.0 Improper authentication vulnerability in onCharacteristicReadRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness. | 6.5 |
| 2024-02-06 | CVE-2024-20816 | Improper Authentication vulnerability in Samsung Android 11.0/12.0 Improper authentication vulnerability in onCharacteristicWriteRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness. | 6.5 |
| 2024-02-06 | CVE-2024-20822 | Unspecified vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Implicit intent hijacking vulnerability in AccountActivity of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | 5.5 |
| 2024-02-06 | CVE-2024-20823 | Unspecified vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Implicit intent hijacking vulnerability in SamsungAccount of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | 5.5 |
| 2024-02-06 | CVE-2024-20824 | Unspecified vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Implicit intent hijacking vulnerability in VoiceSearch of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | 5.5 |