Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-04 | CVE-2024-34653 | Path Traversal vulnerability in Samsung Android 12.0/13.0/14.0 Path Traversal in My Files prior to SMR Sep-2024 Release 1 allows physical attackers to access directories with My Files' privilege. | 4.6 |
| 2024-09-04 | CVE-2024-34654 | Unspecified vulnerability in Samsung Android 13.0/14.0 Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files' privilege. | 5.5 |
| 2024-09-04 | CVE-2024-34655 | Unspecified vulnerability in Samsung Android 12.0/13.0/14.0 Incorrect use of privileged API in UniversalCredentialManager prior to SMR Sep-2024 Release 1 allows local attackers to access privileged API related to UniversalCredentialManager. | 5.5 |
| 2024-09-04 | CVE-2024-34659 | Unspecified vulnerability in Samsung Group Sharing 10.8.03.2 Exposure of sensitive information in GroupSharing prior to version 13.6.13.3 allows remote attackers can force the victim to join the group. | 5.3 |
| 2024-09-04 | CVE-2024-34661 | Incorrect Default Permissions vulnerability in Samsung Assistant Improper handling of insufficient permissions in Samsung Assistant prior to version 9.1.00.7 allows remote attackers to access location data. | 4.3 |
| 2024-08-07 | CVE-2024-34604 | Unspecified vulnerability in Samsung Android 12.0/13.0/14.0 Improper access control in LedCoverService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background. | 5.5 |
| 2024-08-07 | CVE-2024-34605 | Unspecified vulnerability in Samsung Android 12.0/13.0/14.0 Improper access control in SamsungHealthService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background. | 5.5 |
| 2024-08-07 | CVE-2024-34606 | Unspecified vulnerability in Samsung Android 12.0/13.0/14.0 Improper access control in SmartThingsService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background. | 5.5 |
| 2024-08-07 | CVE-2024-34607 | Unspecified vulnerability in Samsung Android 12.0/13.0/14.0 Improper access control in SamsungNotesService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background. | 5.5 |
| 2024-08-07 | CVE-2024-34608 | Unspecified vulnerability in Samsung Android 12.0/13.0/14.0 Improper access control in PaymentManagerService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background. | 5.5 |