Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2024-20824 | Unspecified vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Implicit intent hijacking vulnerability in VoiceSearch of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | 5.5 |
| 2024-02-06 | CVE-2024-20825 | Unspecified vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Implicit intent hijacking vulnerability in IAP of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | 5.5 |
| 2024-02-06 | CVE-2024-20826 | Unspecified vulnerability in Samsung Uphelper Library 3.0.12 Implicit intent hijacking vulnerability in UPHelper library prior to version 4.0.0 allows local attackers to access sensitive information via implicit intent. | 5.5 |
| 2024-02-06 | CVE-2024-20827 | Unspecified vulnerability in Samsung Gallery 14.5.01.2 Improper access control vulnerability in Samsung Gallery prior to version 14.5.04.4 allows physical attackers to access the picture using physical keyboard on the lockscreen. low complexity samsung | 4.6 |
| 2024-02-06 | CVE-2024-20828 | Incorrect Authorization vulnerability in Samsung Internet Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication. | 4.6 |
| 2024-01-04 | CVE-2024-20802 | Unspecified vulnerability in Samsung DEX Improper access control vulnerability in Samsung DeX prior to SMR Jan-2024 Release 1 allows owner to access other users' notification in a multi-user environment. | 5.5 |
| 2024-01-04 | CVE-2024-20803 | Improper Authentication vulnerability in Samsung Android 11.0/12.0 Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction. | 6.5 |
| 2024-01-04 | CVE-2024-20804 | Path Traversal vulnerability in Samsung Android 11.0/12.0 Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file. | 5.5 |
| 2024-01-04 | CVE-2024-20805 | Path Traversal vulnerability in Samsung Android 11.0/12.0 Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file. | 5.5 |
| 2024-01-04 | CVE-2024-20806 | Unspecified vulnerability in Samsung Android 11.0/12.0 Improper access control in Notification service prior to SMR Jan-2024 Release 1 allows local attacker to access notification data. | 5.5 |