Samsung Android 13.0 SMR-OCT-2024-R1

CPE Details

Samsung Android 13.0 SMR-OCT-2024-R1
13.0
2024-12-26
14h53 +00:00
2024-12-26
14h53 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:samsung:android:13.0:smr-oct-2024-r1:*:*:*:*:*:*

Informations

Vendor

samsung

Product

android

Version

13.0

Update

smr-oct-2024-r1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-20907 2025-02-04 07h24 +00:00 Improper privilege management in Samsung Find prior to SMR Feb-2025 Release 1 allows local privileged attackers to disable Samsung Find.
6
Medium
CVE-2025-20905 2025-02-04 07h24 +00:00 Out-of-bounds read and write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to read and write out-of-bounds memory.
6.7
Medium
CVE-2025-20904 2025-02-04 07h24 +00:00 Out-of-bounds write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to cause memory corruption.
6.7
Medium
CVE-2025-20892 2025-02-04 07h19 +00:00 Protection Mechanism Failure in bootloader prior to SMR Jan-2025 Release 1 allows physical attackers to allow to execute fastboot command. User interaction is required for triggering this vulnerability.
5.9
Medium
CVE-2025-20891 2025-02-04 07h19 +00:00 Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability.
5.5
Medium
CVE-2025-20890 2025-02-04 07h19 +00:00 Out-of-bounds write in decoding frame buffer in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.
7.8
High
CVE-2025-20889 2025-02-04 07h19 +00:00 Out-of-bounds read in decoding malformed bitstream for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability.
5.5
Medium
CVE-2025-20888 2025-02-04 07h19 +00:00 Out-of-bounds write in handling the block size for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.
7.8
High
CVE-2025-20887 2025-02-04 07h19 +00:00 Out-of-bounds read in accessing table used for svp8t in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability.
5.5
Medium
CVE-2025-20886 2025-02-04 07h19 +00:00 Inclusion of sensitive information in test code in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged attackers to get test key.
4.4
Medium
CVE-2025-20885 2025-02-04 07h19 +00:00 Out-of-bounds write in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged attackers to cause memory corruption.
6.7
Medium
CVE-2025-20884 2025-02-04 07h19 +00:00 Improper access control in Samsung Message prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles.
4.6
Medium
CVE-2025-20883 2025-02-04 07h19 +00:00 Improper access control in SoundPicker prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles.
4.6
Medium
CVE-2025-20882 2025-02-04 07h19 +00:00 Out-of-bounds write in accessing uninitialized memory for svc1td in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.
7.8
High
CVE-2025-20881 2025-02-04 07h19 +00:00 Out-of-bounds write in accessing buffer storing the decoded video frames in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.
7.8
High
CVE-2024-49415 2024-12-03 05h47 +00:00 Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code.
9.8
Critical
CVE-2024-49414 2024-12-03 05h47 +00:00 Authentication Bypass Using an Alternate Path in Dex Mode prior to SMR Dec-2024 Release 1 allows physical attackers to temporarily access to recent app list.
2.4
Low
CVE-2024-49413 2024-12-03 05h47 +00:00 Improper Verification of Cryptographic Signature in SmartSwitch prior to SMR Dec-2024 Release 1 allows local attackers to install malicious applications.
7.8
High
CVE-2024-49411 2024-12-03 05h47 +00:00 Path Traversal in ThemeCenter prior to SMR Dec-2024 Release 1 allows physical attackers to copy apk files to arbitrary path with ThemeCenter privilege.
4.6
Medium
CVE-2024-49410 2024-12-03 05h47 +00:00 Out-of-bounds write in libswmfextractor.so prior to SMR Dec-2024 Release 1 allows local attackers to execute arbitrary code.
7.8
High
CVE-2024-49401 2024-11-06 02h17 +00:00 Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities.
7.1
High
CVE-2024-34680 2024-11-06 02h17 +00:00 Use of implicit intent for sensitive communication in WlanTest prior to SMR Nov-2024 Release 1 allows local attackers to get sensitive information.
5.5
Medium
CVE-2024-34678 2024-11-06 02h17 +00:00 Out-of-bounds write in libsapeextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption.
7.8
High
CVE-2024-34677 2024-11-06 02h17 +00:00 Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate.
4
Medium
CVE-2024-34676 2024-11-06 02h17 +00:00 Out-of-bounds write in parsing subtitle file in libsubextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. User interaction is required for triggering this vulnerability.
7.3
High
CVE-2024-34674 2024-11-06 02h17 +00:00 Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles.
4.6
Medium
CVE-2024-34673 2024-11-06 02h16 +00:00 Improper Input Validation in IpcProtocol in Modem prior to SMR Nov-2024 Release 1 allows local attackers to cause Denial-of-Service.
5.5
Medium
CVE-2023-42563 2023-12-05 02h49 +00:00 Integer overflow vulnerability in landmarkCopyImageToNative of libFacePreProcessingjni.camera.samsung.so prior to SMR Dec-2023 Release 1 allows attacker to trigger heap overflow.
7.8
High
CVE-2023-42570 2023-12-05 02h44 +00:00 Improper access control vulnerability in KnoxCustomManagerService prior to SMR Dec-2023 Release 1 allows attacker to access device SIM PIN.
5.9
Medium
CVE-2023-42566 2023-12-05 02h44 +00:00 Out-of-bound write vulnerability in libsavsvc prior to SMR Dec-2023 Release 1 allows local attackers to execute arbitrary code.
7.8
High
CVE-2023-42565 2023-12-05 02h44 +00:00 Improper input validation vulnerability in Smart Clip prior to SMR Dec-2023 Release 1 allows local attackers with shell privilege to execute arbitrary code.
7.3
High
CVE-2023-42564 2023-12-05 02h44 +00:00 Improper access control in knoxcustom service prior to SMR Dec-2023 Release 1 allows attacker to send broadcast with system privilege.
6.6
Medium
CVE-2023-42562 2023-12-05 02h44 +00:00 Integer overflow vulnerability in detectionFindFaceSupportMultiInstance of libFacePreProcessingjni.camera.samsung.so prior to SMR Dec-2023 Release 1 allows attacker to trigger heap overflow.
7.8
High
CVE-2023-42561 2023-12-05 02h44 +00:00 Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical attacker to execute arbitrary code.
7.1
High
CVE-2023-42560 2023-12-05 02h44 +00:00 Heap out-of-bounds write vulnerability in dec_mono_audb of libsavsac.so prior to SMR Dec-2023 Release 1 allows an attacker to execute arbitrary code.
7.8
High
CVE-2023-42559 2023-12-05 02h44 +00:00 Improper exception management vulnerability in Knox Guard prior to SMR Dec-2023 Release 1 allows Knox Guard lock bypass via changing system time.
5.2
Medium
CVE-2023-42557 2023-12-05 02h44 +00:00 Out-of-bound write vulnerability in libIfaaCa prior to SMR Dec-2023 Release 1 allows local system attackers to execute arbitrary code.
6.7
Medium
CVE-2023-42556 2023-12-05 02h44 +00:00 Improper usage of implicit intent in Contacts prior to SMR Dec-2023 Release 1 allows attacker to get sensitive information.
5.5
Medium