CPE Details
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:o:samsung:android:11.0:smr-feb-2024-r1:*:*:*:*:*:*
Informations
Vendor
samsungProduct
androidVersion
11.0Update
smr-feb-2024-r1Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| Out-of-bounds write in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary code. | 6.7 |
Medium |
||
| Use after free vulnerability in pub_crypto_recv_msg prior to SMR Mar-2024 Release 1 due to race condition allows local attackers with system privilege to cause memory corruption. | 6.4 |
Medium |
||
| Out of bounds Read vulnerability in ssmis_get_frm in libsubextractor.so prior to SMR Mar-2024 Release 1 allows local attackers to read out of bounds memory. | 5.5 |
Medium |
||
| Improper access control vulnerability in CustomFrequencyManagerService prior to SMR Mar-2024 Release 1 allows local attackers to execute privileged behaviors. | 7.8 |
High |
||
| The sensitive information exposure vulnerability in WlanTest prior to SMR Mar-2024 Release 1 allows local attackers to access MAC address without proper permission. | 3.3 |
Low |
||
| Heap overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code. | 6.7 |
Medium |
||
| Stack overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code. | 6.7 |
Medium |
||
| Incorrect default permission in AppLock prior to SMR MAr-2024 Release 1 allows local attackers to configure AppLock settings. | 5.3 |
Medium |
||
| Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows local privileged attackers to cause an Out-Of-Bounds read. | 7.1 |
High |
||
| Improper access control vulnerability in KnoxCustomManagerService prior to SMR Dec-2023 Release 1 allows attacker to access device SIM PIN. | 5.9 |
Medium |
||
| Improper authorization verification vulnerability in AR Emoji prior to SMR Dec-2023 Release 1 allows attackers to read sandbox data of AR Emoji. | 4 |
Medium |
||
| Out-of-bound write vulnerability in libsavsvc prior to SMR Dec-2023 Release 1 allows local attackers to execute arbitrary code. | 7.8 |
High |
||
| Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical attacker to execute arbitrary code. | 7.1 |
High |
||
| Heap out-of-bounds write vulnerability in dec_mono_audb of libsavsac.so prior to SMR Dec-2023 Release 1 allows an attacker to execute arbitrary code. | 7.8 |
High |
||
| Improper exception management vulnerability in Knox Guard prior to SMR Dec-2023 Release 1 allows Knox Guard lock bypass via changing system time. | 5.2 |
Medium |
||
| Improper usage of implicit intent in Contacts prior to SMR Dec-2023 Release 1 allows attacker to get sensitive information. | 5.5 |
Medium |
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.