Samsung Android 11.0 SMR-FEB-2024-R1

CPE Details

Samsung Android 11.0 SMR-FEB-2024-R1
samsung
android
11.0
2024-05-15
11h37 +00:00
2024-05-15
11h37 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:samsung:android:11.0:smr-feb-2024-r1:*:*:*:*:*:*

Informations

Vendor

samsung

Product

android

Version

11.0

Update

smr-feb-2024-r1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-20862 2024-05-07 04h28 +00:00 Out-of-bounds write in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary code.
6.7
Medium
CVE-2024-20833 2024-03-05 08h08 +00:00 Use after free vulnerability in pub_crypto_recv_msg prior to SMR Mar-2024 Release 1 due to race condition allows local attackers with system privilege to cause memory corruption.
6.4
Medium
CVE-2024-20836 2024-03-05 04h44 +00:00 Out of bounds Read vulnerability in ssmis_get_frm in libsubextractor.so prior to SMR Mar-2024 Release 1 allows local attackers to read out of bounds memory.
5.5
Medium
CVE-2024-20835 2024-03-05 04h44 +00:00 Improper access control vulnerability in CustomFrequencyManagerService prior to SMR Mar-2024 Release 1 allows local attackers to execute privileged behaviors.
7.8
High
CVE-2024-20834 2024-03-05 04h44 +00:00 The sensitive information exposure vulnerability in WlanTest prior to SMR Mar-2024 Release 1 allows local attackers to access MAC address without proper permission.
3.3
Low
CVE-2024-20832 2024-03-05 04h44 +00:00 Heap overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code.
6.7
Medium
CVE-2024-20831 2024-03-05 04h44 +00:00 Stack overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code.
6.7
Medium
CVE-2024-20830 2024-03-05 04h44 +00:00 Incorrect default permission in AppLock prior to SMR MAr-2024 Release 1 allows local attackers to configure AppLock settings.
5.3
Medium
CVE-2024-20820 2024-02-06 02h23 +00:00 Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows local privileged attackers to cause an Out-Of-Bounds read.
7.1
High
CVE-2023-42570 2023-12-05 02h44 +00:00 Improper access control vulnerability in KnoxCustomManagerService prior to SMR Dec-2023 Release 1 allows attacker to access device SIM PIN.
5.9
Medium
CVE-2023-42569 2023-12-05 02h44 +00:00 Improper authorization verification vulnerability in AR Emoji prior to SMR Dec-2023 Release 1 allows attackers to read sandbox data of AR Emoji.
4
Medium
CVE-2023-42566 2023-12-05 02h44 +00:00 Out-of-bound write vulnerability in libsavsvc prior to SMR Dec-2023 Release 1 allows local attackers to execute arbitrary code.
7.8
High
CVE-2023-42561 2023-12-05 02h44 +00:00 Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical attacker to execute arbitrary code.
7.1
High
CVE-2023-42560 2023-12-05 02h44 +00:00 Heap out-of-bounds write vulnerability in dec_mono_audb of libsavsac.so prior to SMR Dec-2023 Release 1 allows an attacker to execute arbitrary code.
7.8
High
CVE-2023-42559 2023-12-05 02h44 +00:00 Improper exception management vulnerability in Knox Guard prior to SMR Dec-2023 Release 1 allows Knox Guard lock bypass via changing system time.
5.2
Medium
CVE-2023-42556 2023-12-05 02h44 +00:00 Improper usage of implicit intent in Contacts prior to SMR Dec-2023 Release 1 allows attacker to get sensitive information.
5.5
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.