Security Vulnerabilities - CVEs Published In September 2024
Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote attackers to execute arbitrary code.
CVSS Score
8.6
EPSS Score
0.03
Published
2024-09-04
Out-of-bounds read in Samsung Notes allows local attackers to bypass ASLR.
CVSS Score
4.0
EPSS Score
0.0
Published
2024-09-04
Exposure of sensitive information in GroupSharing prior to version 13.6.13.3 allows remote attackers can force the victim to join the group.
CVSS Score
7.5
EPSS Score
0.004
Published
2024-09-04
Heap-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code.
CVSS Score
7.3
EPSS Score
0.001
Published
2024-09-04
Incorrect authorization in kperfmon prior to SMR Sep-2024 Release 1 allows local attackers to access information related to performance including app usage.
CVSS Score
4.0
EPSS Score
0.001
Published
2024-09-04
Path Traversal in My Files prior to SMR Sep-2024 Release 1 allows physical attackers to access directories with My Files' privilege.
CVSS Score
4.6
EPSS Score
0.002
Published
2024-09-04
Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files' privilege.
CVSS Score
6.2
EPSS Score
0.001
Published
2024-09-04
Incorrect use of privileged API in UniversalCredentialManager prior to SMR Sep-2024 Release 1 allows local attackers to access privileged API related to UniversalCredentialManager.
CVSS Score
6.2
EPSS Score
0.001
Published
2024-09-04
Path traversal in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code.
CVSS Score
7.3
EPSS Score
0.001
Published
2024-09-04
Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1 allows local attackers to access sensitive data.
CVSS Score
5.1
EPSS Score
0.001
Published
2024-09-04