Total
13 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-36831 | 1 Samsung | 1 Notes | 2022-10-27 | N/A | 5.5 MEDIUM |
Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission. | |||||
CVE-2021-25405 | 1 Samsung | 1 Notes | 2022-07-14 | 2.1 LOW | 5.5 MEDIUM |
An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files. | |||||
CVE-2021-25495 | 1 Samsung | 1 Notes | 2022-04-26 | 4.6 MEDIUM | 7.8 HIGH |
A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution. | |||||
CVE-2021-25492 | 1 Samsung | 1 Notes | 2022-04-26 | 3.6 LOW | 7.1 HIGH |
Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read. | |||||
CVE-2021-25496 | 1 Samsung | 1 Notes | 2021-10-14 | 4.6 MEDIUM | 7.8 HIGH |
A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | |||||
CVE-2021-25497 | 1 Samsung | 1 Notes | 2021-10-14 | 4.6 MEDIUM | 7.8 HIGH |
A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | |||||
CVE-2021-25498 | 1 Samsung | 1 Notes | 2021-10-14 | 4.6 MEDIUM | 7.8 HIGH |
A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | |||||
CVE-2021-25494 | 1 Samsung | 1 Notes | 2021-10-14 | 4.6 MEDIUM | 7.8 HIGH |
A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution. | |||||
CVE-2021-25493 | 1 Samsung | 1 Notes | 2021-10-13 | 3.6 LOW | 7.1 HIGH |
Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read | |||||
CVE-2021-25402 | 1 Samsung | 1 Notes | 2021-06-21 | 2.1 LOW | 3.3 LOW |
Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information. | |||||
CVE-2021-25355 | 1 Samsung | 1 Notes | 2021-03-30 | 4.6 MEDIUM | 7.8 HIGH |
Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | |||||
CVE-2021-25367 | 1 Samsung | 1 Notes | 2021-03-30 | 5.5 MEDIUM | 5.4 MEDIUM |
Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission. | |||||
CVE-2018-10501 | 1 Samsung | 1 Notes | 2019-10-09 | 4.4 MEDIUM | 7.0 HIGH |
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of ZIP files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5358. |