Hackhackdump

#2961of 53,608
85.1Total CVSS
Vulnerabilities · 15
Low
1
Medium
12
High
2
PT-2024-26062
5.5
2024-09-03
Dressroom · Dressroom · CVE-2024-34643
**Name of the Vulnerable Software and Affected Versions** Dressroom versions prior to SMR Sep-2024 Release 1 **Description** The issue is related to improper access control in a key input related function, allowing local attackers to access protected data. User interaction is required to trigger this issue. **Recommendations** For versions prior to SMR Sep-2024 Release 1, update to SMR Sep-2024 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the key input related function until a patch is available.
PT-2024-26064
6.1
2024-09-03
Unknown · Themecenter · CVE-2024-34645
**Name of the Vulnerable Software and Affected Versions** ThemeCenter versions prior to SMR Sep-2024 Release 1 **Description** The issue is related to improper input validation in ThemeCenter, which allows physical attackers to install privileged applications. **Recommendations** For versions prior to SMR Sep-2024 Release 1, update to SMR Sep-2024 Release 1 or later to resolve the issue.
PT-2024-26063
5.5
2024-09-03
Dressroom · Dressroom · CVE-2024-34644
**Name of the Vulnerable Software and Affected Versions** Dressroom versions prior to SMR Sep-2024 Release 1 **Description** The issue is related to improper access control in item selection, allowing local attackers to access protected data. User interaction is required to trigger this issue. There is no information provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. **Recommendations** For versions prior to SMR Sep-2024 Release 1, update to SMR Sep-2024 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive data in the Dressroom until the update is applied.
PT-2024-26016
5.9
2024-07-02
Samsung · Galaxy Store · CVE-2024-34601
**Name of the Vulnerable Software and Affected Versions** GalaxyStore versions prior to 4.5.81.0 **Description** The issue is related to improper verification of intent by a broadcast receiver in GalaxyStore, allowing local attackers to launch unexported activities of GalaxyStore. **Recommendations** For GalaxyStore versions prior to 4.5.81.0, update to version 4.5.81.0 or later to resolve the issue.
PT-2024-26012
4.4
2024-07-02
Samsung · Samsung Health · CVE-2024-34597
**Name of the Vulnerable Software and Affected Versions** Samsung Health versions prior to 6.27.0.113 **Description** The issue is related to improper input validation, allowing local attackers to write arbitrary document files to the sandbox of Samsung Health. This requires user interaction to trigger. **Recommendations** For versions prior to 6.27.0.113, update to version 6.27.0.113 or later to resolve the issue.
PT-2024-18761
5.5
2024-04-02
Samsung · Samsung Data Store · CVE-2024-20851
**Name of the Vulnerable Software and Affected Versions** Samsung Data Store versions prior to 5.3.00.4 **Description** The issue is related to improper access control in Samsung Data Store, allowing local attackers to launch arbitrary activities with the privilege of Samsung Data Store. **Recommendations** For versions prior to 5.3.00.4, update to version 5.3.00.4 or later to resolve the issue.
PT-2023-28443
5.5
2023-12-04
Unknown · Searchwidget · CVE-2023-42573
**Name of the Vulnerable Software and Affected Versions** Search Widget versions prior to 3.4 **Description** The issue allows local attackers to access data through a PendingIntent hijacking vulnerability in the Search Widget, specifically in China models. **Recommendations** For versions prior to 3.4, update to version 3.4 or later to resolve the issue.
PT-2023-28409
3.3
2023-11-07
Samsung · Samsung Push Service · CVE-2023-42542
**Name of the Vulnerable Software and Affected Versions** Samsung Push Service versions prior to 3.4.10 **Description** The issue is related to improper access control, allowing local attackers to obtain a register ID that can be used to identify the device. **Recommendations** For versions prior to 3.4.10, update to version 3.4.10 or later to resolve the issue.
PT-2023-22930
5.5
2023-09-05
Unknown · Packageinstallerchn · CVE-2023-30728
**Name of the Vulnerable Software and Affected Versions** PackageInstallerCHN versions prior to 13.1.03.00 **Description** The issue allows a local attacker to access arbitrary files due to an intent redirection vulnerability. This vulnerability requires user interaction. **Recommendations** For versions prior to 13.1.03.00, update to version 13.1.03.00 or later to resolve the issue.
PT-2023-22875
5.5
2023-07-06
Google · Android · CVE-2023-30678
**Name of the Vulnerable Software and Affected Versions** Calendar application versions prior to 12.4.07.15 **Description** The issue allows attackers to write arbitrary files due to a potential zip path traversal vulnerability in the Calendar application. This vulnerability is present in Android 13. **Recommendations** For versions prior to 12.4.07.15, update to version 12.4.07.15 or later to resolve the issue.
PT-2023-22872
6.2
2023-07-06
Samsung · Samsung Pass · CVE-2023-30675
**Name of the Vulnerable Software and Affected Versions** Samsung Pass versions prior to 4.2.03.1 **Description** The issue is related to improper authentication in Samsung Pass, allowing a local attacker to access stored account information when Samsung Wallet is not installed. **Recommendations** For versions prior to 4.2.03.1, update to version 4.2.03.1 or later to resolve the issue.
PT-2023-18260
8.6
2023-05-04
Samsung · Samsung Core Service · CVE-2023-21505
**Name of the Vulnerable Software and Affected Versions** Samsung Core Service versions prior to 2.1.00.36 **Description** The issue is related to improper access control in the Samsung Core Service, allowing an attacker to write arbitrary files in the sandbox. **Recommendations** For versions prior to 2.1.00.36, update to version 2.1.00.36 or later to resolve the issue.
PT-2023-18225
8.1
2023-03-16
Bluetooth · Bluetooth · CVE-2023-21457
**Name of the Vulnerable Software and Affected Versions** Bluetooth versions prior to SMR Mar-2023 Release 1 **Description** The issue is related to improper access control in Bluetooth, allowing attackers to send files without the necessary permissions. **Recommendations** For versions prior to SMR Mar-2023 Release 1, update to SMR Mar-2023 Release 1 or later to resolve the issue.
PT-2023-18234
5.5
2023-03-16
Samsung · Bixbytouch · CVE-2023-21465
**Name of the Vulnerable Software and Affected Versions** BixbyTouch versions prior to 3.2.02.5 **Description** The issue is related to improper access control, allowing untrusted applications to access local files. This affects BixbyTouch in China models. **Recommendations** For versions prior to 3.2.02.5, update to version 3.2.02.5 or later to resolve the issue.
PT-2023-18233
4.0
2023-03-16
Google · Android 12 · CVE-2023-21464
**Name of the Vulnerable Software and Affected Versions** Samsung Calendar versions prior to 12.4.02.9000 in Android 13 Samsung Calendar versions prior to 12.3.08.2000 in Android 12 **Description** The issue is related to improper access control, allowing a local attacker to configure an improper status. This could potentially lead to unauthorized access or modifications. **Recommendations** For Samsung Calendar versions prior to 12.4.02.9000 in Android 13, update to version 12.4.02.9000 or later. For Samsung Calendar versions prior to 12.3.08.2000 in Android 12, update to version 12.3.08.2000 or later.