Samsung Notes vulnerabilities

CVE-2024-34631 [MEDIUM] CWE-125 CVE-2024-34631: Out-of-bounds read in applying new binary in Samsung Notes prior to version 4.4.21.62 allows local a Out-of-bounds read in applying new binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.

CVE-2024-34628 [MEDIUM] CWE-125 CVE-2024-34628: Out-of-bounds read in applying binary with path in Samsung Notes prior to version 4.4.21.62 allows l Out-of-bounds read in applying binary with path in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.

CVE-2024-34621 [MEDIUM] CWE-125 CVE-2024-34621: Out-of-bounds read in applying binary with data in Samsung Notes prior to version 4.4.21.62 allows l Out-of-bounds read in applying binary with data in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.

CVE-2024-34625 [MEDIUM] CWE-125 CVE-2024-34625: Out-of-bounds read in applying connection point in Samsung Notes prior to version 4.4.21.62 allows l Out-of-bounds read in applying connection point in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.

CVE-2024-34624 [MEDIUM] CWE-125 CVE-2024-34624: Out-of-bounds read in applying paragraphs in Samsung Notes prior to version 4.4.21.62 allows local a Out-of-bounds read in applying paragraphs in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.

CVE-2024-34634 [LOW] CWE-125 CVE-2024-34634: Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allo Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.

CVE-2024-34633 [LOW] CWE-125 CVE-2024-34633: Out-of-bounds read in parsing object header in Samsung Notes prior to version 4.4.21.62 allows local Out-of-bounds read in parsing object header in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.

CVE-2024-34632 [LOW] CWE-125 CVE-2024-34632: Out-of-bounds read in uuid parsing in Samsung Notes prior to version 4.4.21.62 allows local attacker Out-of-bounds read in uuid parsing in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.

CVE-2024-34635 [LOW] CWE-125 CVE-2024-34635: Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows loca Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.

CVE-2024-20868 [HIGH] CVE-2024-20868: Improper input validation in Samsung Notes prior to version 4.4.15 allows local attackers to delete Improper input validation in Samsung Notes prior to version 4.4.15 allows local attackers to delete files with Samsung Notes privilege under certain conditions.

CVE-2022-36831 [MEDIUM] CWE-22 CVE-2022-36831: Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows atta Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission.

CVE-2021-25495 [HIGH] CWE-122 CVE-2021-25495: A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsu A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.

CVE-2021-25497 [HIGH] CWE-120 CVE-2021-25497: A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.

CVE-2021-25494 [HIGH] CWE-125 CVE-2021-25494: A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung No A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.

CVE-2021-25493 [HIGH] CWE-125 CVE-2021-25493: Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read

CVE-2021-25496 [HIGH] CWE-120 CVE-2021-25496: A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.

CVE-2021-25492 [HIGH] CWE-787 CVE-2021-25492: Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read.

CVE-2021-25498 [HIGH] CWE-120 CVE-2021-25498: A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Note A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.

CVE-2021-25405 [MEDIUM] CWE-284 CVE-2021-25405: An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2. An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files.

CVE-2021-25402 [LOW] CWE-922 CVE-2021-25402: Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to ac Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information.