Total
447 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-20971 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 7.8 HIGH |
|
Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code.
|
|||||
| CVE-2026-20970 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 7.8 HIGH |
|
Improper access control in SLocation prior to SMR Jan-2026 Release 1 allows local attackers to execute the privileged APIs.
|
|||||
| CVE-2026-20968 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 6.7 MEDIUM |
|
Use after free in DualDAR prior to SMR Jan-2026 Release 1 allows local privileged attackers to execute arbitrary code.
|
|||||
| CVE-2021-25372 | 1 Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2026-01-14 | 7.2 HIGH | 6.1 MEDIUM |
|
An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access.
|
|||||
| CVE-2021-25370 | 1 Samsung | 1 Android | 2026-01-14 | 4.9 MEDIUM | 6.1 MEDIUM |
|
An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic.
|
|||||
| CVE-2024-34672 | 1 Samsung | 2 Android, Video Player | 2026-01-08 | N/A | 5.5 MEDIUM |
|
Improper input validation in SamsungVideoPlayer prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows local attackers to access video file of other users.
|
|||||
| CVE-2025-21063 | 1 Samsung | 2 Android, Voice Recorder | 2026-01-08 | N/A | 4.6 MEDIUM |
|
Improper access control in Samsung Voice Recorder prior to version 21.5.73.12 in Android 15 and 21.5.81.40 in Android 16 allows physical attackers to access recording files on the lock screen.
|
|||||
| CVE-2024-20872 | 1 Samsung | 1 Android | 2026-01-07 | N/A | 6.2 MEDIUM |
|
Improper handling of insufficient privileges vulnerability in TalkbackSE prior to version Android 14 allows local attackers to modify setting value of TalkbackSE.
|
|||||
| CVE-2025-21080 | 1 Samsung | 1 Android | 2025-12-05 | N/A | 6.2 MEDIUM |
|
Improper export of android application components in Dynamic Lockscreen prior to SMR Dec-2025 Release 1 allows local attackers to access files with Dynamic Lockscreen's privilege.
|
|||||
| CVE-2025-21072 | 1 Samsung | 1 Android | 2025-12-05 | N/A | 5.7 MEDIUM |
|
Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
|
|||||
| CVE-2025-58475 | 1 Samsung | 1 Android | 2025-12-05 | N/A | 5.6 MEDIUM |
|
Improper input validation in libsec-ril.so prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
|
|||||
| CVE-2025-58476 | 1 Samsung | 1 Android | 2025-12-05 | N/A | 4.2 MEDIUM |
|
Out-of-bounds read vulnerability in bootloader prior to SMR Dec-2025 Release 1 allows physical attackers to access out-of-bounds memory.
|
|||||
| CVE-2025-58477 | 1 Samsung | 1 Android | 2025-12-05 | N/A | 4.3 MEDIUM |
|
Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
|
|||||
| CVE-2025-58478 | 1 Samsung | 1 Android | 2025-12-05 | N/A | 4.3 MEDIUM |
|
Out-of-bounds write in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
|
|||||
| CVE-2025-58479 | 1 Samsung | 1 Android | 2025-12-05 | N/A | 4.3 MEDIUM |
|
Out-of-bounds read in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
|
|||||
| CVE-2025-58480 | 1 Samsung | 1 Android | 2025-12-05 | N/A | 4.3 MEDIUM |
|
Heap-based buffer overflow in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
|
|||||
| CVE-2025-21042 | 1 Samsung | 1 Android | 2025-11-12 | N/A | 8.8 HIGH |
|
Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitrary code.
|
|||||
| CVE-2025-21071 | 1 Samsung | 1 Android | 2025-11-07 | N/A | 5.7 MEDIUM |
|
Out-of-bounds write in handling opcode in fingerprint trustlet prior to SMR Nov-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
|
|||||
| CVE-2025-21073 | 1 Samsung | 1 Android | 2025-11-07 | N/A | 6.8 MEDIUM |
|
Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privileged physical attackers to access user data. User interaction is required for triggering this vulnerability.
|
|||||
| CVE-2025-21074 | 1 Samsung | 1 Android | 2025-11-07 | N/A | 4.3 MEDIUM |
|
Out-of-bounds read in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory.
|
|||||
| CVE-2025-21075 | 1 Samsung | 1 Android | 2025-11-07 | N/A | 4.3 MEDIUM |
|
Out-of-bounds write in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory.
|
|||||
| CVE-2021-25337 | 1 Samsung | 1 Android | 2025-10-30 | 5.8 MEDIUM | 4.4 MEDIUM |
|
Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files.
|
|||||
| CVE-2021-25369 | 1 Samsung | 1 Android | 2025-10-30 | 2.1 LOW | 6.2 MEDIUM |
|
An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace.
|
|||||
| CVE-2021-25371 | 1 Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2025-10-30 | 7.2 HIGH | 6.1 MEDIUM |
|
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.
|
|||||
| CVE-2021-25394 | 1 Samsung | 1 Android | 2025-10-30 | 4.4 MEDIUM | 6.4 MEDIUM |
|
A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is compromised.
|
|||||
| CVE-2021-25395 | 1 Samsung | 1 Android | 2025-10-30 | 4.4 MEDIUM | 6.4 MEDIUM |
|
A race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows local attackers to bypass signature check given a radio privilege is compromised.
|
|||||
| CVE-2021-25487 | 1 Samsung | 1 Android | 2025-10-30 | 4.6 MEDIUM | 7.3 HIGH |
|
Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.
|
|||||
| CVE-2021-25489 | 1 Samsung | 1 Android | 2025-10-30 | 4.9 MEDIUM | 3.3 LOW |
|
Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.
|
|||||
| CVE-2025-21043 | 1 Samsung | 1 Android | 2025-10-30 | N/A | 8.8 HIGH |
|
Out-of-bounds write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code.
|
|||||
| CVE-2023-21492 | 1 Samsung | 1 Android | 2025-10-28 | N/A | 4.4 MEDIUM |
|
Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR.
|
|||||
| CVE-2025-21046 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 2.4 LOW |
|
Improper access control in WindowManager in Samsung DeX prior to SMR Oct-2025 Release 1 allows physical attackers to temporarily access to recent app list.
|
|||||
| CVE-2025-21044 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 5.7 MEDIUM |
|
Out-of-bounds write in fingerprint trustlet prior to SMR Oct-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
|
|||||
| CVE-2025-21047 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 5.2 MEDIUM |
|
Improper access control in KnoxGuard prior to SMR Oct-2025 Release 1 allows physical attackers to use the privileged APIs.
|
|||||
| CVE-2025-21050 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 7.1 HIGH |
|
Improper input validiation in Contacts prior to SMR Oct-2025 Release 1 allows local attackers to access data across multiple user profiles.
|
|||||
| CVE-2025-21048 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 6.7 MEDIUM |
|
Relative path traversal in Knox Enterprise prior to SMR Oct-2025 Release 1 allows local attackers to execute arbitrary code.
|
|||||
| CVE-2025-21049 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 5.5 MEDIUM |
|
Improper access control in SecSettings prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability.
|
|||||
| CVE-2025-21051 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 4.0 MEDIUM |
|
Out-of-bounds write in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to write out-of-bounds memory.
|
|||||
| CVE-2025-21052 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 4.0 MEDIUM |
|
Out-of-bounds write under specific condition in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption.
|
|||||
| CVE-2025-21053 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 4.0 MEDIUM |
|
Out-of-bounds write in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption.
|
|||||
| CVE-2025-21054 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 4.0 MEDIUM |
|
Out-of-bounds read in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to potentially access out-of-bounds memory.
|
|||||