Total
447 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-21055 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 4.3 MEDIUM |
|
Out-of-bounds read and write in libimagecodec.quram.so prior to SMR Oct-2025 Release 1 allows remote attackers to access out-of-bounds memory.
|
|||||
| CVE-2023-21468 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 5.9 MEDIUM |
|
Improper access control vulnerability in Telephony prior to SMR Apr-2023 Release 1 allows attackers to access files with escalated permission.
|
|||||
| CVE-2023-21469 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 4.0 MEDIUM |
|
Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.GEOFENCE action.
|
|||||
| CVE-2023-21470 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 4.0 MEDIUM |
|
Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.NETWORK_LOCATION action.
|
|||||
| CVE-2023-21474 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 6.3 MEDIUM |
|
Intent redirection vulnerability in SecSettings prior to SMR Apr-2022 Release 1 allows attackers to access arbitrary file with system privilege.
|
|||||
| CVE-2023-21478 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 6.0 MEDIUM |
|
Improper input validation vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data.
|
|||||
| CVE-2023-21480 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 8.5 HIGH |
|
Improper input validation vulnerability in CertByte prior to SMR Apr-2023 Release 1 allows local attackers to launch privileged activities.
|
|||||
| CVE-2025-21041 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 6.2 MEDIUM |
|
Insecure Storage of Sensitive Information in Secure Folder prior to Android 16 allows local attackers to access sensitive information.
|
|||||
| CVE-2025-21034 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 4.0 MEDIUM |
|
Out-of-bounds write in libsavsvc.so prior to SMR Sep-2025 Release 1 allows local attackers to potentially execute arbitrary code.
|
|||||
| CVE-2025-21033 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 4.0 MEDIUM |
|
Improper access control in ContactProvider prior to SMR Sep-2025 Release 1 allows local attackers to access sensitive information.
|
|||||
| CVE-2025-21032 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 5.9 MEDIUM |
|
Improper access control in One UI Home prior to SMR Sep-2025 Release 1 allows physical attackers to bypass Kiosk mode under limited conditions.
|
|||||
| CVE-2025-21029 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 4.0 MEDIUM |
|
Improper handling of insufficient permission in System UI prior to SMR Sep-2025 Release 1 allows local attackers to send arbitrary replies to messages from the cover display.
|
|||||
| CVE-2025-21028 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 5.5 MEDIUM |
|
Improper privilege management in ThemeManager prior to SMR Sep-2025 Release 1 allows local privileged attackers to reuse trial items.
|
|||||
| CVE-2025-21026 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 4.0 MEDIUM |
|
Improper handling of insufficient permission in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to interrupt the call.
|
|||||
| CVE-2025-21027 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 5.1 MEDIUM |
|
Improper verification of intent by broadcast receiver in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to temporarily disable the SIM.
|
|||||
| CVE-2025-21025 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 5.1 MEDIUM |
|
Improper access control in MARsExemptionManager prior to SMR Sep-2025 Release 1 allows local attackers to be excluded from background execution management.
|
|||||
| CVE-2023-21466 | 1 Samsung | 1 Android | 2025-09-08 | N/A | 5.3 MEDIUM |
|
PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023 Release 1 allows local attackers to access contentProvider without proper permission.
|
|||||
| CVE-2023-21471 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 4.0 MEDIUM |
|
Improper access control vulnerability in SemClipboard prior to SMR Apr-2023 Release 1 allows attackers to read arbitrary files with system permission.
|
|||||
| CVE-2023-21472 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 6.8 MEDIUM |
|
Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader.
|
|||||
| CVE-2023-21473 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 6.8 MEDIUM |
|
Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader.
|
|||||
| CVE-2023-21475 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 8.0 HIGH |
|
Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code.
|
|||||
| CVE-2023-21476 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 8.0 HIGH |
|
Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code.
|
|||||
| CVE-2025-21031 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 6.8 MEDIUM |
|
Improper access control in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to use the privileged APIs.
|
|||||
| CVE-2025-21010 | 1 Samsung | 1 Android | 2025-08-12 | N/A | 6.0 MEDIUM |
|
Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account.
|
|||||
| CVE-2025-20990 | 1 Samsung | 1 Android | 2025-08-12 | N/A | 4.0 MEDIUM |
|
Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier.
|
|||||
| CVE-2025-21002 | 1 Samsung | 1 Android | 2025-07-16 | N/A | 6.2 MEDIUM |
|
Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to manipulate broadcasting Auracast.
|
|||||
| CVE-2025-21003 | 1 Samsung | 1 Android | 2025-07-16 | N/A | 4.0 MEDIUM |
|
Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows local attackers to access sensitive information.
|
|||||
| CVE-2025-21005 | 1 Samsung | 1 Android | 2025-07-15 | N/A | 5.5 MEDIUM |
|
Improper access control in isemtelephony prior to Android 15 allows local attackers to access sensitive information.
|
|||||
| CVE-2025-21006 | 1 Samsung | 1 Android | 2025-07-15 | N/A | 7.0 HIGH |
|
Out-of-bounds write in handling of macro blocks for MPEG4 codec in libsavsvc.so prior to Android 15 allows local attackers to write out-of-bounds memory.
|
|||||
| CVE-2025-21007 | 1 Samsung | 1 Android | 2025-07-15 | N/A | 5.5 MEDIUM |
|
Out-of-bounds write in accessing uninitialized memory in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption.
|
|||||
| CVE-2025-20983 | 1 Samsung | 1 Android | 2025-07-14 | N/A | 6.4 MEDIUM |
|
Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
|
|||||
| CVE-2025-21000 | 1 Samsung | 1 Android | 2025-07-14 | N/A | 6.2 MEDIUM |
|
Improper privilege management in Bluetooth prior to SMR Jul-2025 Release 1 allows local attackers to enable Bluetooth.
|
|||||
| CVE-2025-20999 | 1 Samsung | 1 Android | 2025-07-14 | N/A | 4.1 MEDIUM |
|
Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Release 1 allows secondary users to access owner's saved Wi-Fi password.
|
|||||
| CVE-2025-20982 | 1 Samsung | 1 Android | 2025-07-14 | N/A | 6.4 MEDIUM |
|
Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
|
|||||
| CVE-2025-21001 | 1 Samsung | 1 Android | 2025-07-14 | N/A | 6.2 MEDIUM |
|
Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to stop broadcasting Auracast.
|
|||||
| CVE-2025-21008 | 1 Samsung | 1 Android | 2025-07-10 | N/A | 5.5 MEDIUM |
|
Out-of-bounds read in decoding frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption.
|
|||||
| CVE-2025-21009 | 1 Samsung | 1 Android | 2025-07-10 | N/A | 5.5 MEDIUM |
|
Out-of-bounds read in decoding malformed frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption.
|
|||||
| CVE-2024-20805 | 1 Samsung | 2 Android, Myfiles | 2025-06-03 | N/A | 3.3 LOW |
|
Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file.
|
|||||
| CVE-2025-20955 | 1 Samsung | 1 Android | 2025-05-21 | N/A | 5.5 MEDIUM |
|
Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification images.
|
|||||
| CVE-2025-20957 | 1 Samsung | 1 Android | 2025-05-21 | N/A | 7.3 HIGH |
|
Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch arbitrary activities with SmartManagerCN privilege.
|
|||||