Filtered by vendor Samsung
Subscribe
Total
1539 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-21061 | 1 Samsung | 1 Smart Switch | 2025-10-28 | N/A | 7.1 HIGH |
|
Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access sensitive data. User interaction is required for triggering this vulnerability.
|
|||||
| CVE-2025-21062 | 1 Samsung | 1 Smart Switch | 2025-10-28 | N/A | 7.8 HIGH |
|
Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.67.2 allows local attackers to replace the restoring application. User interaction is required for triggering this vulnerability.
|
|||||
| CVE-2025-21064 | 1 Samsung | 1 Smart Switch | 2025-10-28 | N/A | 8.8 HIGH |
|
Improper authentication in Smart Switch prior to version 3.7.66.6 allows adjacent attackers to access transferring data.
|
|||||
| CVE-2023-21492 | 1 Samsung | 1 Android | 2025-10-28 | N/A | 4.4 MEDIUM |
|
Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR.
|
|||||
| CVE-2024-45183 | 1 Samsung | 14 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 11 more | 2025-10-27 | N/A | 6.5 MEDIUM |
|
An issue was discovered in Samsung Mobile Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, and 2400. A lack of a JPEG length check leads to an out-of-bound write.
|
|||||
| CVE-2025-26780 | 1 Samsung | 4 Exynos 2400, Exynos 2400 Firmware, Modem 5400 and 1 more | 2025-10-27 | N/A | 7.5 HIGH |
|
An issue was discovered in L2 in Samsung Mobile Processor and Modem Exynos 2400 and Modem 5400. The lack of a length check leads to a Denial of Service via a malformed PDCP packet.
|
|||||
| CVE-2025-47202 | 1 Samsung | 38 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 35 more | 2025-10-27 | N/A | 9.1 CRITICAL |
|
In RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400, the lack of a length check leads to out-of-bounds writes.
|
|||||
| CVE-2025-21046 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 2.4 LOW |
|
Improper access control in WindowManager in Samsung DeX prior to SMR Oct-2025 Release 1 allows physical attackers to temporarily access to recent app list.
|
|||||
| CVE-2025-21044 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 5.7 MEDIUM |
|
Out-of-bounds write in fingerprint trustlet prior to SMR Oct-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
|
|||||
| CVE-2025-21047 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 5.2 MEDIUM |
|
Improper access control in KnoxGuard prior to SMR Oct-2025 Release 1 allows physical attackers to use the privileged APIs.
|
|||||
| CVE-2025-21050 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 7.1 HIGH |
|
Improper input validiation in Contacts prior to SMR Oct-2025 Release 1 allows local attackers to access data across multiple user profiles.
|
|||||
| CVE-2025-21048 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 6.7 MEDIUM |
|
Relative path traversal in Knox Enterprise prior to SMR Oct-2025 Release 1 allows local attackers to execute arbitrary code.
|
|||||
| CVE-2025-21049 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 5.5 MEDIUM |
|
Improper access control in SecSettings prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability.
|
|||||
| CVE-2025-21051 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 4.0 MEDIUM |
|
Out-of-bounds write in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to write out-of-bounds memory.
|
|||||
| CVE-2025-21052 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 4.0 MEDIUM |
|
Out-of-bounds write under specific condition in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption.
|
|||||
| CVE-2025-21053 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 4.0 MEDIUM |
|
Out-of-bounds write in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption.
|
|||||
| CVE-2025-21054 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 4.0 MEDIUM |
|
Out-of-bounds read in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to potentially access out-of-bounds memory.
|
|||||
| CVE-2025-21055 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 4.3 MEDIUM |
|
Out-of-bounds read and write in libimagecodec.quram.so prior to SMR Oct-2025 Release 1 allows remote attackers to access out-of-bounds memory.
|
|||||
| CVE-2016-1010 | 6 Adobe, Apple, Google and 3 more | 15 Air, Air Desktop Runtime, Air Sdk and 12 more | 2025-10-22 | 9.3 HIGH | 8.8 HIGH |
|
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993.
|
|||||
| CVE-2025-21057 | 1 Samsung | 1 Notes | 2025-10-20 | N/A | 4.0 MEDIUM |
|
Use of implicit intent for sensitive communication in Samsung Notes prior to version 4.4.30.63 allows local attackers to access shared notes.
|
|||||
| CVE-2025-21066 | 1 Samsung | 1 Notes | 2025-10-16 | N/A | 4.0 MEDIUM |
|
Out-of-bounds read in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.
|
|||||
| CVE-2025-21067 | 1 Samsung | 1 Notes | 2025-10-16 | N/A | 4.0 MEDIUM |
|
Out-of-bounds read in the allocation of image buffer in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.
|
|||||
| CVE-2025-21068 | 1 Samsung | 1 Notes | 2025-10-16 | N/A | 4.0 MEDIUM |
|
Out-of-bounds read in the reading of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.
|
|||||
| CVE-2025-21069 | 1 Samsung | 1 Notes | 2025-10-16 | N/A | 4.0 MEDIUM |
|
Out-of-bounds read in the parsing of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.
|
|||||
| CVE-2025-21070 | 1 Samsung | 1 Notes | 2025-10-16 | N/A | 4.0 MEDIUM |
|
Out-of-bounds write in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to write out-of-bounds memory.
|
|||||
| CVE-2024-20854 | 2 Google, Samsung | 2 Android, Camera | 2025-10-10 | N/A | 5.9 MEDIUM |
|
Improper handling of insufficient privileges vulnerability in Samsung Camera prior to versions 12.1.0.31 in Android 12, 13.1.02.07 in Android 13, and 14.0.01.06 in Android 14 allows local attackers to access image data.
|
|||||
| CVE-2025-20926 | 2 Google, Samsung | 2 Android, Myfiles | 2025-10-03 | N/A | 5.5 MEDIUM |
|
Improper export of Android application components in My Files prior to version 15.0.07.5 in Android 14 allows local attackers to access files with My Files' privilege.
|
|||||
| CVE-2023-21481 | 1 Samsung | 1 Account | 2025-10-01 | N/A | 5.4 MEDIUM |
|
Improper URL input validation vulnerability in Samsung Account application prior to version 14.1.0.0 allows remote attackers to get sensitive information.
|
|||||
| CVE-2023-21482 | 2 Google, Samsung | 2 Android, Camera | 2025-10-01 | N/A | 6.1 MEDIUM |
|
Missing authorization vulnerability in Camera prior to versions 11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13.1.01.4 in Android 13 allows physical attackers to install package through Galaxy store before completion of Setup wizard.
|
|||||
| CVE-2025-21035 | 2 Google, Samsung | 2 Android, Calendar | 2025-09-29 | N/A | 4.6 MEDIUM |
|
Improper access control in Samsung Calendar prior to version 12.5.06.5 in Android 14 and 12.6.01.12 in Android 15 allows physical attackers to access data across multiple user profiles.
|
|||||
| CVE-2024-49421 | 2 Google, Samsung | 2 Android, Quick Share | 2025-09-24 | N/A | 4.3 MEDIUM |
|
Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adjacent attackers to write file in arbitrary location.
|
|||||
| CVE-2023-21468 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 5.9 MEDIUM |
|
Improper access control vulnerability in Telephony prior to SMR Apr-2023 Release 1 allows attackers to access files with escalated permission.
|
|||||
| CVE-2023-21469 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 4.0 MEDIUM |
|
Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.GEOFENCE action.
|
|||||
| CVE-2023-21470 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 4.0 MEDIUM |
|
Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.NETWORK_LOCATION action.
|
|||||
| CVE-2023-21474 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 6.3 MEDIUM |
|
Intent redirection vulnerability in SecSettings prior to SMR Apr-2022 Release 1 allows attackers to access arbitrary file with system privilege.
|
|||||
| CVE-2023-21478 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 6.0 MEDIUM |
|
Improper input validation vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data.
|
|||||
| CVE-2023-21480 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 8.5 HIGH |
|
Improper input validation vulnerability in CertByte prior to SMR Apr-2023 Release 1 allows local attackers to launch privileged activities.
|
|||||
| CVE-2025-21041 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 6.2 MEDIUM |
|
Insecure Storage of Sensitive Information in Secure Folder prior to Android 16 allows local attackers to access sensitive information.
|
|||||
| CVE-2025-21034 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 4.0 MEDIUM |
|
Out-of-bounds write in libsavsvc.so prior to SMR Sep-2025 Release 1 allows local attackers to potentially execute arbitrary code.
|
|||||
| CVE-2025-21033 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 4.0 MEDIUM |
|
Improper access control in ContactProvider prior to SMR Sep-2025 Release 1 allows local attackers to access sensitive information.
|
|||||