Filtered by vendor Samsung
Subscribe
Total
1539 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-62817 | 1 Samsung | 14 Exynos 1280, Exynos 1280 Firmware, Exynos 1380 and 11 more | 2026-03-04 | N/A | 7.5 HIGH |
|
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of session->ncp_hdr_buf in __pilot_parsing_ncp() causes a denial of service.
|
|||||
| CVE-2025-62814 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1380 and 7 more | 2026-03-04 | N/A | 7.5 HIGH |
|
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, and 2400. A NULL pointer dereference of ft_handle in load_fw_utc_vector() causes a denial of service.
|
|||||
| CVE-2025-62815 | 1 Samsung | 10 Exynos 1380, Exynos 1380 Firmware, Exynos 1480 and 7 more | 2026-03-04 | N/A | 5.5 MEDIUM |
|
An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of npu_proto_drv.ast.thread_ref in set_cpu_affinity() causes a denial of service.
|
|||||
| CVE-2025-66363 | 1 Samsung | 2 Exynos 2200, Exynos 2200 Firmware | 2026-03-04 | N/A | 7.5 HIGH |
|
An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There was no check for memory initialization within DL NAS Transport messages.
|
|||||
| CVE-2025-62816 | 1 Samsung | 14 Exynos 1280, Exynos 1280 Firmware, Exynos 1380 and 11 more | 2026-03-04 | N/A | 5.5 MEDIUM |
|
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. Unvalidated VS4L_VERTEXIOC_BOOTUP input leads to a denial of service.
|
|||||
| CVE-2026-20985 | 1 Samsung | 1 Members | 2026-02-25 | N/A | 4.3 MEDIUM |
|
Improper input validation in Samsung Members prior to version 5.6.00.11 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability.
|
|||||
| CVE-2026-20986 | 1 Samsung | 1 Members | 2026-02-25 | N/A | 5.5 MEDIUM |
|
Path traversal in Samsung Members prior to Chinese version 15.5.05.4 allows local attackers to overwrite data within Samsung Members.
|
|||||
| CVE-2025-21015 | 1 Samsung | 1 Android | 2026-02-24 | N/A | 4.0 MEDIUM |
|
Path Traversal in Document scanner prior to SMR Aug-2025 Release 1 allows local attackers to delete file with Document scanner's privilege.
|
|||||
| CVE-2025-21014 | 1 Samsung | 1 Android | 2026-02-24 | N/A | 4.3 MEDIUM |
|
Improper export of android application component in Emergency SoS prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information.
|
|||||
| CVE-2025-20909 | 1 Samsung | 1 Android | 2026-02-24 | N/A | 4.0 MEDIUM |
|
Use of implicit intent for sensitive communication in Settings prior to SMR Mar-2025 Release 1 allows local attackers to access sensitive information.
|
|||||
| CVE-2025-20991 | 1 Samsung | 1 Android | 2026-02-10 | N/A | 4.0 MEDIUM |
|
Improper export of Android application components in Bluetooth prior to SMR Jun-2025 Release 1 allows local attackers to make devices discoverable.
|
|||||
| CVE-2025-20992 | 1 Samsung | 1 Android | 2026-02-10 | N/A | 4.0 MEDIUM |
|
Out-of-bound read in libsecimaging.camera.samsung.so prior to SMR Feb-2025 Release 1 allows local attackers to read out-of-bounds memory.
|
|||||
| CVE-2025-20993 | 1 Samsung | 1 Android | 2026-02-10 | N/A | 4.0 MEDIUM |
|
Out-of-bounds write in libsecimaging.camera.samsung.so prior to SMR Jun-2025 Release 1 allows local attackers to write out-of-bounds memory.
|
|||||
| CVE-2025-20989 | 1 Samsung | 1 Android | 2026-02-10 | N/A | 5.2 MEDIUM |
|
Improper logging in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a hmac_key.
|
|||||
| CVE-2025-20988 | 1 Samsung | 1 Android | 2026-02-10 | N/A | 5.5 MEDIUM |
|
Out-of-bounds read in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to read out-of-bounds memory.
|
|||||
| CVE-2025-20987 | 1 Samsung | 1 Android | 2026-02-10 | N/A | 5.2 MEDIUM |
|
Improper access control in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a auth_token.
|
|||||
| CVE-2025-20985 | 1 Samsung | 1 Android | 2026-02-10 | N/A | 5.5 MEDIUM |
|
Improper privilege management in ThemeManager prior to SMR Jun-2025 Release 1 allows local privileged attackers to reuse trial items.
|
|||||
| CVE-2025-20981 | 1 Samsung | 1 Android | 2026-02-10 | N/A | 6.2 MEDIUM |
|
Improper access control in AudioService prior to SMR Jun-2025 Release 1 allows local attackers to access sensitive information.
|
|||||
| CVE-2025-58348 | 1 Samsung | 22 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 19 more | 2026-02-09 | N/A | 5.5 MEDIUM |
|
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/confg_tspec write operation, leading to kernel memory exhaustion.
|
|||||
| CVE-2025-58347 | 1 Samsung | 22 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 19 more | 2026-02-09 | N/A | 5.5 MEDIUM |
|
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/p2p_certif write operation, leading to kernel memory exhaustion.
|
|||||
| CVE-2025-58346 | 1 Samsung | 22 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 19 more | 2026-02-09 | N/A | 5.5 MEDIUM |
|
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/send_addts write operation, leading to kernel memory exhaustion.
|
|||||
| CVE-2025-58345 | 1 Samsung | 22 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 19 more | 2026-02-09 | N/A | 5.5 MEDIUM |
|
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/ap_certif_11ax_mode write operation, leading to kernel memory exhaustion.
|
|||||
| CVE-2025-58343 | 1 Samsung | 22 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 19 more | 2026-02-09 | N/A | 5.5 MEDIUM |
|
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/create_tspec write operation, leading to kernel memory exhaustion.
|
|||||
| CVE-2026-20977 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 5.5 MEDIUM |
|
Improper access control in Emergency Sharing prior to SMR Feb-2026 Release 1 allows local attackers to interrupt its functioning.
|
|||||
| CVE-2026-20978 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 6.1 MEDIUM |
|
Improper authorization in KnoxGuardManager prior to SMR Feb-2026 Release 1 allows local attackers to bypass the persistence configuration of the application.
|
|||||
| CVE-2026-20983 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 7.8 HIGH |
|
Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege.
|
|||||
| CVE-2026-20982 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 6.0 MEDIUM |
|
Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege.
|
|||||
| CVE-2026-20981 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 6.6 MEDIUM |
|
Improper input validation in FacAtFunction prior to SMR Feb-2026 Release 1 allows privileged physical attacker to execute arbitrary command with system privilege.
|
|||||
| CVE-2026-20979 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 7.8 HIGH |
|
Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Settings privilege.
|
|||||
| CVE-2026-20980 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 6.8 MEDIUM |
|
Improper input validation in PACM prior to SMR Feb-2026 Release 1 allows physical attacker to execute arbitrary commands.
|
|||||
| CVE-2025-20903 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 7.3 HIGH |
|
Improper access control in SecSettingsIntelligence prior to SMR Mar-2025 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability.
|
|||||
| CVE-2025-20908 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 6.5 MEDIUM |
|
Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting.
|
|||||
| CVE-2025-58340 | 1 Samsung | 22 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 19 more | 2026-02-05 | N/A | 6.2 MEDIUM |
|
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/send_delts write operation, leading to kernel memory exhaustion.
|
|||||
| CVE-2025-58341 | 1 Samsung | 22 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 19 more | 2026-02-05 | N/A | 6.2 MEDIUM |
|
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/ap_cert_disable_ht_vht write operation, leading to kernel memory exhaustion.
|
|||||
| CVE-2025-58342 | 1 Samsung | 22 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 19 more | 2026-02-05 | N/A | 6.2 MEDIUM |
|
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/uapsd write operation, leading to kernel memory exhaustion.
|
|||||
| CVE-2025-58344 | 1 Samsung | 22 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 19 more | 2026-02-05 | N/A | 6.2 MEDIUM |
|
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation in a /proc/driver/unifi0/conn_log_event_burst_to_us write operation, leading to kernel memory exhaustion.
|
|||||
| CVE-2025-59439 | 1 Samsung | 18 Exynos 1080, Exynos 1080 Firmware, Exynos 850 and 15 more | 2026-02-05 | N/A | 7.5 HIGH |
|
An issue was discovered in Samsung Mobile Processor, Wearable Processor and Modem Exynos 980, 990, 850, 1080, 9110, W920, W930, W1000 and Modem 5123. Incorrect handling of NAS Registration messages leads to a Denial of Service because of Improper Handling of Exceptional Conditions.
|
|||||
| CVE-2025-20941 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 6.2 MEDIUM |
|
Improper access control in InputManager to SMR Apr-2025 Release 1 allows local attackers to access the scancode of specific input device.
|
|||||
| CVE-2025-20942 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 4.4 MEDIUM |
|
Improper Verification of Intent by Broadcast Receiver in DeviceIdService prior to SMR Apr-2025 Release 1 allows local attackers to reset OAID.
|
|||||
| CVE-2025-20943 | 1 Samsung | 1 Android | 2026-02-05 | N/A | 6.4 MEDIUM |
|
Out-of-bounds write in secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to cause memory corruption.
|
|||||