Total
401 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25487 | 1 Samsung | 1 Android | 2025-10-30 | 4.6 MEDIUM | 7.3 HIGH |
| Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer. | |||||
| CVE-2021-25489 | 1 Samsung | 1 Android | 2025-10-30 | 4.9 MEDIUM | 3.3 LOW |
| Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic. | |||||
| CVE-2025-21043 | 1 Samsung | 1 Android | 2025-10-30 | N/A | 8.8 HIGH |
| Out-of-bounds write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code. | |||||
| CVE-2023-21492 | 1 Samsung | 1 Android | 2025-10-28 | N/A | 4.4 MEDIUM |
| Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. | |||||
| CVE-2025-21046 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 2.4 LOW |
| Improper access control in WindowManager in Samsung DeX prior to SMR Oct-2025 Release 1 allows physical attackers to temporarily access to recent app list. | |||||
| CVE-2025-21044 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 5.7 MEDIUM |
| Out-of-bounds write in fingerprint trustlet prior to SMR Oct-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. | |||||
| CVE-2025-21047 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 5.2 MEDIUM |
| Improper access control in KnoxGuard prior to SMR Oct-2025 Release 1 allows physical attackers to use the privileged APIs. | |||||
| CVE-2025-21050 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 7.1 HIGH |
| Improper input validiation in Contacts prior to SMR Oct-2025 Release 1 allows local attackers to access data across multiple user profiles. | |||||
| CVE-2025-21048 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 6.7 MEDIUM |
| Relative path traversal in Knox Enterprise prior to SMR Oct-2025 Release 1 allows local attackers to execute arbitrary code. | |||||
| CVE-2025-21049 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 5.5 MEDIUM |
| Improper access control in SecSettings prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability. | |||||
| CVE-2025-21051 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 4.0 MEDIUM |
| Out-of-bounds write in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to write out-of-bounds memory. | |||||
| CVE-2025-21052 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 4.0 MEDIUM |
| Out-of-bounds write under specific condition in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption. | |||||
| CVE-2025-21053 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 4.0 MEDIUM |
| Out-of-bounds write in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption. | |||||
| CVE-2025-21054 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 4.0 MEDIUM |
| Out-of-bounds read in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to potentially access out-of-bounds memory. | |||||
| CVE-2025-21055 | 1 Samsung | 1 Android | 2025-10-23 | N/A | 4.3 MEDIUM |
| Out-of-bounds read and write in libimagecodec.quram.so prior to SMR Oct-2025 Release 1 allows remote attackers to access out-of-bounds memory. | |||||
| CVE-2023-21468 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 5.9 MEDIUM |
| Improper access control vulnerability in Telephony prior to SMR Apr-2023 Release 1 allows attackers to access files with escalated permission. | |||||
| CVE-2023-21469 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 4.0 MEDIUM |
| Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.GEOFENCE action. | |||||
| CVE-2023-21470 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 4.0 MEDIUM |
| Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.NETWORK_LOCATION action. | |||||
| CVE-2023-21474 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 6.3 MEDIUM |
| Intent redirection vulnerability in SecSettings prior to SMR Apr-2022 Release 1 allows attackers to access arbitrary file with system privilege. | |||||
| CVE-2023-21478 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 6.0 MEDIUM |
| Improper input validation vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data. | |||||