Vulnerabilities (CVE)

Filtered by vendor Samsung Subscribe
Total 1332 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-54442 1 Samsung 1 Magicinfo 9 Server 2025-07-30 N/A 9.8 CRITICAL
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVE-2025-54443 1 Samsung 1 Magicinfo 9 Server 2025-07-30 N/A 9.8 CRITICAL
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0
CVE-2025-54444 1 Samsung 1 Magicinfo 9 Server 2025-07-30 N/A 9.8 CRITICAL
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVE-2025-54450 1 Samsung 1 Magicinfo 9 Server 2025-07-28 N/A 7.2 HIGH
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVE-2025-54449 1 Samsung 1 Magicinfo 9 Server 2025-07-28 N/A 9.8 CRITICAL
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVE-2025-54455 1 Samsung 1 Magicinfo 9 Server 2025-07-28 N/A 9.1 CRITICAL
Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVE-2025-54454 1 Samsung 1 Magicinfo 9 Server 2025-07-28 N/A 9.1 CRITICAL
Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVE-2025-54448 1 Samsung 1 Magicinfo 9 Server 2025-07-28 N/A 9.8 CRITICAL
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVE-2025-54447 1 Samsung 1 Magicinfo 9 Server 2025-07-28 N/A 8.1 HIGH
Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVE-2025-54446 1 Samsung 1 Magicinfo 9 Server 2025-07-28 N/A 9.8 CRITICAL
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0
CVE-2025-54453 1 Samsung 1 Magicinfo 9 Server 2025-07-28 N/A 8.8 HIGH
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVE-2025-54452 1 Samsung 1 Magicinfo 9 Server 2025-07-28 N/A 7.3 HIGH
Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVE-2025-54451 1 Samsung 1 Magicinfo 9 Server 2025-07-28 N/A 9.8 CRITICAL
Improper Control of Generation of Code ('Code Injection') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0.
CVE-2025-20965 1 Samsung 1 Bixby 2025-07-18 N/A 6.2 MEDIUM
Improper handling of insufficient permission in Bixby wakeup prior to version 2.3.74.8 allows local attackers to access sensitive data.
CVE-2025-20896 1 Samsung 1 Easysetup 2025-07-17 N/A 4.0 MEDIUM
Use of implicit intent for sensitive communication in EasySetup prior to version 11.1.18 allows local attackers to access sensitive information.
CVE-2025-20895 1 Samsung 1 Galaxy Store 2025-07-17 N/A 3.2 LOW
Authentication Bypass Using an Alternate Path in Galaxy Store prior to version 4.5.87.6 allows physical attackers to install arbitrary applications to bypass restrictions of Setupwizard.
CVE-2024-20870 1 Samsung 1 Galaxy Store 2025-07-17 N/A 5.1 MEDIUM
Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.71.8 allows local attackers to write arbitrary files with the privilege of Galaxy Store.
CVE-2024-20869 1 Samsung 1 Internet 2025-07-17 N/A 5.5 MEDIUM
Improper privilege management vulnerability in Samsung Internet prior to version 25.0.0.41 allows local attackers to bypass protection for cookies.
CVE-2025-20950 1 Samsung 1 Notes 2025-07-17 N/A 4.0 MEDIUM
Use of implicit intent for sensitive communication in SamsungNotes prior to version 4.4.26.45 allows local attackers to access sensitive information.
CVE-2025-20951 1 Samsung 1 Galaxy Store 2025-07-17 N/A 5.1 MEDIUM
Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.90.7 allows local attackers to write arbitrary files with the privilege of Galaxy Store.