Filtered by vendor Samsung
Subscribe
Total
1623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-40446 | 1 Samsung | 1 Escargot | 2026-06-02 | N/A | 6.9 MEDIUM |
| Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335. | |||||
| CVE-2026-40447 | 1 Samsung | 1 Escargot | 2026-06-02 | N/A | 5.1 MEDIUM |
| Integer overflow or wraparound vulnerability in Samsung Open Source Escargot allows undefined behavior.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335. | |||||
| CVE-2026-8915 | 1 Samsung | 1 Escargot | 2026-06-02 | N/A | 8.8 HIGH |
| Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: 36f5fb58366a67b713c02f6fd985e924fcc09e31. | |||||
| CVE-2020-26146 | 3 Arista, Samsung, Siemens | 38 C-100, C-100 Firmware, C-110 and 35 more | 2026-06-02 | 2.9 LOW | 5.3 MEDIUM |
| An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design. | |||||
| CVE-2026-20994 | 1 Samsung | 1 Account | 2026-05-29 | N/A | 6.1 MEDIUM |
| URL redirection in Samsung Account prior to version 15.5.01.1 allows local attackers to potentially get access token. | |||||
| CVE-2026-21015 | 1 Samsung | 1 Android | 2026-05-13 | N/A | 5.5 MEDIUM |
| Incorrect default permissions in FactoryCamera prior to SMR May-2026 Release 1 allows local attacker to access unique identifier. | |||||
| CVE-2026-21016 | 1 Samsung | 1 Android | 2026-05-13 | N/A | 5.5 MEDIUM |
| Incorrect privilege assignment in LocationManager prior to SMR May-2026 Release 1 allows local attackers to access sensitive information. | |||||
| CVE-2026-21018 | 1 Samsung | 1 Android | 2026-05-13 | N/A | 6.7 MEDIUM |
| Out-of-bounds write in SveService prior to SMR May-2026 Release 1 allows local privileged attackers to execute arbitrary code. | |||||
| CVE-2026-21020 | 1 Samsung | 1 Android | 2026-05-13 | N/A | 7.8 HIGH |
| Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions. | |||||
| CVE-2026-21021 | 1 Samsung | 1 Android | 2026-05-13 | N/A | 6.8 MEDIUM |
| Improper input validation in Routines prior to SMR May-2026 Release 1 allows physical attackers to launch privileged activity. | |||||
| CVE-2026-21022 | 1 Samsung | 1 Android | 2026-05-13 | N/A | 5.5 MEDIUM |
| Improper handling of insufficient permissions in Routines prior to SMR May-2026 Release 1 allows local attackers to access sensitive information. | |||||
| CVE-2016-4031 | 1 Samsung | 10 Galaxy Note 3, Galaxy Note 3 Firmware, Galaxy S4 and 7 more | 2026-05-13 | 4.6 MEDIUM | 6.8 MEDIUM |
| Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices allow attackers to send AT commands by plugging the device into a Linux host, aka SVE-2016-5301. | |||||
| CVE-2016-3996 | 1 Samsung | 1 Knox | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| ClipboardDataMgr in Samsung KNOX 1.0.0 and 2.3.0 does not properly check the caller, which allows local users to read KNOX clipboard data via a crafted application. | |||||
| CVE-2017-5925 | 5 Allwinner, Amd, Intel and 2 more | 20 A64, Athlon Ii 640 X4, E-350 and 17 more | 2026-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. | |||||
| CVE-2017-5538 | 1 Samsung | 1 Samsung Mobile | 2026-05-13 | 10.0 HIGH | 9.8 CRITICAL |
| The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bounds read, aka SVE-2016-6362. | |||||
| CVE-2015-1801 | 1 Samsung | 2 Galaxy S4, Galaxy S4 Firmware | 2026-05-13 | 10.0 HIGH | 9.8 CRITICAL |
| The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 kernel 3.4 and earlier allows attackers to cause a denial of service (memory corruption) or gain privileges. | |||||
| CVE-2016-1920 | 1 Samsung | 1 Knox | 2026-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct man-in-the-middle attacks as demonstrated by installing a certificate and running a VPN service. | |||||
| CVE-2016-6526 | 1 Samsung | 1 Samsung Mobile | 2026-05-13 | 9.3 HIGH | 7.8 HIGH |
| The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. | |||||
| CVE-2015-7267 | 2 Samsung, Seagate | 8 850 Pro, 850 Pro Firmware, Pm851 and 5 more | 2026-05-13 | 1.9 LOW | 4.2 MEDIUM |
| Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDrive mode on Lenovo ThinkPad T440s laptops with BIOS 2.32; ThinkPad W541 laptops with BIOS 2.21; Dell Latitude E6410 laptops with BIOS A16; or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by leveraging failure to detect when SATA drives are unplugged in Sleep Mode, aka a "Hot Plug attack." | |||||
| CVE-2016-2566 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2026-05-13 | 7.5 HIGH | 9.8 CRITICAL |
| Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices has SQL injection, aka SVE-2015-5081. | |||||