Filtered by vendor Samsung
Subscribe
Total
1474 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-58479 | 1 Samsung | 1 Android | 2025-12-05 | N/A | 4.3 MEDIUM |
| Out-of-bounds read in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory. | |||||
| CVE-2025-58480 | 1 Samsung | 1 Android | 2025-12-05 | N/A | 4.3 MEDIUM |
| Heap-based buffer overflow in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory. | |||||
| CVE-2025-53965 | 1 Samsung | 36 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 33 more | 2025-12-05 | N/A | 5.3 MEDIUM |
| An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to decode the SOR transparent container lacks bounds checking, which can cause a fatal error. | |||||
| CVE-2025-54326 | 1 Samsung | 4 Exynos 1280, Exynos 1280 Firmware, Exynos 2200 and 1 more | 2025-12-05 | N/A | 7.5 HIGH |
| An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service. | |||||
| CVE-2025-20994 | 1 Samsung | 1 Internet | 2025-12-04 | N/A | 4.5 MEDIUM |
| Improper handling of insufficient permission in SyncClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to access read and write arbitrary files. | |||||
| CVE-2025-20995 | 1 Samsung | 1 Internet | 2025-12-04 | N/A | 4.9 MEDIUM |
| Improper handling of insufficient permission in ClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to read and write arbitrary files. | |||||
| CVE-2025-58481 | 1 Samsung | 1 Motionphoto | 2025-12-04 | N/A | 7.3 HIGH |
| Improper access control in MPRemoteService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service. | |||||
| CVE-2025-58482 | 1 Samsung | 1 Motionphoto | 2025-12-04 | N/A | 7.3 HIGH |
| Improper access control in MPLocalService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service. | |||||
| CVE-2025-58483 | 1 Samsung | 1 Galaxy Store | 2025-12-04 | N/A | 5.9 MEDIUM |
| Improper export of android application components in Galaxy Store for Galaxy Watch prior to version 1.0.06.29 allows local attacker to install arbitrary application on Galaxy Store. | |||||
| CVE-2025-58485 | 1 Samsung | 1 Internet | 2025-12-03 | N/A | 5.5 MEDIUM |
| Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbitrary script. | |||||
| CVE-2025-58486 | 1 Samsung | 1 Account | 2025-12-03 | N/A | 4.0 MEDIUM |
| Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script. | |||||
| CVE-2025-58487 | 1 Samsung | 1 Account | 2025-12-03 | N/A | 4.0 MEDIUM |
| Improper authorization in Samsung Account prior to version 15.5.01.1 allows local attacker to launch arbitrary activity with Samsung Account privilege. | |||||
| CVE-2025-21042 | 1 Samsung | 1 Android | 2025-11-12 | N/A | 8.8 HIGH |
| Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitrary code. | |||||
| CVE-2025-21078 | 1 Samsung | 1 Smart Switch | 2025-11-07 | N/A | 8.8 HIGH |
| Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications. | |||||
| CVE-2025-21079 | 1 Samsung | 1 Members | 2025-11-07 | N/A | 7.1 HIGH |
| Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability. | |||||
| CVE-2025-21071 | 1 Samsung | 1 Android | 2025-11-07 | N/A | 5.7 MEDIUM |
| Out-of-bounds write in handling opcode in fingerprint trustlet prior to SMR Nov-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. | |||||
| CVE-2025-21073 | 1 Samsung | 1 Android | 2025-11-07 | N/A | 6.8 MEDIUM |
| Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privileged physical attackers to access user data. User interaction is required for triggering this vulnerability. | |||||
| CVE-2025-21074 | 1 Samsung | 1 Android | 2025-11-07 | N/A | 4.3 MEDIUM |
| Out-of-bounds read in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory. | |||||
| CVE-2025-21075 | 1 Samsung | 1 Android | 2025-11-07 | N/A | 4.3 MEDIUM |
| Out-of-bounds write in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory. | |||||
| CVE-2025-21076 | 1 Samsung | 1 Account | 2025-11-07 | N/A | 5.5 MEDIUM |
| Improper handling of insufficient permissions or privileges in Samsung Account prior to version 15.5.00.18 allows local attackers to access data in Samsung Account. User interaction is required for triggering this vulnerability. | |||||