Filtered by vendor Samsung
Subscribe
Total
1623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-45864 | 1 Samsung | 14 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 11 more | 2025-05-22 | N/A | 4.0 MEDIUM |
| A race condition issue discovered in Samsung Mobile Processor Exynos 9820, 980, 1080, 2100, 2200, 1280, and 1380 allows unintended modifications of values within certain areas. | |||||
| CVE-2025-20955 | 1 Samsung | 1 Android | 2025-05-21 | N/A | 5.5 MEDIUM |
| Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification images. | |||||
| CVE-2025-20957 | 1 Samsung | 1 Android | 2025-05-21 | N/A | 7.3 HIGH |
| Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch arbitrary activities with SmartManagerCN privilege. | |||||
| CVE-2025-20958 | 1 Samsung | 1 Android | 2025-05-21 | N/A | 4.4 MEDIUM |
| Improper verification of intent by broadcast receiver in UnifiedWFC prior to SMR May-2025 Release 1 allows local attackers to manipulate VoWiFi related behaviors. | |||||
| CVE-2025-20959 | 1 Samsung | 1 Android | 2025-05-21 | N/A | 5.1 MEDIUM |
| Use of implicit intent for sensitive communication in Wi-Fi P2P service prior to SMR May-2025 Release 1 allows local attackers to access sensitive information. | |||||
| CVE-2025-20960 | 1 Samsung | 1 Android | 2025-05-21 | N/A | 4.0 MEDIUM |
| Improper handling of insufficient permission in CocktailBarService prior to SMR May-2025 Release 1 allows local attackers to use the privileged api. | |||||
| CVE-2025-20961 | 1 Samsung | 1 Android | 2025-05-21 | N/A | 5.5 MEDIUM |
| Improper handling of insufficient permission or privileges in sepunion service prior to SMR May-2025 Release 1 allows local privileged attackers to access files with system privilege. | |||||
| CVE-2025-20962 | 1 Samsung | 1 Android | 2025-05-21 | N/A | 4.0 MEDIUM |
| Improper handling of insufficient permission in SpenGesture service prior to SMR May-2025 Release 1 allows local attackers to track the S Pen position. | |||||
| CVE-2025-20963 | 1 Samsung | 1 Android | 2025-05-21 | N/A | 6.6 MEDIUM |
| Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory. | |||||
| CVE-2025-20964 | 1 Samsung | 1 Android | 2025-05-21 | N/A | 6.6 MEDIUM |
| Out-of-bounds write in parsing media files in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory. | |||||
| CVE-2024-20813 | 1 Samsung | 1 Android | 2025-05-15 | N/A | 8.4 HIGH |
| Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2024-20812 | 1 Samsung | 1 Android | 2025-05-15 | N/A | 8.4 HIGH |
| Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2025-20954 | 1 Samsung | 1 Android | 2025-05-13 | N/A | 5.5 MEDIUM |
| Use of implicit intent for sensitive communication in EnrichedCall prior to SMR May-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability. | |||||
| CVE-2025-20953 | 1 Samsung | 1 Android | 2025-05-13 | N/A | 5.1 MEDIUM |
| Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch activities within SmartManagerCN. | |||||
| CVE-2025-20937 | 1 Samsung | 1 Android | 2025-05-13 | N/A | 6.7 MEDIUM |
| Out-of-bounds write in Keymaster trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. | |||||
| CVE-2025-20934 | 1 Samsung | 1 Android | 2025-04-30 | N/A | 5.5 MEDIUM |
| Improper access control in Sticker Center prior to SMR Apr-2025 Release 1 allows local attackers to access image files with system privilege. | |||||
| CVE-2022-44636 | 1 Samsung | 30 T-ksu2eakuc, T-ksu2eakuc Firmware, T-ksu2edeuc and 27 more | 2025-04-22 | N/A | 4.6 MEDIUM |
| The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models. | |||||
| CVE-2024-27379 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more | 2025-03-29 | N/A | 6.7 MEDIUM |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_subscribe_get_nl_params(), there is no input validation check on hal_req->num_intf_addr_present coming from userspace, which can lead to a heap overwrite. | |||||
| CVE-2024-27377 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more | 2025-03-28 | N/A | 6.7 MEDIUM |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_get_security_info_nl(), there is no input validation check on sec_info->key_info.body.pmk_info.pmk_len coming from userspace, which can lead to a heap overwrite. | |||||
| CVE-2024-27373 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more | 2025-03-25 | N/A | 6.7 MEDIUM |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on disc_attr->mesh_id_len coming from userspace, which can lead to a heap overwrite. | |||||