Filtered by vendor Samsung
Subscribe
Total
1542 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-52519 | 1 Samsung | 12 Exynos 1330, Exynos 1330 Firmware, Exynos 1380 and 9 more | 2026-01-30 | N/A | 7.1 HIGH |
| An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, and 2500. Improper validation of user-space input in the issimian device driver leads to information disclosure and a denial of service. | |||||
| CVE-2025-57836 | 2 Microsoft, Samsung | 2 Windows, Magician | 2026-01-30 | N/A | 7.8 HIGH |
| An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a temporary folder with weak permissions during installation, allowing a non-admin user to perform DLL hijacking and escalate privileges. | |||||
| CVE-2023-21477 | 1 Samsung | 1 Android | 2026-01-28 | N/A | 7.9 HIGH |
| Access of Memory Location After End of Buffer vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data. | |||||
| CVE-2023-21479 | 1 Samsung | 2 Android, Smart Suggestions | 2026-01-28 | N/A | 5.3 MEDIUM |
| Improper authorization in Smart suggestions prior to SMR Apr-2023 Release 1 in Android 13 and 4.1.01.0 in Android 12 allows remote attackers to register a schedule. | |||||
| CVE-2025-52517 | 1 Samsung | 12 Exynos 1330, Exynos 1330 Firmware, Exynos 1380 and 9 more | 2026-01-27 | N/A | 5.9 MEDIUM |
| An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. A race condition in the issimian device driver results in a double free, leading to a denial of service. | |||||
| CVE-2025-20946 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-27 | N/A | 8.8 HIGH |
| Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 Release 1 allows local attackers to pair with specific bluetooth devices without user interaction. | |||||
| CVE-2025-20945 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-27 | N/A | 4.0 MEDIUM |
| Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to access sensitive information of Galaxy watch. | |||||
| CVE-2025-20939 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-27 | N/A | 5.4 MEDIUM |
| Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update device unique identifier of Watch devices. | |||||
| CVE-2025-0634 | 1 Samsung | 1 Rlottie | 2026-01-22 | N/A | 9.8 CRITICAL |
| Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion.This issue affects rLottie: V0.2. | |||||
| CVE-2025-20936 | 1 Samsung | 1 Android | 2026-01-22 | N/A | 8.8 HIGH |
| Improper access control in HDCP trustlet prior to SMR Apr-2025 Release 1 allows local attackers with shell privilege to escalate their privileges to root. | |||||
| CVE-2025-20997 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-20 | N/A | 6.2 MEDIUM |
| Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch. | |||||
| CVE-2025-20998 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-20 | N/A | 5.5 MEDIUM |
| Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number. | |||||
| CVE-2025-21004 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-20 | N/A | 6.2 MEDIUM |
| Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device. | |||||
| CVE-2026-20976 | 1 Samsung | 1 Galaxy Store | 2026-01-15 | N/A | 7.8 HIGH |
| Improper input validation in Galaxy Store prior to version 4.6.02 allows local attacker to execute arbitrary script. | |||||
| CVE-2026-20975 | 1 Samsung | 1 Cloud | 2026-01-15 | N/A | 5.5 MEDIUM |
| Improper handling of insufficient permission in Samsung Cloud prior to version 5.6.11 allows local attackers to access specific files in arbitrary path. | |||||
| CVE-2026-20969 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 5.5 MEDIUM |
| Improper input validation in SecSettings prior to SMR Jan-2026 Release 1 allows local attacker to access file with system privilege. User interaction is required for triggering this vulnerability. | |||||
| CVE-2026-20972 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 3.3 LOW |
| Improper Export of Android Application Components in UwbTest prior to SMR Jan-2026 Release 1 allows local attackers to enable UWB. | |||||
| CVE-2026-20971 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 7.8 HIGH |
| Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code. | |||||
| CVE-2026-20970 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 7.8 HIGH |
| Improper access control in SLocation prior to SMR Jan-2026 Release 1 allows local attackers to execute the privileged APIs. | |||||
| CVE-2026-20968 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 6.7 MEDIUM |
| Use after free in DualDAR prior to SMR Jan-2026 Release 1 allows local privileged attackers to execute arbitrary code. | |||||