Filtered by vendor Samsung
Subscribe
Total
1443 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21473 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 6.8 MEDIUM |
| Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader. | |||||
| CVE-2023-21475 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 8.0 HIGH |
| Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2023-21476 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 8.0 HIGH |
| Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2025-21040 | 1 Samsung | 1 Sassistant | 2025-09-05 | N/A | 5.1 MEDIUM |
| Improper verification of intent by ExternalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information. | |||||
| CVE-2025-21031 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 6.8 MEDIUM |
| Improper access control in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to use the privileged APIs. | |||||
| CVE-2024-29152 | 1 Samsung | 32 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 29 more | 2025-08-27 | N/A | 5.9 MEDIUM |
| An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, and Exynos Modem 5300. The baseband software does not properly check states specified by the RRC (Radio Resource Control) Reconfiguration message. This can lead to disclosure of sensitive information. | |||||
| CVE-2024-27372 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more | 2025-08-27 | N/A | 6.7 MEDIUM |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on disc_attr->infrastructure_ssid_len coming from userspace, which can lead to a heap overwrite. | |||||
| CVE-2025-3885 | 1 Samsung | 2 Harman Mgu21, Harman Mgu21 Firmware | 2025-08-15 | N/A | 6.5 MEDIUM |
| Harman Becker MGU21 Bluetooth Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Harman Becker MGU21 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Bluetooth stack of the BCM89359 chipset. The issue results from the lack of proper validation of Bluetooth frames. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-23942. | |||||
| CVE-2025-21017 | 1 Samsung | 1 Blockchain Keystore | 2025-08-15 | N/A | 6.3 MEDIUM |
| Out-of-bounds write in detaching crypto box in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory. | |||||
| CVE-2025-21018 | 1 Samsung | 1 Blockchain Keystore | 2025-08-15 | N/A | 4.4 MEDIUM |
| Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory. | |||||
| CVE-2025-21019 | 1 Samsung | 1 Health | 2025-08-15 | N/A | 5.5 MEDIUM |
| Improper authorization in Samsung Health prior to version 6.30.1.003 allows local attackers to access data in Samsung Health. User interaction is required for triggering this vulnerability. | |||||
| CVE-2025-21020 | 1 Samsung | 1 Blockchain Keystore | 2025-08-15 | N/A | 5.7 MEDIUM |
| Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory. | |||||
| CVE-2025-21021 | 1 Samsung | 1 Blockchain Keystore | 2025-08-15 | N/A | 5.7 MEDIUM |
| Out-of-bounds write in drawing pinpad in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory. | |||||
| CVE-2025-54445 | 1 Samsung | 1 Magicinfo 9 Server | 2025-08-15 | N/A | 8.2 HIGH |
| Improper Restriction of XML External Entity Reference vulnerability in Samsung Electronics MagicINFO 9 Server allows Server Side Request Forgery.This issue affects MagicINFO 9 Server: less than 21.1080.0. | |||||
| CVE-2025-21010 | 1 Samsung | 1 Android | 2025-08-12 | N/A | 6.0 MEDIUM |
| Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account. | |||||
| CVE-2025-20990 | 1 Samsung | 1 Android | 2025-08-12 | N/A | 4.0 MEDIUM |
| Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier. | |||||
| CVE-2025-53082 | 1 Samsung | 2 Data Management Server, Data Management Server Firmware | 2025-08-11 | N/A | 6.1 MEDIUM |
| An 'Arbitrary File Deletion' in Samsung DMS(Data Management Server) allows attackers to delete arbitrary files from unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses. | |||||
| CVE-2025-53081 | 1 Samsung | 2 Data Management Server, Data Management Server Firmware | 2025-08-11 | N/A | 6.4 MEDIUM |
| An 'Arbitrary File Creation' in Samsung DMS(Data Management Server) allows attackers to create arbitrary files in unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses. | |||||
| CVE-2025-53080 | 1 Samsung | 2 Data Management Server, Data Management Server Firmware | 2025-08-11 | N/A | 7.1 HIGH |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS(Data Management Server) allows authenticated attackers to create arbitrary files in unintended locations on the filesystem | |||||
| CVE-2025-53079 | 1 Samsung | 2 Data Management Server, Data Management Server Firmware | 2025-08-11 | N/A | 4.9 MEDIUM |
| Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) to read sensitive files | |||||