Filtered by vendor Samsung
Subscribe
Total
1443 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-53078 | 1 Samsung | 2 Data Management Server, Data Management Server Firmware | 2025-08-11 | N/A | 8.0 HIGH |
| Deserialization of Untrusted Data in Samsung DMS(Data Management Server) allows attackers to execute arbitrary code via write file to system | |||||
| CVE-2025-53077 | 1 Samsung | 2 Data Management Server, Data Management Server Firmware | 2025-08-11 | N/A | 6.5 MEDIUM |
| An execution after redirect in Samsung DMS(Data Management Server) allows attackers to execute limited functions without permissions. An attacker could compromise the integrity of the platform by executing this vulnerability. | |||||
| CVE-2025-2233 | 1 Samsung | 1 Smartthings | 2025-08-08 | N/A | 8.8 HIGH |
| Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Samsung SmartThings. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Hub Local API service, which listens on TCP port 8766 by default. The issue results from the lack of proper verification of a cryptographic signature. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25615. | |||||
| CVE-2025-54438 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-30 | N/A | 9.8 CRITICAL |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0 | |||||
| CVE-2025-54439 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-30 | N/A | 8.8 HIGH |
| Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. | |||||
| CVE-2025-54440 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-30 | N/A | 9.8 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. | |||||
| CVE-2025-54441 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-30 | N/A | 8.8 HIGH |
| Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. | |||||
| CVE-2025-54442 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-30 | N/A | 9.8 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. | |||||
| CVE-2025-54443 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-30 | N/A | 9.8 CRITICAL |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0 | |||||
| CVE-2025-54444 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-30 | N/A | 9.8 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. | |||||
| CVE-2025-54450 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-28 | N/A | 7.2 HIGH |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. | |||||
| CVE-2025-54449 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-28 | N/A | 9.8 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. | |||||
| CVE-2025-54455 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-28 | N/A | 9.1 CRITICAL |
| Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0. | |||||
| CVE-2025-54454 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-28 | N/A | 9.1 CRITICAL |
| Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0. | |||||
| CVE-2025-54448 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-28 | N/A | 9.8 CRITICAL |
| Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. | |||||
| CVE-2025-54447 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-28 | N/A | 8.1 HIGH |
| Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. | |||||
| CVE-2025-54446 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-28 | N/A | 9.8 CRITICAL |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects MagicINFO 9 Server: less than 21.1080.0 | |||||
| CVE-2025-54453 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-28 | N/A | 8.8 HIGH |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. | |||||
| CVE-2025-54452 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-28 | N/A | 7.3 HIGH |
| Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0. | |||||
| CVE-2025-54451 | 1 Samsung | 1 Magicinfo 9 Server | 2025-07-28 | N/A | 9.8 CRITICAL |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. | |||||