Total
378 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-21043 | 1 Samsung | 1 Android | 2025-10-03 | N/A | 8.8 HIGH |
| Out-of-bounds write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code. | |||||
| CVE-2023-21468 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 5.9 MEDIUM |
| Improper access control vulnerability in Telephony prior to SMR Apr-2023 Release 1 allows attackers to access files with escalated permission. | |||||
| CVE-2023-21469 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 4.0 MEDIUM |
| Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.GEOFENCE action. | |||||
| CVE-2023-21470 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 4.0 MEDIUM |
| Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.NETWORK_LOCATION action. | |||||
| CVE-2023-21474 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 6.3 MEDIUM |
| Intent redirection vulnerability in SecSettings prior to SMR Apr-2022 Release 1 allows attackers to access arbitrary file with system privilege. | |||||
| CVE-2023-21478 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 6.0 MEDIUM |
| Improper input validation vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data. | |||||
| CVE-2023-21480 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 8.5 HIGH |
| Improper input validation vulnerability in CertByte prior to SMR Apr-2023 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2025-21041 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 6.2 MEDIUM |
| Insecure Storage of Sensitive Information in Secure Folder prior to Android 16 allows local attackers to access sensitive information. | |||||
| CVE-2025-21042 | 1 Samsung | 1 Android | 2025-09-19 | N/A | 8.8 HIGH |
| Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitrary code. | |||||
| CVE-2025-21034 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 4.0 MEDIUM |
| Out-of-bounds write in libsavsvc.so prior to SMR Sep-2025 Release 1 allows local attackers to potentially execute arbitrary code. | |||||
| CVE-2025-21033 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 4.0 MEDIUM |
| Improper access control in ContactProvider prior to SMR Sep-2025 Release 1 allows local attackers to access sensitive information. | |||||
| CVE-2025-21032 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 5.9 MEDIUM |
| Improper access control in One UI Home prior to SMR Sep-2025 Release 1 allows physical attackers to bypass Kiosk mode under limited conditions. | |||||
| CVE-2025-21029 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 4.0 MEDIUM |
| Improper handling of insufficient permission in System UI prior to SMR Sep-2025 Release 1 allows local attackers to send arbitrary replies to messages from the cover display. | |||||
| CVE-2025-21028 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 5.5 MEDIUM |
| Improper privilege management in ThemeManager prior to SMR Sep-2025 Release 1 allows local privileged attackers to reuse trial items. | |||||
| CVE-2025-21026 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 4.0 MEDIUM |
| Improper handling of insufficient permission in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to interrupt the call. | |||||
| CVE-2025-21027 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 5.1 MEDIUM |
| Improper verification of intent by broadcast receiver in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to temporarily disable the SIM. | |||||
| CVE-2025-21025 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 5.1 MEDIUM |
| Improper access control in MARsExemptionManager prior to SMR Sep-2025 Release 1 allows local attackers to be excluded from background execution management. | |||||
| CVE-2023-21466 | 1 Samsung | 1 Android | 2025-09-08 | N/A | 5.3 MEDIUM |
| PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023 Release 1 allows local attackers to access contentProvider without proper permission. | |||||
| CVE-2023-21471 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 4.0 MEDIUM |
| Improper access control vulnerability in SemClipboard prior to SMR Apr-2023 Release 1 allows attackers to read arbitrary files with system permission. | |||||
| CVE-2023-21472 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 6.8 MEDIUM |
| Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader. | |||||