Filtered by vendor Samsung
Subscribe
Total
1474 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-20997 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-20 | N/A | 6.2 MEDIUM |
| Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch. | |||||
| CVE-2025-20998 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-20 | N/A | 5.5 MEDIUM |
| Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number. | |||||
| CVE-2025-21004 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-20 | N/A | 6.2 MEDIUM |
| Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device. | |||||
| CVE-2026-20976 | 1 Samsung | 1 Galaxy Store | 2026-01-15 | N/A | 7.8 HIGH |
| Improper input validation in Galaxy Store prior to version 4.6.02 allows local attacker to execute arbitrary script. | |||||
| CVE-2026-20975 | 1 Samsung | 1 Cloud | 2026-01-15 | N/A | 5.5 MEDIUM |
| Improper handling of insufficient permission in Samsung Cloud prior to version 5.6.11 allows local attackers to access specific files in arbitrary path. | |||||
| CVE-2026-20969 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 5.5 MEDIUM |
| Improper input validation in SecSettings prior to SMR Jan-2026 Release 1 allows local attacker to access file with system privilege. User interaction is required for triggering this vulnerability. | |||||
| CVE-2026-20972 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 3.3 LOW |
| Improper Export of Android Application Components in UwbTest prior to SMR Jan-2026 Release 1 allows local attackers to enable UWB. | |||||
| CVE-2026-20971 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 7.8 HIGH |
| Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code. | |||||
| CVE-2026-20970 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 7.8 HIGH |
| Improper access control in SLocation prior to SMR Jan-2026 Release 1 allows local attackers to execute the privileged APIs. | |||||
| CVE-2026-20968 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 6.7 MEDIUM |
| Use after free in DualDAR prior to SMR Jan-2026 Release 1 allows local privileged attackers to execute arbitrary code. | |||||
| CVE-2025-20956 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-15 | N/A | 4.3 MEDIUM |
| Improper export of android application components in Settings in Galaxy Watch prior to SMR May-2025 Release 1 allows physical attackers to access developer settings. | |||||
| CVE-2021-25372 | 1 Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2026-01-14 | 7.2 HIGH | 6.1 MEDIUM |
| An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access. | |||||
| CVE-2021-25370 | 1 Samsung | 1 Android | 2026-01-14 | 4.9 MEDIUM | 6.1 MEDIUM |
| An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic. | |||||
| CVE-2024-20887 | 1 Samsung | 1 Galaxy Buds Manager | 2026-01-14 | N/A | 6.2 MEDIUM |
| Arbitrary directory creation in GalaxyBudsManager PC prior to version 2.1.240315.51 allows attacker to create arbitrary directory. | |||||
| CVE-2024-20851 | 1 Samsung | 1 Cloud | 2026-01-12 | N/A | 4.4 MEDIUM |
| Improper access control vulnerability in Samsung Data Store prior to version 5.3.00.4 allows local attackers to launch arbitrary activity with Samsung Data Store privilege. | |||||
| CVE-2024-20853 | 1 Samsung | 1 Galaxy Themes | 2026-01-12 | N/A | 5.1 MEDIUM |
| Improper verification of intent by broadcast receiver vulnerability in ThemeStore prior to 5.3.05.2 allows local attackers to write arbitrary files to sandbox of ThemeStore. | |||||
| CVE-2024-34598 | 1 Samsung | 1 Good Lock | 2026-01-12 | N/A | 7.7 HIGH |
| Improper export of component in GoodLock prior to version 2.2.04.95 allows local attackers to install arbitrary applications from Galaxy Store. | |||||
| CVE-2025-21045 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-09 | N/A | 4.0 MEDIUM |
| Insecure storage of sensitive information in Galaxy Watch prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information. | |||||
| CVE-2025-53966 | 1 Samsung | 8 Exynos 1380, Exynos 1380 Firmware, Exynos 1480 and 5 more | 2026-01-09 | N/A | 8.4 HIGH |
| An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, and 1580. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow during handling of an IOCTL message. | |||||
| CVE-2025-27807 | 1 Samsung | 38 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 35 more | 2026-01-09 | N/A | 9.1 CRITICAL |
| An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes via malformed NAS packets. | |||||