ReportizFlow
Filtered by vendor Samsung Mobile
Subscriptions
Filtered by product Samsung Mobile Devices
Subscriptions
Total
34 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-20988 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-03-20 | 5.0 Medium |
| Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability. | ||||
| CVE-2026-20989 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-03-20 | 2.4 Low |
| Improper verification of cryptographic signature in Font Settings prior to SMR Mar-2026 Release 1 allows physical attackers to use custom font. | ||||
| CVE-2026-20990 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-03-20 | 8.1 High |
| Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege. | ||||
| CVE-2026-20991 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-03-20 | 4.4 Medium |
| Improper privilege management in ThemeManager prior to SMR Mar-2026 Release 1 allows local privileged attackers to reuse trial contents. | ||||
| CVE-2026-20992 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-03-20 | 3.3 Low |
| Improper authorization in Settings prior to SMR Mar-2026 Release 1 allows local attacker to disable configuring the background data usage of application. | ||||
| CVE-2025-20982 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-02-26 | 6.4 Medium |
| Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. | ||||
| CVE-2025-21015 | 2 Samsung, Samsung Mobile | 3 Android, Samsung Mobile Devices, Samsung Mobile Devices | 2026-02-24 | 4 Medium |
| Path Traversal in Document scanner prior to SMR Aug-2025 Release 1 allows local attackers to delete file with Document scanner's privilege. | ||||
| CVE-2025-21014 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-02-24 | 4.3 Medium |
| Improper export of android application component in Emergency SoS prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information. | ||||
| CVE-2025-20991 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-02-11 | 4 Medium |
| Improper export of Android application components in Bluetooth prior to SMR Jun-2025 Release 1 allows local attackers to make devices discoverable. | ||||
| CVE-2025-20945 | 2 Samsung, Samsung Mobile | 12 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 9 more | 2026-01-27 | 4 Medium |
| Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to access sensitive information of Galaxy watch. | ||||
| CVE-2025-21004 | 2 Samsung, Samsung Mobile | 12 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 9 more | 2026-01-20 | 6.2 Medium |
| Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device. | ||||
| CVE-2025-21016 | 2 Samsung, Samsung Mobile | 2 Samsung Mobile Devices, Samsung Mobile Devices | 2025-08-06 | 4.3 Medium |
| Improper access control in PkgPredictorService prior to SMR Aug-2025 Release 1 in Chinese Android 13, 14, 15 and 16 allows local attackers to use the privileged APIs. | ||||
| CVE-2025-21011 | 2 Samsung, Samsung Mobile | 3 Galaxy Watch, Samsung Mobile Devices, Samsung Mobile Devices | 2025-08-06 | 5.5 Medium |
| Improper access control in SemSensorService for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to motion and body sensors. | ||||
| CVE-2025-21013 | 2 Samsung, Samsung Mobile | 3 Galaxy Watch, Samsung Mobile Devices, Samsung Mobile Devices | 2025-08-06 | 6.2 Medium |
| Improper access control in SemSensorManager for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to outdoor exercise and sleep time. | ||||
| CVE-2025-21012 | 2 Samsung, Samsung Mobile | 2 Samsung Mobile Devices, Samsung Mobile Devices | 2025-08-06 | 5.5 Medium |
| Improper access control in fall detection for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to modify fall detection configuration. | ||||
| CVE-2025-20906 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2025-07-17 | 5.5 Medium |
| Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB. | ||||
| CVE-2025-21002 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2025-07-16 | 6.2 Medium |
| Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to manipulate broadcasting Auracast. | ||||
| CVE-2025-21003 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2025-07-16 | 4 Medium |
| Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows local attackers to access sensitive information. | ||||
| CVE-2025-20999 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2025-07-14 | 4.1 Medium |
| Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Release 1 allows secondary users to access owner's saved Wi-Fi password. | ||||
| CVE-2025-21001 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2025-07-14 | 6.2 Medium |
| Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to stop broadcasting Auracast. | ||||