Filtered by vendor Samsung
Subscriptions
Total
1197 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-42561 | 1 Samsung | 1 Android | 2025-05-29 | 7.1 High |
Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical attacker to execute arbitrary code. | ||||
CVE-2025-4632 | 1 Samsung | 1 Magicinfo 9 Server | 2025-05-28 | 9.8 Critical |
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority. | ||||
CVE-2023-45864 | 1 Samsung | 14 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 11 more | 2025-05-22 | 4 Medium |
A race condition issue discovered in Samsung Mobile Processor Exynos 9820, 980, 1080, 2100, 2200, 1280, and 1380 allows unintended modifications of values within certain areas. | ||||
CVE-2025-20955 | 1 Samsung | 1 Android | 2025-05-21 | 5.5 Medium |
Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification images. | ||||
CVE-2025-20957 | 1 Samsung | 1 Android | 2025-05-21 | 7.3 High |
Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch arbitrary activities with SmartManagerCN privilege. | ||||
CVE-2025-20958 | 1 Samsung | 1 Android | 2025-05-21 | 4.4 Medium |
Improper verification of intent by broadcast receiver in UnifiedWFC prior to SMR May-2025 Release 1 allows local attackers to manipulate VoWiFi related behaviors. | ||||
CVE-2025-20959 | 1 Samsung | 1 Android | 2025-05-21 | 5.1 Medium |
Use of implicit intent for sensitive communication in Wi-Fi P2P service prior to SMR May-2025 Release 1 allows local attackers to access sensitive information. | ||||
CVE-2025-20960 | 1 Samsung | 1 Android | 2025-05-21 | 4 Medium |
Improper handling of insufficient permission in CocktailBarService prior to SMR May-2025 Release 1 allows local attackers to use the privileged api. | ||||
CVE-2025-20961 | 1 Samsung | 1 Android | 2025-05-21 | 5.5 Medium |
Improper handling of insufficient permission or privileges in sepunion service prior to SMR May-2025 Release 1 allows local privileged attackers to access files with system privilege. | ||||
CVE-2025-20962 | 1 Samsung | 1 Android | 2025-05-21 | 4 Medium |
Improper handling of insufficient permission in SpenGesture service prior to SMR May-2025 Release 1 allows local attackers to track the S Pen position. | ||||
CVE-2025-20963 | 1 Samsung | 1 Android | 2025-05-21 | 6.6 Medium |
Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory. | ||||
CVE-2025-20964 | 1 Samsung | 1 Android | 2025-05-21 | 6.6 Medium |
Out-of-bounds write in parsing media files in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory. | ||||
CVE-2022-39877 | 2 Google, Samsung | 2 Android, Group Sharing | 2025-05-20 | 4 Medium |
Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device. | ||||
CVE-2024-20813 | 1 Samsung | 1 Android | 2025-05-15 | 8.4 High |
Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | ||||
CVE-2024-20812 | 1 Samsung | 1 Android | 2025-05-15 | 8.4 High |
Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | ||||
CVE-2024-20825 | 1 Samsung | 1 Galaxy Store | 2025-05-15 | 5.5 Medium |
Implicit intent hijacking vulnerability in IAP of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | ||||
CVE-2024-23769 | 2 Microsoft, Samsung | 2 Windows, Magician | 2025-05-15 | 7.3 High |
Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 (for Windows) allows a local attacker to read privileged data. | ||||
CVE-2025-20954 | 1 Samsung | 1 Android | 2025-05-13 | 5.5 Medium |
Use of implicit intent for sensitive communication in EnrichedCall prior to SMR May-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability. | ||||
CVE-2025-20953 | 1 Samsung | 1 Android | 2025-05-13 | 5.1 Medium |
Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch activities within SmartManagerCN. | ||||
CVE-2025-20937 | 1 Samsung | 1 Android | 2025-05-13 | 6.7 Medium |
Out-of-bounds write in Keymaster trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. |