Total
29463 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25437 | 1 Linux | 1 Tizen | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Improper access control vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows attackers to arbitrary code execution by replacing FOTA update file. | |||||
| CVE-2021-25433 | 1 Linux | 1 Tizen | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| Improper authorization vulnerability in Tizen factory reset policy prior to Firmware update JUL-2021 Release allows untrusted applications to perform factory reset using dbus signal. | |||||
| CVE-2021-25431 | 2 Google, Samsung | 2 Android, Cameralyzer | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Improper access control vulnerability in Cameralyzer prior to versions 3.2.1041 in 3.2.x, 3.3.1040 in 3.3.x, and 3.4.4210 in 3.4.x allows untrusted applications to access some functions of Cameralyzer. | |||||
| CVE-2021-25417 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Improper authorization in SDP SDK prior to SMR JUN-2021 Release 1 allows access to internal storage. | |||||
| CVE-2021-25412 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An improper access control vulnerability in genericssoservice prior to SMR JUN-2021 Release 1 allows local attackers to execute protected activity with system privilege via untrusted applications. | |||||
| CVE-2021-25405 | 1 Samsung | 1 Notes | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files. | |||||
| CVE-2021-25403 | 2 Google, Samsung | 2 Android, Account | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provider using SettingWebView component. | |||||
| CVE-2021-25401 | 1 Samsung | 1 Health | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Intent redirection vulnerability in Samsung Health prior to version 6.16 allows attacker to execute privileged action. | |||||
| CVE-2021-25400 | 1 Samsung | 1 Internet | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged action. | |||||
| CVE-2021-25397 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 6.8 MEDIUM |
| An improper access control vulnerability in TelephonyUI prior to SMR MAY-2021 Release 1 allows local attackers to write arbitrary files of telephony process via untrusted applications. | |||||
| CVE-2021-25391 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Intent redirection vulnerability in Secure Folder prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action. | |||||
| CVE-2021-25390 | 1 Google | 1 Android | 2024-11-21 | 1.9 LOW | 4.0 MEDIUM |
| Intent redirection vulnerability in PhotoTable prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action. | |||||
| CVE-2021-25382 | 1 Google | 1 Android | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
| An improper authorization of using debugging command in Secure Folder prior to SMR Oct-2020 Release 1 allows unauthorized access to contents in Secure Folder via debugging command. | |||||
| CVE-2021-25379 | 1 Samsung | 1 Gallery | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Intent redirection vulnerability in Gallery prior to version 5.4.16.1 allows attacker to execute privileged action. | |||||
| CVE-2021-25374 | 2 Google, Samsung | 2 Android, Members | 2024-11-21 | 5.0 MEDIUM | 8.6 HIGH |
| An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account. | |||||
| CVE-2021-25354 | 1 Samsung | 1 Internet | 2024-11-21 | 6.8 MEDIUM | 3.3 LOW |
| Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink. | |||||
| CVE-2021-25349 | 2 Google, Samsung | 2 Android, Slow Motion Editor | 2024-11-21 | 4.6 MEDIUM | 5.5 MEDIUM |
| Using unsafe PendingIntent in Slow Motion Editor prior to version 3.5.18.5 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | |||||
| CVE-2021-25348 | 1 Samsung | 1 Internet | 2024-11-21 | 2.1 LOW | 2.1 LOW |
| Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission. | |||||
| CVE-2021-25338 | 2 Google, Samsung | 2 Android, Exynos 9830 | 2024-11-21 | 3.6 LOW | 4.4 MEDIUM |
| Improper memory access control in RKP in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to write certain part of RKP EL2 memory region. | |||||
| CVE-2021-25336 | 1 Google | 1 Android | 2024-11-21 | 4.3 MEDIUM | 2.8 LOW |
| Improper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to acquire notification access via sending a crafted malicious intent. | |||||