Filtered by vendor Samsung
Subscribe
Total
1329 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-21027 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 5.1 MEDIUM |
| Improper verification of intent by broadcast receiver in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to temporarily disable the SIM. | |||||
| CVE-2025-21025 | 1 Samsung | 1 Android | 2025-09-11 | N/A | 5.1 MEDIUM |
| Improper access control in MARsExemptionManager prior to SMR Sep-2025 Release 1 allows local attackers to be excluded from background execution management. | |||||
| CVE-2023-21483 | 1 Samsung | 1 Galaxy Store | 2025-09-09 | N/A | 6.4 MEDIUM |
| Improper Access Control vulnerability in Galaxy Store prior to version 4.5.53.6 allows local attacker to access protected data using exported service. | |||||
| CVE-2025-21036 | 1 Samsung | 1 Notes | 2025-09-09 | N/A | 5.0 MEDIUM |
| Improper access control in Samsung Notes prior to version 4.4.30.63 allows local privileged attackers to access exported note files. User interaction is required for triggering this vulnerability. | |||||
| CVE-2025-21037 | 1 Samsung | 1 Notes | 2025-09-09 | N/A | 4.1 MEDIUM |
| Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to access data across multiple user profiles. User interaction is required for triggering this vulnerability. | |||||
| CVE-2023-21466 | 1 Samsung | 1 Android | 2025-09-08 | N/A | 5.3 MEDIUM |
| PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023 Release 1 allows local attackers to access contentProvider without proper permission. | |||||
| CVE-2023-21467 | 1 Samsung | 1 Exynos | 2025-09-08 | N/A | 4.6 MEDIUM |
| Error in 3GPP specification implementation in Exynos baseband prior to SMR Apr-2023 Release 1 allows incorrect handling of unencrypted message. | |||||
| CVE-2025-32098 | 2 Microsoft, Samsung | 2 Windows, Magician | 2025-09-05 | N/A | 5.3 MEDIUM |
| An issue was discovered in Samsung Magician 6.3 through 8.3 on Windows. An attacker can achieve Elevation of Privileges to SYSTEM by exploiting insecure file delete operations during the update process. | |||||
| CVE-2025-32100 | 1 Samsung | 38 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 35 more | 2025-09-05 | N/A | 6.5 MEDIUM |
| An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A programming mistake for buffer copy leads to out-of-bounds writes via malformed ROHC packets. | |||||
| CVE-2025-21038 | 1 Samsung | 1 Sassistant | 2025-09-05 | N/A | 5.1 MEDIUM |
| Improper verification of intent by SamsungExceptionalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information. | |||||
| CVE-2025-21039 | 1 Samsung | 1 Sassistant | 2025-09-05 | N/A | 5.1 MEDIUM |
| Improper verification of intent by SystemExceptionalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information. | |||||
| CVE-2023-21471 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 4.0 MEDIUM |
| Improper access control vulnerability in SemClipboard prior to SMR Apr-2023 Release 1 allows attackers to read arbitrary files with system permission. | |||||
| CVE-2023-21472 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 6.8 MEDIUM |
| Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader. | |||||
| CVE-2023-21473 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 6.8 MEDIUM |
| Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader. | |||||
| CVE-2023-21475 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 8.0 HIGH |
| Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2023-21476 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 8.0 HIGH |
| Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2025-21040 | 1 Samsung | 1 Sassistant | 2025-09-05 | N/A | 5.1 MEDIUM |
| Improper verification of intent by ExternalBroadcastReceiver in S Assistant prior to version 9.3.2 allows local attackers to modify itinerary information. | |||||
| CVE-2025-21031 | 1 Samsung | 1 Android | 2025-09-05 | N/A | 6.8 MEDIUM |
| Improper access control in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to use the privileged APIs. | |||||
| CVE-2024-29152 | 1 Samsung | 32 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 29 more | 2025-08-27 | N/A | 5.9 MEDIUM |
| An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, and Exynos Modem 5300. The baseband software does not properly check states specified by the RRC (Radio Resource Control) Reconfiguration message. This can lead to disclosure of sensitive information. | |||||
| CVE-2024-27372 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more | 2025-08-27 | N/A | 6.7 MEDIUM |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on disc_attr->infrastructure_ssid_len coming from userspace, which can lead to a heap overwrite. | |||||