Filtered by vendor Samsung
Subscribe
Total
1188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-44068 | 1 Samsung | 12 Exynos 850, Exynos 850 Firmware, Exynos 980 and 9 more | 2025-06-17 | N/A | 8.1 HIGH |
| An issue was discovered in the m2m scaler driver in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850,and W920. A Use-After-Free in the mobile processor leads to privilege escalation. | |||||
| CVE-2024-45184 | 1 Samsung | 36 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 33 more | 2025-06-17 | N/A | 6.2 MEDIUM |
| An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with chipset Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, Modem 5123, and Modem 5300. A USAT out-of-bounds write due to a heap buffer overflow can lead to a Denial of Service. | |||||
| CVE-2025-23105 | 1 Samsung | 6 Exynos 1480, Exynos 1480 Firmware, Exynos 2200 and 3 more | 2025-06-13 | N/A | 7.8 HIGH |
| An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation. | |||||
| CVE-2025-23099 | 1 Samsung | 4 Exynos 1480, Exynos 1480 Firmware, Exynos 2400 and 1 more | 2025-06-13 | N/A | 9.1 CRITICAL |
| An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes. | |||||
| CVE-2025-23104 | 1 Samsung | 2 Exynos 2200, Exynos 2200 Firmware | 2025-06-13 | N/A | 6.5 MEDIUM |
| An issue was discovered in Samsung Mobile Processor Exynos 2200. A Use-After-Free in the mobile processor leads to privilege escalation. | |||||
| CVE-2025-32407 | 1 Samsung | 1 Internet | 2025-06-12 | N/A | 5.9 MEDIUM |
| Samsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does not properly validate TLS certificates, allowing for an attacker to impersonate any and all websites visited by the user. This is a critical misconfiguration in the way the browser validates the identity of the server. It negates the use of HTTPS as a secure channel, allowing for Man-in-the-Middle attacks, stealing sensitive information or modifying incoming and outgoing traffic. NOTE: This vulnerability is in an end-of-life product that is no longer maintained by the vendor. | |||||
| CVE-2025-23095 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1380 and 7 more | 2025-06-11 | N/A | 6.5 MEDIUM |
| An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. A Double Free in the mobile processor leads to privilege escalation. | |||||
| CVE-2025-23096 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1380 and 7 more | 2025-06-11 | N/A | 6.5 MEDIUM |
| An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. A Double Free in the mobile processor leads to privilege escalation. | |||||
| CVE-2025-23101 | 1 Samsung | 2 Exynos 1380, Exynos 1380 Firmware | 2025-06-11 | N/A | 6.5 MEDIUM |
| An issue was discovered in Samsung Mobile Processor Exynos 1380. A Use-After-Free in the mobile processor leads to privilege escalation. | |||||
| CVE-2025-23106 | 1 Samsung | 6 Exynos 1480, Exynos 1480 Firmware, Exynos 2200 and 3 more | 2025-06-11 | N/A | 6.5 MEDIUM |
| An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation. | |||||
| CVE-2025-23102 | 1 Samsung | 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more | 2025-06-10 | N/A | 8.8 HIGH |
| An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380, 1480 and 2400. A Double Free in the mobile processor leads to privilege escalation. | |||||
| CVE-2025-23103 | 1 Samsung | 4 Exynos 1480, Exynos 1480 Firmware, Exynos 2400 and 1 more | 2025-06-06 | N/A | 8.6 HIGH |
| An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes. | |||||
| CVE-2025-23107 | 1 Samsung | 4 Exynos 1480, Exynos 1480 Firmware, Exynos 2400 and 1 more | 2025-06-06 | N/A | 8.6 HIGH |
| An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes. | |||||
| CVE-2025-23097 | 1 Samsung | 2 Exynos 1380, Exynos 1380 Firmware | 2025-06-06 | N/A | 9.1 CRITICAL |
| An issue was discovered in Samsung Mobile Processor Exynos 1380. The lack of a length check leads to out-of-bounds writes. | |||||
| CVE-2025-23100 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1380 and 7 more | 2025-06-06 | N/A | 7.5 HIGH |
| An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. The absence of a NULL check leads to a Denial of Service. | |||||
| CVE-2025-23098 | 1 Samsung | 14 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 11 more | 2025-06-06 | N/A | 7.8 HIGH |
| An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380. A Use-After-Free in the mobile processor leads to privilege escalation. | |||||
| CVE-2024-31952 | 2 Apple, Samsung | 2 Macos, Magician | 2025-06-03 | N/A | 6.7 MEDIUM |
| An issue was discovered in Samsung Magician 8.0.0 on macOS. Because symlinks are used during the installation process, an attacker can escalate privileges via arbitrary file permission writes. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.) | |||||
| CVE-2024-36071 | 2 Microsoft, Samsung | 2 Windows, Magician | 2025-06-03 | N/A | 6.3 MEDIUM |
| Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the installation process. This occurs because of an Untrusted Search Path. | |||||
| CVE-2024-31953 | 2 Apple, Samsung | 2 Macos, Magician | 2025-06-03 | N/A | 6.7 MEDIUM |
| An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it is possible to tamper with the directory and executable files used during the installation process, an attacker can escalate privileges through arbitrary code execution. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.) | |||||
| CVE-2024-53921 | 2 Microsoft, Samsung | 2 Windows, Magician | 2025-06-03 | N/A | 2.8 LOW |
| An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process. | |||||