Filtered by vendor Samsung
Subscriptions
Total
969 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-15582 | 2 Google, Samsung | 2 Android, Exynos 7885 | 2021-07-21 | 5.5 Medium |
| An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 7885 chipsets) software. The Bluetooth Low Energy (BLE) component has a buffer overflow with a resultant deadlock or crash. The Samsung ID is SVE-2020-16870 (July 2020). | ||||
| CVE-2020-25052 | 2 Google, Samsung | 2 Android, Exynos 9830 | 2021-07-21 | 9.8 Critical |
| An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. H-Arx allows attackers to execute arbitrary code or cause a denial of service (memory corruption) because indexes are mishandled. The Samsung ID is SVE-2020-17426 (August 2020). | ||||
| CVE-2020-25054 | 1 Samsung | 1 Exynos | 2021-07-21 | 9.1 Critical |
| An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 (August 2020). | ||||
| CVE-2019-17668 | 1 Samsung | 4 Galaxy S10, Galaxy S10 Firmware, Note 10 and 1 more | 2021-07-21 | 6.8 Medium |
| Samsung Galaxy S10 and Note10 devices allow unlock operations via unregistered fingerprints in certain situations involving a third-party screen protector. | ||||
| CVE-2019-20564 | 1 Samsung | 2 Note9, S9 | 2021-07-21 | 7.5 High |
| An issue was discovered on Samsung mobile devices with any (before October 2019 for S9 or Note9) software. Attackers can manipulate the IMEI. The Samsung ID is SVE-2019-15435 (October 2019). | ||||
| CVE-2021-25441 | 2 Google, Samsung | 2 Android, Ar Emoji Editor | 2021-07-12 | 7.8 High |
| Improper input validation vulnerability in AR Emoji Editor prior to version 4.4.03.5 in Android Q(10.0) and above allows untrusted applications to access arbitrary files with an escalated privilege. | ||||
| CVE-2021-25432 | 2 Google, Samsung | 2 Android, Samsung Members | 2021-07-12 | 3.3 Low |
| Information exposure vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to access chat data. | ||||
| CVE-2021-25442 | 1 Samsung | 1 Knox Cloud Services | 2021-07-12 | 7.5 High |
| Improper MDM policy management vulnerability in KME module prior to KCS version 1.39 allows MDM users to bypass Knox Manage authentication. | ||||
| CVE-2021-25419 | 1 Samsung | 1 Internet | 2021-06-21 | 6.5 Medium |
| Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link. | ||||
| CVE-2021-25404 | 1 Samsung | 2 Smartthings, Smartthings Firmware | 2021-06-21 | 3.3 Low |
| Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log. | ||||
| CVE-2021-25402 | 1 Samsung | 1 Notes | 2021-06-21 | 3.3 Low |
| Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information. | ||||
| CVE-2021-25406 | 1 Samsung | 1 Gear S | 2021-06-17 | 6.5 Medium |
| Information exposure vulnerability in Gear S Plugin prior to version 2.2.05.20122441 allows unstrusted applications to access connected BT device information. | ||||
| CVE-2021-25420 | 1 Samsung | 1 Galaxy Watch Plugin | 2021-06-17 | 5.5 Medium |
| Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log. | ||||
| CVE-2021-25421 | 1 Samsung | 1 Galaxy Watch 3 Plugin | 2021-06-17 | 5.5 Medium |
| Improper log management vulnerability in Galaxy Watch3 PlugIn prior to version 2.2.09.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log. | ||||
| CVE-2021-25422 | 1 Samsung | 1 Watch Active Plugin | 2021-06-17 | 5.5 Medium |
| Improper log management vulnerability in Watch Active PlugIn prior to version 2.2.07.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log. | ||||
| CVE-2021-25423 | 1 Samsung | 1 Watch Active2 Plugin | 2021-06-17 | 5.5 Medium |
| Improper log management vulnerability in Watch Active2 PlugIn prior to 2.2.08.21033151 version allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone via log. | ||||
| CVE-2021-25424 | 1 Samsung | 18 Galaxy Watch, Galaxy Watch 3, Galaxy Watch 3 Firmware and 15 more | 2021-06-17 | 8.8 High |
| Improper authentication vulnerability in Tizen bluetooth-frwk prior to Firmware update JUN-2021 Release allows bluetooth attacker to take over the user's bluetooth device without user awareness. | ||||
| CVE-2021-25416 | 2 Google, Samsung | 5 Android, Exynos 9610, Exynos 9810 and 2 more | 2021-06-16 | 6.5 Medium |
| Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area. | ||||
| CVE-2021-25425 | 1 Samsung | 1 Health | 2021-06-16 | 5.3 Medium |
| Improper check vulnerability in Samsung Health prior to version 6.17 allows attacker to read internal cache data via exported component. | ||||
| CVE-2021-25418 | 1 Samsung | 1 Internet | 2021-06-16 | 7.8 High |
| Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in specific condition. | ||||