Filtered by vendor Samsung
Subscriptions
Total
969 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-25408 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2021-06-16 | 7.8 High |
| A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution. | ||||
| CVE-2021-25415 | 2 Google, Samsung | 5 Android, Exynos 9610, Exynos 9810 and 2 more | 2021-06-16 | 5.5 Medium |
| Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable. | ||||
| CVE-2021-25398 | 1 Samsung | 1 Bixby Voice | 2021-06-16 | 3.3 Low |
| Intent redirection vulnerability in Bixby Voice prior to version 3.1.12 allows attacker to access contacts. | ||||
| CVE-2021-25396 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2021-06-16 | 6.7 Medium |
| An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution. | ||||
| CVE-2021-3438 | 2 Hp, Samsung | 382 Color Laser 150 4zb94a, Color Laser 150 4zb95a, Color Laser Mfp 170 4zb96a and 379 more | 2021-06-08 | 7.8 High |
| A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege. | ||||
| CVE-2021-25379 | 1 Samsung | 1 Gallery | 2021-04-23 | 3.3 Low |
| Intent redirection vulnerability in Gallery prior to version 5.4.16.1 allows attacker to execute privileged action. | ||||
| CVE-2021-25376 | 1 Samsung | 1 Email | 2021-04-23 | 5.3 Medium |
| An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLS negotiation is failed. | ||||
| CVE-2021-25375 | 1 Samsung | 1 Email | 2021-04-23 | 6.5 Medium |
| Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment. | ||||
| CVE-2021-25377 | 2 Google, Samsung | 2 Android, Experience Service | 2021-04-21 | 7.8 High |
| Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action. | ||||
| CVE-2021-25381 | 2 Google, Samsung | 2 Android, Account | 2021-04-19 | 7.8 High |
| Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | ||||
| CVE-2021-25371 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2021-04-01 | 6.7 Medium |
| A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP. | ||||
| CVE-2021-25372 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2021-04-01 | 6.7 Medium |
| An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access. | ||||
| CVE-2021-25353 | 1 Samsung | 1 Galaxy Themes | 2021-04-01 | 7.1 High |
| Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of Galaxy Themes application without permission via hijacking the PendingIntent. | ||||
| CVE-2021-25350 | 2 Google, Samsung | 2 Android, Account | 2021-03-30 | 3.9 Low |
| Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user information via log. | ||||
| CVE-2021-25355 | 1 Samsung | 1 Notes | 2021-03-30 | 7.8 High |
| Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | ||||
| CVE-2021-25368 | 1 Samsung | 1 Cloud | 2021-03-30 | 7.5 High |
| Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed. | ||||
| CVE-2021-25367 | 1 Samsung | 1 Notes | 2021-03-30 | 5.4 Medium |
| Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission. | ||||
| CVE-2021-25345 | 2 Google, Samsung | 2 Android, Exynos | 2021-03-11 | 5.5 Medium |
| Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format. | ||||
| CVE-2021-25339 | 2 Google, Samsung | 2 Android, Exynos 9830 | 2021-03-11 | 5.2 Medium |
| Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory. | ||||
| CVE-2021-25333 | 1 Samsung | 1 Pay Mini | 2021-03-11 | 2.4 Low |
| Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code. | ||||