Filtered by vendor Samsung Mobile
Subscriptions
Total
49 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-20999 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2025-07-14 | 4.1 Medium |
| Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Release 1 allows secondary users to access owner's saved Wi-Fi password. | ||||
| CVE-2025-20982 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2025-07-14 | 6.4 Medium |
| Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. | ||||
| CVE-2025-21001 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2025-07-14 | 6.2 Medium |
| Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to stop broadcasting Auracast. | ||||
| CVE-2024-34681 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2025-07-12 | 6.6 Medium |
| Improper input validation in BluetoothAdapter prior to SMR Nov-2024 Release 1 allows local attackers to cause local permanent denial of service on Galaxy Watch. | ||||
| CVE-2025-21004 | 2 Samsung, Samsung Mobile | 2 Galaxy Watch, Samsung Mobile Devices | 2025-07-08 | 6.2 Medium |
| Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device. | ||||
| CVE-2025-20991 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2025-06-04 | 4 Medium |
| Improper export of Android application components in Bluetooth prior to SMR Jun-2025 Release 1 allows local attackers to make devices discoverable. | ||||
| CVE-2024-20832 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2025-04-16 | 6.4 Medium |
| Heap overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code. | ||||
| CVE-2025-20945 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2025-04-08 | 4 Medium |
| Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to access sensitive information of Galaxy watch. | ||||
| CVE-2024-27379 | 2 Samsung, Samsung Mobile | 11 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 8 more | 2025-03-29 | 6.7 Medium |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_subscribe_get_nl_params(), there is no input validation check on hal_req->num_intf_addr_present coming from userspace, which can lead to a heap overwrite. | ||||
| CVE-2024-27377 | 2 Samsung, Samsung Mobile | 11 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 8 more | 2025-03-28 | 6.7 Medium |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_get_security_info_nl(), there is no input validation check on sec_info->key_info.body.pmk_info.pmk_len coming from userspace, which can lead to a heap overwrite. | ||||
| CVE-2024-27374 | 2 Samsung, Samsung Mobile | 11 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 8 more | 2025-02-13 | 6.7 Medium |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_publish_get_nl_params(), there is no input validation check on hal_req->service_specific_info_len coming from userspace, which can lead to a heap overwrite. | ||||
| CVE-2024-20858 | 2 Samsung, Samsung Mobile | 2 Android, Cocktailbarservice | 2025-02-10 | 4 Medium |
| Improper access control vulnerability in setCocktailHostCallbacks of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application. | ||||
| CVE-2024-20844 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2025-02-07 | 8.4 High |
| Out-of-bounds write vulnerability while parsing remaining codewords in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2025-20906 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2025-02-04 | 5.5 Medium |
| Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB. | ||||
| CVE-2024-49420 | 1 Samsung Mobile | 1 Gaming Hub | 2024-12-03 | 7.5 High |
| Improper handling of responses in GamingHub prior to version 6.1.04.6 in Korea, 7.1.03.7 in Global allows remote attackers to launch arbitrary activity. | ||||
| CVE-2023-30702 | 2 Samsung, Samsung Mobile | 12 Galaxy Book2 Go, Galaxy Book2 Go Firmware, Galaxy Book2 Pro 360 and 9 more | 2024-11-21 | 6.7 Medium |
| Stack overflow vulnerability in SSHDCPAPP TA prior to "SAMSUNG ELECTONICS, CO, LTD. - System Hardware Update - 7/13/2023" in Windows Update for Galaxy book Go, Galaxy book Go 5G, Galaxy book2 Go and Galaxy book2 Pro 360 allows local attacker to execute arbitrary code. | ||||
| CVE-2023-30693 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2024-11-21 | 6.7 Medium |
| Out-of-bounds Write in DoOemFactorySendFactoryBypassCommand of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2023-30689 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2024-11-21 | 6.7 Medium |
| Out-of-bounds Write in BuildOemEmbmsGetSigStrengthResponse of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2023-30688 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2024-11-21 | 6.7 Medium |
| Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2023-30687 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2024-11-21 | 6.7 Medium |
| Out-of-bounds Write in RmtUimApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code. | ||||