Filtered by vendor Samsung
Subscriptions
Total
1443 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-21055 | 1 Samsung | 2 Android, Mobile Devices | 2025-10-23 | 4.3 Medium |
| Out-of-bounds read and write in libimagecodec.quram.so prior to SMR Oct-2025 Release 1 allows remote attackers to access out-of-bounds memory. | ||||
| CVE-2019-16256 | 1 Samsung | 2 Samsung, Samsung Firmware | 2025-10-22 | 9.8 Critical |
| Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker. | ||||
| CVE-2016-1010 | 7 Adobe, Apple, Google and 4 more | 16 Air, Air Desktop Runtime, Air Sdk and 13 more | 2025-10-22 | 8.8 High |
| Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993. | ||||
| CVE-2025-21057 | 1 Samsung | 2 Mobile Devices, Notes | 2025-10-20 | 4 Medium |
| Use of implicit intent for sensitive communication in Samsung Notes prior to version 4.4.30.63 allows local attackers to access shared notes. | ||||
| CVE-2025-21067 | 1 Samsung | 2 Mobile Devices, Notes | 2025-10-20 | 4 Medium |
| Out-of-bounds read in the allocation of image buffer in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory. | ||||
| CVE-2025-21070 | 1 Samsung | 2 Mobile Devices, Notes | 2025-10-20 | 4 Medium |
| Out-of-bounds write in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to write out-of-bounds memory. | ||||
| CVE-2025-21068 | 1 Samsung | 2 Mobile Devices, Notes | 2025-10-20 | 4 Medium |
| Out-of-bounds read in the reading of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory. | ||||
| CVE-2025-21045 | 1 Samsung | 2 Galaxy Watch, Mobile Devices | 2025-10-20 | 4 Medium |
| Insecure storage of sensitive information in Galaxy Watch prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information. | ||||
| CVE-2025-21069 | 1 Samsung | 2 Mobile Devices, Notes | 2025-10-20 | 4 Medium |
| Out-of-bounds read in the parsing of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory. | ||||
| CVE-2025-21066 | 1 Samsung | 2 Mobile Devices, Notes | 2025-10-20 | 4 Medium |
| Out-of-bounds read in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory. | ||||
| CVE-2024-20854 | 2 Google, Samsung | 2 Android, Camera | 2025-10-10 | 5.9 Medium |
| Improper handling of insufficient privileges vulnerability in Samsung Camera prior to versions 12.1.0.31 in Android 12, 13.1.02.07 in Android 13, and 14.0.01.06 in Android 14 allows local attackers to access image data. | ||||
| CVE-2025-20926 | 2 Google, Samsung | 2 Android, Myfiles | 2025-10-03 | 5.5 Medium |
| Improper export of Android application components in My Files prior to version 15.0.07.5 in Android 14 allows local attackers to access files with My Files' privilege. | ||||
| CVE-2025-21024 | 2 Google, Samsung | 2 Android, Smart View | 2025-10-02 | 3.3 Low |
| Use of Implicit Intent for Sensitive Communication in Smart View prior to Android 16 allows local attackers to access sensitive information. | ||||
| CVE-2023-21481 | 1 Samsung | 1 Account | 2025-10-01 | 5.4 Medium |
| Improper URL input validation vulnerability in Samsung Account application prior to version 14.1.0.0 allows remote attackers to get sensitive information. | ||||
| CVE-2023-21482 | 2 Google, Samsung | 4 Android, Camera, Mobile and 1 more | 2025-10-01 | 6.1 Medium |
| Missing authorization vulnerability in Camera prior to versions 11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13.1.01.4 in Android 13 allows physical attackers to install package through Galaxy store before completion of Setup wizard. | ||||
| CVE-2025-21035 | 2 Google, Samsung | 5 Android, Calendar, Mobile and 2 more | 2025-09-29 | 4.6 Medium |
| Improper access control in Samsung Calendar prior to version 12.5.06.5 in Android 14 and 12.6.01.12 in Android 15 allows physical attackers to access data across multiple user profiles. | ||||
| CVE-2025-21056 | 1 Samsung | 2 Mobile, Samsung Mobile | 2025-09-26 | 6.6 Medium |
| Improper input validation in Retail Mode prior to version 5.59.4 allows self attackers to execute privileged commands on their own devices. | ||||
| CVE-2024-49421 | 2 Google, Samsung | 2 Android, Quick Share | 2025-09-24 | 4.3 Medium |
| Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adjacent attackers to write file in arbitrary location. | ||||
| CVE-2023-21468 | 1 Samsung | 3 Android, Mobile, Samsung Mobile | 2025-09-19 | 5.9 Medium |
| Improper access control vulnerability in Telephony prior to SMR Apr-2023 Release 1 allows attackers to access files with escalated permission. | ||||
| CVE-2023-21469 | 2 Google, Samsung | 4 Android, Android, Mobile and 1 more | 2025-09-19 | 4 Medium |
| Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.GEOFENCE action. | ||||