Filtered by vendor Samsung
Subscribe
Total
1188 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21492 | 1 Samsung | 1 Android | 2025-02-07 | N/A | 4.4 MEDIUM |
| Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. | |||||
| CVE-2023-29091 | 1 Samsung | 12 Exynos 1080, Exynos 1080 Firmware, Exynos 5123 and 9 more | 2025-02-06 | N/A | 6.8 MEDIUM |
| An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP URI. | |||||
| CVE-2023-29092 | 1 Samsung | 8 Exynos 1080, Exynos 1080 Firmware, Exynos 5123 and 5 more | 2025-01-28 | N/A | 3.1 LOW |
| An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, and Exynos 1080. Binding of a wrong resource can occur due to improper handling of parameters while binding a network interface. | |||||
| CVE-2023-31116 | 1 Samsung | 4 Exynos 5123, Exynos 5123 Firmware, Exynos 5300 and 1 more | 2025-01-07 | N/A | 9.8 CRITICAL |
| An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. An incorrect default permission can cause unintended querying of RCS capability via a crafted application. | |||||
| CVE-2023-31115 | 1 Samsung | 4 Exynos 5123, Exynos 5123 Firmware, Exynos 5300 and 1 more | 2025-01-07 | N/A | 7.5 HIGH |
| An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause changes to the activation mode of RCS via a crafted application. | |||||
| CVE-2023-31114 | 1 Samsung | 4 Exynos 5123, Exynos 5123 Firmware, Exynos 5300 and 1 more | 2025-01-07 | N/A | 9.1 CRITICAL |
| An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause unintended querying of the SIM status via a crafted application. | |||||
| CVE-2024-34601 | 1 Samsung | 1 Galaxy Store | 2025-01-03 | N/A | 5.9 MEDIUM |
| Improper verification of intent by broadcast receiver vulnerability in GalaxyStore prior to version 4.5.81.0 allows local attackers to launch unexported activities of GalaxyStore. | |||||
| CVE-2024-20839 | 2 Google, Samsung | 2 Android, Voice Recorder | 2024-12-23 | N/A | 4.6 MEDIUM |
| Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers to access recording files on the lock screen. | |||||
| CVE-2024-20838 | 1 Samsung | 1 Internet | 2024-12-23 | N/A | 6.8 MEDIUM |
| Improper validation vulnerability in Samsung Internet prior to version 24.0.3.2 allows local attackers to execute arbitrary code. | |||||
| CVE-2024-20837 | 1 Samsung | 1 Internet | 2024-12-23 | N/A | 5.3 MEDIUM |
| Improper handling of granting permission for Trusted Web Activities in Samsung Internet prior to version 24.0.0.41 allows local attackers to grant permission to their own TWA WebApps without user interaction. | |||||
| CVE-2023-21513 | 1 Samsung | 1 Android | 2024-12-05 | N/A | 6.1 MEDIUM |
| Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition. | |||||
| CVE-2024-34603 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
| Improper access control in Samsung Message prior to SMR Jul-2024 Release 1 allows local attackers to access location data. | |||||
| CVE-2024-34602 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
| Use of implicit intent for sensitive communication in Samsung Messages prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability. | |||||
| CVE-2024-34600 | 1 Samsung | 1 Flow | 2024-11-21 | N/A | 4.4 MEDIUM |
| Improper verification of intent by broadcast receiver vulnerability in Samsung Flow prior to version 4.9.13.0 allows local attackers to copy image files to external storage. | |||||
| CVE-2024-34599 | 2 Google, Samsung | 2 Android, Tips | 2024-11-21 | N/A | 4.0 MEDIUM |
| Improper input validation in Tips prior to version 6.2.9.4 in Android 14 allows local attacker to send broadcast with Tips' privilege. | |||||
| CVE-2024-34597 | 1 Samsung | 1 Health | 2024-11-21 | N/A | 4.4 MEDIUM |
| Improper input validation in Samsung Health prior to version 6.27.0.113 allows local attackers to write arbitrary document files to the sandbox of Samsung Health. User interaction is required for triggering this vulnerability. | |||||
| CVE-2024-34596 | 1 Samsung | 1 Smartthings | 2024-11-21 | N/A | 5.9 MEDIUM |
| Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner. | |||||
| CVE-2024-34595 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| Improper access control in clickAdapterItem of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2024-34594 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| Exposure of sensitive information in proc file system prior to SMR Jul-2024 Release 1 allows local attackers to read kernel memory address. | |||||
| CVE-2024-34593 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 7.5 HIGH |
| Improper input validation in parsing and distributing RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability. | |||||