Filtered by vendor Samsung
Subscribe
Total
1008 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25416 | 2 Google, Samsung | 5 Android, Exynos 9610, Exynos 9810 and 2 more | 2021-06-16 | 2.1 LOW | 6.5 MEDIUM |
| Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area. | |||||
| CVE-2021-25425 | 1 Samsung | 1 Health | 2021-06-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper check vulnerability in Samsung Health prior to version 6.17 allows attacker to read internal cache data via exported component. | |||||
| CVE-2021-25418 | 1 Samsung | 1 Internet | 2021-06-16 | 4.4 MEDIUM | 7.8 HIGH |
| Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in specific condition. | |||||
| CVE-2021-25408 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2021-06-16 | 4.6 MEDIUM | 7.8 HIGH |
| A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25415 | 2 Google, Samsung | 5 Android, Exynos 9610, Exynos 9810 and 2 more | 2021-06-16 | 2.1 LOW | 5.5 MEDIUM |
| Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable. | |||||
| CVE-2021-25398 | 1 Samsung | 1 Bixby Voice | 2021-06-16 | 2.1 LOW | 3.3 LOW |
| Intent redirection vulnerability in Bixby Voice prior to version 3.1.12 allows attacker to access contacts. | |||||
| CVE-2021-25396 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2021-06-16 | 4.6 MEDIUM | 6.7 MEDIUM |
| An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-3438 | 2 Hp, Samsung | 382 Color Laser 150 4zb94a, Color Laser 150 4zb95a, Color Laser Mfp 170 4zb96a and 379 more | 2021-06-08 | 4.6 MEDIUM | 7.8 HIGH |
| A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege. | |||||
| CVE-2021-25379 | 1 Samsung | 1 Gallery | 2021-04-23 | 2.1 LOW | 3.3 LOW |
| Intent redirection vulnerability in Gallery prior to version 5.4.16.1 allows attacker to execute privileged action. | |||||
| CVE-2021-25376 | 1 Samsung | 1 Email | 2021-04-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLS negotiation is failed. | |||||
| CVE-2021-25375 | 1 Samsung | 1 Email | 2021-04-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment. | |||||
| CVE-2021-25377 | 2 Google, Samsung | 2 Android, Experience Service | 2021-04-21 | 4.6 MEDIUM | 7.8 HIGH |
| Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action. | |||||
| CVE-2021-25381 | 2 Google, Samsung | 2 Android, Account | 2021-04-19 | 4.6 MEDIUM | 7.8 HIGH |
| Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | |||||
| CVE-2021-25371 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2021-04-01 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP. | |||||
| CVE-2021-25372 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2021-04-01 | 7.2 HIGH | 6.7 MEDIUM |
| An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access. | |||||
| CVE-2021-25353 | 1 Samsung | 1 Galaxy Themes | 2021-04-01 | 3.6 LOW | 7.1 HIGH |
| Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of Galaxy Themes application without permission via hijacking the PendingIntent. | |||||
| CVE-2021-25350 | 2 Google, Samsung | 2 Android, Account | 2021-03-30 | 2.1 LOW | 3.9 LOW |
| Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user information via log. | |||||
| CVE-2021-25355 | 1 Samsung | 1 Notes | 2021-03-30 | 4.6 MEDIUM | 7.8 HIGH |
| Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | |||||
| CVE-2021-25368 | 1 Samsung | 1 Cloud | 2021-03-30 | 5.0 MEDIUM | 7.5 HIGH |
| Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed. | |||||
| CVE-2021-25367 | 1 Samsung | 1 Notes | 2021-03-30 | 5.5 MEDIUM | 5.4 MEDIUM |
| Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission. | |||||