Filtered by vendor Samsung
Subscriptions
Total
1083 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-25442 | 1 Samsung | 1 Knox Cloud Services | 2024-08-03 | 7.5 High |
Improper MDM policy management vulnerability in KME module prior to KCS version 1.39 allows MDM users to bypass Knox Manage authentication. | ||||
CVE-2021-25368 | 1 Samsung | 1 Cloud | 2024-08-03 | 3.3 Low |
Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed. | ||||
CVE-2021-25440 | 1 Samsung | 1 Factorycamerafb | 2024-08-03 | 7.8 High |
Improper access control vulnerability in FactoryCameraFB prior to version 3.4.74 allows untrusted applications to access arbitrary files with an escalated privilege. | ||||
CVE-2021-25416 | 2 Google, Samsung | 5 Android, Exynos 9610, Exynos 9810 and 2 more | 2024-08-03 | 6.5 Medium |
Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area. | ||||
CVE-2021-25378 | 1 Samsung | 1 Smartthings | 2024-08-03 | 4.3 Medium |
Improper access control of certain port in SmartThings prior to version 1.7.63.6 allows remote temporary denial of service. | ||||
CVE-2021-25431 | 2 Google, Samsung | 2 Android, Cameralyzer | 2024-08-03 | 5.5 Medium |
Improper access control vulnerability in Cameralyzer prior to versions 3.2.1041 in 3.2.x, 3.3.1040 in 3.3.x, and 3.4.4210 in 3.4.x allows untrusted applications to access some functions of Cameralyzer. | ||||
CVE-2021-25423 | 1 Samsung | 1 Watch Active2 Plugin | 2024-08-03 | 5.5 Medium |
Improper log management vulnerability in Watch Active2 PlugIn prior to 2.2.08.21033151 version allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone via log. | ||||
CVE-2021-25463 | 1 Samsung | 1 Penup | 2024-08-03 | 4 Medium |
Improper access control vulnerability in PENUP prior to version 3.8.00.18 allows arbitrary webpage loading in webview. | ||||
CVE-2021-25366 | 1 Samsung | 1 Internet | 2024-08-03 | 3.2 Low |
Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication. | ||||
CVE-2021-25498 | 1 Samsung | 1 Notes | 2024-08-03 | 7.3 High |
A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | ||||
CVE-2021-25493 | 1 Samsung | 1 Notes | 2024-08-03 | 4 Medium |
Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read | ||||
CVE-2021-25420 | 1 Samsung | 1 Galaxy Watch Plugin | 2024-08-03 | 5.5 Medium |
Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log. | ||||
CVE-2021-25470 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 7.9 High |
An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE. | ||||
CVE-2021-25377 | 2 Google, Samsung | 2 Android, Experience Service | 2024-08-03 | 3.3 Low |
Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action. | ||||
CVE-2021-25491 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 2.3 Low |
A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference. | ||||
CVE-2021-25350 | 2 Google, Samsung | 2 Android, Account | 2024-08-03 | 2 Low |
Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user information via log. | ||||
CVE-2021-25402 | 1 Samsung | 1 Notes | 2024-08-03 | 3.3 Low |
Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information. | ||||
CVE-2021-25398 | 1 Samsung | 1 Bixby Voice | 2024-08-03 | 3.3 Low |
Intent redirection vulnerability in Bixby Voice prior to version 3.1.12 allows attacker to access contacts. | ||||
CVE-2021-25407 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-08-03 | 7.8 High |
A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write. | ||||
CVE-2021-25374 | 2 Google, Samsung | 2 Android, Members | 2024-08-03 | 8.6 High |
An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account. |