Filtered by vendor Samsung
Subscriptions
Total
1083 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-25404 | 1 Samsung | 2 Smartthings, Smartthings Firmware | 2024-08-03 | 3.3 Low |
Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log. | ||||
CVE-2021-25499 | 1 Samsung | 1 Galaxy Store | 2024-08-03 | 7.1 High |
Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy Store. | ||||
CVE-2021-25406 | 1 Samsung | 1 Gear S | 2024-08-03 | 6.5 Medium |
Information exposure vulnerability in Gear S Plugin prior to version 2.2.05.20122441 allows unstrusted applications to access connected BT device information. | ||||
CVE-2021-25469 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 6 Medium |
A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution. | ||||
CVE-2021-25424 | 1 Samsung | 18 Galaxy Watch, Galaxy Watch 3, Galaxy Watch 3 Firmware and 15 more | 2024-08-03 | 8.8 High |
Improper authentication vulnerability in Tizen bluetooth-frwk prior to Firmware update JUN-2021 Release allows bluetooth attacker to take over the user's bluetooth device without user awareness. | ||||
CVE-2021-25338 | 2 Google, Samsung | 2 Android, Exynos 9830 | 2024-08-03 | 4.4 Medium |
Improper memory access control in RKP in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to write certain part of RKP EL2 memory region. | ||||
CVE-2021-25396 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-08-03 | 6.7 Medium |
An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution. | ||||
CVE-2021-25373 | 2 Google, Samsung | 2 Android, Customization Service | 2024-08-03 | 5.5 Medium |
Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | ||||
CVE-2021-25405 | 1 Samsung | 1 Notes | 2024-08-03 | 5.5 Medium |
An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files. | ||||
CVE-2021-25348 | 1 Samsung | 1 Internet | 2024-08-03 | 2.1 Low |
Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission. | ||||
CVE-2021-25446 | 1 Samsung | 2 Smartthings, Smartthings Firmware | 2024-08-03 | 5.3 Medium |
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause arbitrary webpage loading in webview. | ||||
CVE-2021-25380 | 1 Samsung | 1 Bixby | 2024-08-03 | 5.8 Medium |
Improper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker to execute the actions registered by the user. | ||||
CVE-2021-25465 | 1 Samsung | 1 Themes | 2024-08-03 | 3.3 Low |
An improper scheme check vulnerability in Samsung Themes prior to version 5.2.01 allows attackers to perform Man-in-the-middle attack. | ||||
CVE-2021-25352 | 1 Samsung | 1 Bixby Voice | 2024-08-03 | 5.5 Medium |
Using PendingIntent with implicit intent in Bixby Voice prior to version 3.0.52.14 allows attackers to execute privileged action by hijacking and modifying the intent. | ||||
CVE-2021-25415 | 2 Google, Samsung | 5 Android, Exynos 9610, Exynos 9810 and 2 more | 2024-08-03 | 5.5 Medium |
Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable. | ||||
CVE-2021-25403 | 2 Google, Samsung | 2 Android, Account | 2024-08-03 | 3.3 Low |
Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provider using SettingWebView component. | ||||
CVE-2021-25375 | 1 Samsung | 1 Email | 2024-08-03 | 6.5 Medium |
Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment. | ||||
CVE-2021-25408 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-08-03 | 7.8 High |
A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution. | ||||
CVE-2021-25439 | 2 Google, Samsung | 2 Android, Members | 2024-08-03 | 3.3 Low |
Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbitrary webpage loading in webview. | ||||
CVE-2021-25376 | 1 Samsung | 1 Email | 2024-08-03 | 3.1 Low |
An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLS negotiation is failed. |