Filtered by vendor Samsung
Subscriptions
Total
1083 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-25341 | 1 Samsung | 1 S Assistant | 2024-08-03 | 4 Medium |
Calling of non-existent provider in S Assistant prior to version 6.5.01.22 allows unauthorized actions including denial of service attack by hijacking the provider. | ||||
CVE-2021-25351 | 2 Google, Samsung | 2 Android, Account | 2024-08-03 | 3.2 Low |
Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password. | ||||
CVE-2021-25372 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-08-03 | 6.1 Medium |
An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access. | ||||
CVE-2021-25353 | 1 Samsung | 1 Galaxy Themes | 2024-08-03 | 5.5 Medium |
Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of Galaxy Themes application without permission via hijacking the PendingIntent. | ||||
CVE-2021-25343 | 2 Google, Samsung | 2 Android, Members | 2024-08-03 | 4 Medium |
Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1) and below) and 3.8.00.13 (in Android P(9.0) and above) allows unauthorized actions including denial of service attack by hijacking the provider. | ||||
CVE-2021-25355 | 1 Samsung | 1 Notes | 2024-08-03 | 5.5 Medium |
Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | ||||
CVE-2021-25349 | 2 Google, Samsung | 2 Android, Slow Motion Editor | 2024-08-03 | 5.5 Medium |
Using unsafe PendingIntent in Slow Motion Editor prior to version 3.5.18.5 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | ||||
CVE-2021-25367 | 1 Samsung | 1 Notes | 2024-08-03 | 3.7 Low |
Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission. | ||||
CVE-2021-25371 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-08-03 | 6.1 Medium |
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP. | ||||
CVE-2021-25342 | 2 Google, Samsung | 2 Android, Members | 2024-08-03 | 4 Medium |
Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions including denial of service attack by hijacking the provider. | ||||
CVE-2021-25332 | 1 Samsung | 1 Pay Mini | 2024-08-03 | 3.2 Low |
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to contacts information over the lockscreen in specific condition. | ||||
CVE-2021-25331 | 1 Samsung | 1 Pay Mini | 2024-08-03 | 3.2 Low |
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen in specific condition. | ||||
CVE-2021-25339 | 2 Google, Samsung | 2 Android, Exynos 9830 | 2024-08-03 | 4.4 Medium |
Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory. | ||||
CVE-2021-25345 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 4 Medium |
Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format. | ||||
CVE-2021-22684 | 1 Samsung | 1 Tizenrt | 2024-08-03 | 7.5 High |
Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functions_calloc and mm_zalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash | ||||
CVE-2021-22495 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 5.5 Medium |
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) (Exynos chipsets) software. The Mali GPU driver allows out-of-bounds access and a device reset. The Samsung ID is SVE-2020-19174 (January 2021). | ||||
CVE-2021-22494 | 2 Google, Samsung | 2 Android, Galaxy Note 20 | 2024-08-03 | 5.5 Medium |
An issue was discovered in the fingerprint scanner on Samsung Note20 mobile devices with Q(10.0) software. When a screen protector is used, the required image compensation is not present. Consequently, inversion can occur during fingerprint enrollment, and a high False Recognition Rate (FRR) can occur. The Samsung ID is SVE-2020-19216 (January 2021). | ||||
CVE-2021-3438 | 2 Hp, Samsung | 382 Color Laser 150 4zb94a, Color Laser 150 4zb95a, Color Laser Mfp 170 4zb96a and 379 more | 2024-08-03 | 7.8 High |
A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege. | ||||
CVE-2022-44636 | 1 Samsung | 30 T-ksu2eakuc, T-ksu2eakuc Firmware, T-ksu2edeuc and 27 more | 2024-08-03 | 4.6 Medium |
The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models. | ||||
CVE-2022-40762 | 1 Samsung | 1 Mtower | 2024-08-03 | 7.5 High |
A Memory Allocation with Excessive Size Value vulnerablity in the TEE_Realloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_Realloc with an excessive number for the parameter len. |