Filtered by vendor Samsung Subscriptions
Total 1110 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-25376 1 Samsung 1 Email 2024-11-21 3.1 Low
An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLS negotiation is failed.
CVE-2021-25375 1 Samsung 1 Email 2024-11-21 6.5 Medium
Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment.
CVE-2021-25374 2 Google, Samsung 2 Android, Members 2024-11-21 8.6 High
An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account.
CVE-2021-25373 2 Google, Samsung 2 Android, Customization Service 2024-11-21 5.5 Medium
Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.
CVE-2021-25372 2 Google, Samsung 4 Android, Exynos 2100, Exynos 980 and 1 more 2024-11-21 6.1 Medium
An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access.
CVE-2021-25371 2 Google, Samsung 4 Android, Exynos 2100, Exynos 980 and 1 more 2024-11-21 6.1 Medium
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.
CVE-2021-25368 1 Samsung 1 Cloud 2024-11-21 3.3 Low
Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed.
CVE-2021-25367 1 Samsung 1 Notes 2024-11-21 3.7 Low
Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission.
CVE-2021-25366 1 Samsung 1 Internet 2024-11-21 3.2 Low
Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication.
CVE-2021-25355 1 Samsung 1 Notes 2024-11-21 5.5 Medium
Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent.
CVE-2021-25354 1 Samsung 1 Internet 2024-11-21 3.3 Low
Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink.
CVE-2021-25353 1 Samsung 1 Galaxy Themes 2024-11-21 5.5 Medium
Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of Galaxy Themes application without permission via hijacking the PendingIntent.
CVE-2021-25352 1 Samsung 1 Bixby Voice 2024-11-21 5.5 Medium
Using PendingIntent with implicit intent in Bixby Voice prior to version 3.0.52.14 allows attackers to execute privileged action by hijacking and modifying the intent.
CVE-2021-25351 2 Google, Samsung 2 Android, Account 2024-11-21 3.2 Low
Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password.
CVE-2021-25350 2 Google, Samsung 2 Android, Account 2024-11-21 2 Low
Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user information via log.
CVE-2021-25349 2 Google, Samsung 2 Android, Slow Motion Editor 2024-11-21 5.5 Medium
Using unsafe PendingIntent in Slow Motion Editor prior to version 3.5.18.5 allows local attackers unauthorized action without permission via hijacking the PendingIntent.
CVE-2021-25348 1 Samsung 1 Internet 2024-11-21 2.1 Low
Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission.
CVE-2021-25345 2 Google, Samsung 2 Android, Exynos 2024-11-21 4 Medium
Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format.
CVE-2021-25343 2 Google, Samsung 2 Android, Members 2024-11-21 4 Medium
Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1) and below) and 3.8.00.13 (in Android P(9.0) and above) allows unauthorized actions including denial of service attack by hijacking the provider.
CVE-2021-25342 2 Google, Samsung 2 Android, Members 2024-11-21 4 Medium
Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions including denial of service attack by hijacking the provider.