VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2025-21043KEVSep 12, 2025
    risk 0.12cvss epss 0.01

    Out-of-bounds write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code.

  • CVE-2025-21042KEVSep 12, 2025
    risk 0.12cvss epss 0.12

    Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitrary code.

  • CVE-2023-21492KEVMay 4, 2023
    risk 0.12cvss epss 0.03

    Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR.

  • CVE-2022-22265KEVJan 7, 2022
    risk 0.12cvss epss 0.00

    An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution.

  • CVE-2021-25489KEVOct 6, 2021
    risk 0.12cvss epss 0.01

    Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.

  • CVE-2021-25487KEVOct 6, 2021
    risk 0.12cvss epss 0.01

    Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.

  • CVE-2021-25394KEVJun 11, 2021
    risk 0.12cvss epss 0.00

    A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is compromised.

  • CVE-2021-25395KEVJun 11, 2021
    risk 0.12cvss epss 0.00

    A race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows local attackers to bypass signature check given a radio privilege is compromised.

  • CVE-2021-25372KEVMar 26, 2021
    risk 0.12cvss epss 0.01

    An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access.

  • CVE-2021-25371KEVMar 26, 2021
    risk 0.12cvss epss 0.01

    A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.

  • CVE-2021-25370KEVMar 26, 2021
    risk 0.12cvss epss 0.01

    An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic.

  • CVE-2021-25369KEVMar 26, 2021
    risk 0.12cvss epss 0.01

    An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace.

  • CVE-2021-25337KEVMar 4, 2021
    risk 0.12cvss epss 0.03

    Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files.

  • CVE-2024-49415Dec 3, 2024
    risk 0.01cvss epss 0.01

    Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code.

  • CVE-2023-21517Jun 28, 2023
    risk 0.01cvss epss 0.02

    Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code.

  • CVE-2020-12753May 11, 2020
    risk 0.01cvss epss 0.02

    An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. Arbitrary code execution can occur via the bootloader because of an EL1/EL3 coldboot vulnerability involving raw_resources. The LG ID is LVE-SMP-200006 (May 2020).

  • CVE-2026-20992Mar 16, 2026
    risk 0.00cvss epss 0.00

    Improper authorization in Settings prior to SMR Mar-2026 Release 1 allows local attacker to disable configuring the background data usage of application.

  • CVE-2026-20991Mar 16, 2026
    risk 0.00cvss epss 0.00

    Improper privilege management in ThemeManager prior to SMR Mar-2026 Release 1 allows local privileged attackers to reuse trial contents.

  • CVE-2026-20990Mar 16, 2026
    risk 0.00cvss epss 0.00

    Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege.

  • CVE-2026-20989Mar 16, 2026
    risk 0.00cvss epss 0.00

    Improper verification of cryptographic signature in Font Settings prior to SMR Mar-2026 Release 1 allows physical attackers to use custom font.

Page 1 of 46