VYPR

mobile devices

by Samsung Mobile

CVEs (911)

  • CVE-2023-21468Sep 3, 2025
    risk 0.00cvss epss 0.00

    Improper access control vulnerability in Telephony prior to SMR Apr-2023 Release 1 allows attackers to access files with escalated permission.

  • CVE-2023-21467Sep 3, 2025
    risk 0.00cvss epss 0.00

    Error in 3GPP specification implementation in Exynos baseband prior to SMR Apr-2023 Release 1 allows incorrect handling of unencrypted message.

  • CVE-2023-21466Sep 3, 2025
    risk 0.00cvss epss 0.00

    PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023 Release 1 allows local attackers to access contentProvider without proper permission.

  • CVE-2025-21015Aug 6, 2025
    risk 0.00cvss epss 0.00

    Path Traversal in Document scanner prior to SMR Aug-2025 Release 1 allows local attackers to delete file with Document scanner's privilege.

  • CVE-2025-21014Aug 6, 2025
    risk 0.00cvss epss 0.00

    Improper export of android application component in Emergency SoS prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information.

  • CVE-2025-21010Aug 6, 2025
    risk 0.00cvss epss 0.00

    Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account.

  • CVE-2025-20990Aug 6, 2025
    risk 0.00cvss epss 0.00

    Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier.

  • CVE-2025-21004Jul 8, 2025
    risk 0.00cvss epss 0.00

    Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device.

  • CVE-2025-21003Jul 8, 2025
    risk 0.00cvss epss 0.00

    Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows local attackers to access sensitive information.

  • CVE-2025-21002Jul 8, 2025
    risk 0.00cvss epss 0.00

    Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to manipulate broadcasting Auracast.

  • CVE-2025-21001Jul 8, 2025
    risk 0.00cvss epss 0.00

    Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to stop broadcasting Auracast.

  • CVE-2025-21000Jul 8, 2025
    risk 0.00cvss epss 0.00

    Improper privilege management in Bluetooth prior to SMR Jul-2025 Release 1 allows local attackers to enable Bluetooth.

  • CVE-2025-20999Jul 8, 2025
    risk 0.00cvss epss 0.00

    Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Release 1 allows secondary users to access owner's saved Wi-Fi password.

  • CVE-2025-20998Jul 8, 2025
    risk 0.00cvss epss 0.00

    Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number.

  • CVE-2025-20997Jul 8, 2025
    risk 0.00cvss epss 0.00

    Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch.

  • CVE-2025-20983Jul 8, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.

  • CVE-2025-20982Jul 8, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.

  • CVE-2025-20993Jun 4, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds write in libsecimaging.camera.samsung.so prior to SMR Jun-2025 Release 1 allows local attackers to write out-of-bounds memory.

  • CVE-2025-20992Jun 4, 2025
    risk 0.00cvss epss 0.00

    Out-of-bound read in libsecimaging.camera.samsung.so prior to SMR Feb-2025 Release 1 allows local attackers to read out-of-bounds memory.

  • CVE-2025-20991Jun 4, 2025
    risk 0.00cvss epss 0.00

    Improper export of Android application components in Bluetooth prior to SMR Jun-2025 Release 1 allows local attackers to make devices discoverable.

Page 5 of 46