VYPR

Android

by Samsung Mobile

CVEs (43)

  • CVE-2026-21031HigJun 5, 2026
    risk 0.51cvss 7.8epss 0.00

    Improper authorization in AppBlock prior to SMR Jun-2026 Release 1 allows local attacker to launch arbitrary activity. User interaction is required for triggering this vulnerability.

  • CVE-2026-21030HigJun 5, 2026
    risk 0.51cvss 7.8epss 0.00

    Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions.

  • CVE-2026-21029HigJun 5, 2026
    risk 0.51cvss 7.8epss 0.00

    Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to execute privileged operations.

  • CVE-2026-21020HigMay 13, 2026
    risk 0.51cvss 7.8epss 0.00

    Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions.

  • CVE-2016-4038HigFeb 1, 2017
    risk 0.51cvss 7.8epss 0.00

    Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have…

  • CVE-2015-7891HigAug 2, 2017
    risk 0.49cvss 7.0epss 0.01

    Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598.

  • CVE-2016-4547HigFeb 13, 2017
    risk 0.49cvss 7.5epss 0.01

    Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C.

  • CVE-2026-21021MedMay 13, 2026
    risk 0.44cvss 6.8epss 0.00

    Improper input validation in Routines prior to SMR May-2026 Release 1 allows physical attackers to launch privileged activity.

  • CVE-2026-21018MedMay 13, 2026
    risk 0.44cvss 6.7epss 0.00

    Out-of-bounds write in SveService prior to SMR May-2026 Release 1 allows local privileged attackers to execute arbitrary code.

  • CVE-2026-21011MedApr 13, 2026
    risk 0.44cvss 6.8epss 0.00

    Incorrect privilege assignment in Bluetooth in Maintenance mode prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Extend Unlock.

  • CVE-2026-21009MedApr 13, 2026
    risk 0.44cvss 6.8epss 0.00

    Improper check for exceptional conditions in Recents prior to SMR Apr-2026 Release 1 allows physical attacker to bypass App Pinning.

  • CVE-2026-21007MedApr 13, 2026
    risk 0.44cvss 6.8epss 0.00

    Improper check for exceptional conditions in Device Care prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Knox Guard.

  • CVE-2026-21003MedApr 13, 2026
    risk 0.44cvss 6.8epss 0.00

    Improper input validation in data related to network restrictions prior to SMR Apr-2026 Release 1 allows physical attackers to bypass the restrictions.

  • CVE-2026-21010MedApr 13, 2026
    risk 0.43cvss 6.6epss 0.00

    Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions.

  • CVE-2026-21008MedApr 13, 2026
    risk 0.42cvss 6.5epss 0.00

    Exposure of sensitive information in S Share prior to SMR Apr-2026 Release 1 allows adjacent attacker to access sensitive information.

  • CVE-2026-21028MedJun 5, 2026
    risk 0.36cvss 5.5epss 0.00

    Improper access control in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information.

  • CVE-2026-21026MedJun 5, 2026
    risk 0.36cvss 5.5epss 0.00

    Improper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information.

  • CVE-2026-21025MedJun 5, 2026
    risk 0.36cvss 5.5epss 0.00

    Incorrect privilege assignment in Telephony prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information.

  • CVE-2026-21017MedJun 5, 2026
    risk 0.36cvss 5.5epss 0.00

    Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files.

  • CVE-2026-21022MedMay 13, 2026
    risk 0.36cvss 5.5epss 0.00

    Improper handling of insufficient permissions in Routines prior to SMR May-2026 Release 1 allows local attackers to access sensitive information.

Page 1 of 3