Internet
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-58485 | 0.00 | — | 0.00 | Dec 2, 2025 | Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbitrary script. | |||
| CVE-2025-20995 | 0.00 | — | 0.00 | Jun 4, 2025 | Improper handling of insufficient permission in ClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to read and write arbitrary files. | |||
| CVE-2025-20994 | 0.00 | — | 0.00 | Jun 4, 2025 | Improper handling of insufficient permission in SyncClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to access read and write arbitrary files. |
- CVE-2025-58485Dec 2, 2025risk 0.00cvss —epss 0.00
Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbitrary script.
- CVE-2025-20995Jun 4, 2025risk 0.00cvss —epss 0.00
Improper handling of insufficient permission in ClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to read and write arbitrary files.
- CVE-2025-20994Jun 4, 2025risk 0.00cvss —epss 0.00
Improper handling of insufficient permission in SyncClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to access read and write arbitrary files.