Internet
CVEs (30)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-25521 | Med | 0.26 | 4.0 | 0.00 | Dec 8, 2021 | Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in Samsung Internet. | ||
| CVE-2023-30704 | Low | 0.25 | 3.8 | 0.00 | Aug 10, 2023 | Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication. | ||
| CVE-2024-34671 | Low | 0.21 | 3.3 | 0.00 | Oct 8, 2024 | Use of implicit intent for sensitive communication in translation혻in Samsung Internet prior to version 26.0.3.1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability. | ||
| CVE-2022-36835 | Low | 0.21 | 3.3 | 0.00 | Aug 5, 2022 | Implicit Intent hijacking vulnerability in Samsung Internet Browser prior to version 17.0.7.34 allows attackers to access arbitrary files. | ||
| CVE-2022-27839 | Low | 0.21 | 3.3 | 0.01 | Apr 11, 2022 | Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1 allows attackers to access bookmark tab without proper credentials. | ||
| CVE-2021-25366 | Low | 0.21 | 3.2 | 0.00 | Mar 25, 2021 | Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication. | ||
| CVE-2021-25354 | Low | 0.21 | 3.3 | 0.00 | Mar 25, 2021 | Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink. | ||
| CVE-2024-20828 | Low | 0.16 | 2.4 | 0.00 | Feb 6, 2024 | Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication. | ||
| CVE-2021-25348 | Low | 0.14 | 2.1 | 0.00 | Mar 4, 2021 | Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission. | ||
| CVE-2025-58485 | 0.00 | — | 0.00 | Dec 2, 2025 | Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbitrary script. |
- risk 0.26cvss 4.0epss 0.00
Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in Samsung Internet.
- risk 0.25cvss 3.8epss 0.00
Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication.
- risk 0.21cvss 3.3epss 0.00
Use of implicit intent for sensitive communication in translation혻in Samsung Internet prior to version 26.0.3.1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.
- risk 0.21cvss 3.3epss 0.00
Implicit Intent hijacking vulnerability in Samsung Internet Browser prior to version 17.0.7.34 allows attackers to access arbitrary files.
- risk 0.21cvss 3.3epss 0.01
Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1 allows attackers to access bookmark tab without proper credentials.
- risk 0.21cvss 3.2epss 0.00
Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication.
- risk 0.21cvss 3.3epss 0.00
Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink.
- risk 0.16cvss 2.4epss 0.00
Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication.
- risk 0.14cvss 2.1epss 0.00
Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission.
- CVE-2025-58485Dec 2, 2025risk 0.00cvss —epss 0.00
Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbitrary script.
Page 2 of 2