Samsung Notes
CVEs (63)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-25405 | Med | 0.36 | 5.5 | 0.00 | Jun 11, 2021 | An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files. | ||
| CVE-2021-25355 | Med | 0.36 | 5.5 | 0.00 | Mar 25, 2021 | Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | ||
| CVE-2025-20924 | Med | 0.30 | 4.6 | 0.00 | Mar 6, 2025 | Improper access control in Samsung Notes prior to version 4.4.26.71 allows physical attackers to access data across multiple user profiles. | ||
| CVE-2024-20868 | Med | 0.29 | 4.4 | 0.00 | May 7, 2024 | Improper input validation in Samsung Notes prior to version 4.4.15 allows local attackers to delete files with Samsung Notes privilege under certain conditions. | ||
| CVE-2025-20950 | Med | 0.26 | 4.0 | 0.00 | Apr 8, 2025 | Use of implicit intent for sensitive communication in SamsungNotes prior to version 4.4.26.45 allows local attackers to access sensitive information. | ||
| CVE-2024-34658 | Med | 0.26 | 4.0 | 0.00 | Sep 4, 2024 | Out-of-bounds read in Samsung Notes allows local attackers to bypass ASLR. | ||
| CVE-2024-34635 | Med | 0.26 | 4.0 | 0.00 | Aug 7, 2024 | Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory. | ||
| CVE-2024-34634 | Med | 0.26 | 4.0 | 0.00 | Aug 7, 2024 | Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory. | ||
| CVE-2024-34633 | Med | 0.26 | 4.0 | 0.00 | Aug 7, 2024 | Out-of-bounds read in parsing object header in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory. | ||
| CVE-2024-34632 | Med | 0.26 | 4.0 | 0.00 | Aug 7, 2024 | Out-of-bounds read in uuid parsing in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory. | ||
| CVE-2021-25494 | Med | 0.26 | 4.0 | 0.00 | Oct 6, 2021 | A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution. | ||
| CVE-2021-25493 | Med | 0.26 | 4.0 | 0.00 | Oct 6, 2021 | Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read | ||
| CVE-2021-25367 | Low | 0.24 | 3.7 | 0.01 | Mar 25, 2021 | Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission. | ||
| CVE-2025-20977 | Low | 0.21 | 3.3 | 0.00 | May 7, 2025 | Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability. | ||
| CVE-2021-25402 | Low | 0.21 | 3.3 | 0.00 | Jun 11, 2021 | Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information. | ||
| CVE-2025-21070 | 0.00 | — | 0.00 | Oct 10, 2025 | Out-of-bounds write in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to write out-of-bounds memory. | |||
| CVE-2025-21069 | 0.00 | — | 0.00 | Oct 10, 2025 | Out-of-bounds read in the parsing of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory. | |||
| CVE-2025-21068 | 0.00 | — | 0.00 | Oct 10, 2025 | Out-of-bounds read in the reading of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory. | |||
| CVE-2025-21067 | 0.00 | — | 0.00 | Oct 10, 2025 | Out-of-bounds read in the allocation of image buffer in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory. | |||
| CVE-2025-21066 | 0.00 | — | 0.00 | Oct 10, 2025 | Out-of-bounds read in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory. |
- risk 0.36cvss 5.5epss 0.00
An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files.
- risk 0.36cvss 5.5epss 0.00
Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent.
- risk 0.30cvss 4.6epss 0.00
Improper access control in Samsung Notes prior to version 4.4.26.71 allows physical attackers to access data across multiple user profiles.
- risk 0.29cvss 4.4epss 0.00
Improper input validation in Samsung Notes prior to version 4.4.15 allows local attackers to delete files with Samsung Notes privilege under certain conditions.
- risk 0.26cvss 4.0epss 0.00
Use of implicit intent for sensitive communication in SamsungNotes prior to version 4.4.26.45 allows local attackers to access sensitive information.
- risk 0.26cvss 4.0epss 0.00
Out-of-bounds read in Samsung Notes allows local attackers to bypass ASLR.
- risk 0.26cvss 4.0epss 0.00
Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.
- risk 0.26cvss 4.0epss 0.00
Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.
- risk 0.26cvss 4.0epss 0.00
Out-of-bounds read in parsing object header in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.
- risk 0.26cvss 4.0epss 0.00
Out-of-bounds read in uuid parsing in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.
- risk 0.26cvss 4.0epss 0.00
A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.
- risk 0.26cvss 4.0epss 0.00
Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read
- risk 0.24cvss 3.7epss 0.01
Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission.
- risk 0.21cvss 3.3epss 0.00
Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.
- risk 0.21cvss 3.3epss 0.00
Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information.
- CVE-2025-21070Oct 10, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to write out-of-bounds memory.
- CVE-2025-21069Oct 10, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in the parsing of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.
- CVE-2025-21068Oct 10, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in the reading of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.
- CVE-2025-21067Oct 10, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in the allocation of image buffer in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.
- CVE-2025-21066Oct 10, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.
Page 3 of 4