Samsung Email
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-21077 | 0.00 | — | 0.00 | Nov 5, 2025 | Improper input validation in Samsung Email prior to version 6.2.06.0 allows local attackers to launch arbitrary activity with Samsung Email privilege. | |||
| CVE-2025-20894 | 0.00 | — | 0.00 | Feb 4, 2025 | Improper access control in Samsung Email prior to version 6.1.97.1 allows physical attackers to access data across multiple user profiles. | |||
| CVE-2024-34636 | 0.00 | — | 0.00 | Aug 7, 2024 | Use of implicit intent for sensitive communication in Samsung Email prior to version 6.1.94.2 allows local attackers to get sensitive information. | |||
| CVE-2024-20867 | 0.00 | — | 0.00 | May 7, 2024 | Improper privilege management vulnerability in Samsung Email prior to version 6.1.91.14 allows local attackers to access sensitive information. | |||
| CVE-2024-20807 | 0.00 | — | 0.00 | Jan 4, 2024 | Implicit intent hijacking vulnerability in Samsung Email prior to version 6.1.90.16 allows local attacker to get sensitive information. | |||
| CVE-2023-42553 | 0.00 | — | 0.00 | Nov 7, 2023 | Improper authorization verification vulnerability in Samsung Email prior to version 6.1.90.4 allows attackers to read sandbox data of email. | |||
| CVE-2023-30729 | 0.00 | — | 0.00 | Sep 6, 2023 | Improper Certificate Validation in Samsung Email prior to version 6.1.82.0 allows remote attacker to intercept the network traffic including sensitive information. | |||
| CVE-2022-36864 | 0.00 | — | 0.00 | Sep 9, 2022 | Improper access control and intent redirection in Samsung Email prior to 6.1.70.20 allows attacker to access specific formatted file and execute privileged behavior. | |||
| CVE-2022-36837 | 0.00 | — | 0.00 | Aug 5, 2022 | Intent redirection vulnerability using implicit intent in Samsung email prior to version 6.1.70.20 allows attacker to get sensitive information. | |||
| CVE-2022-22287 | 0.00 | — | 0.00 | Jan 7, 2022 | Abitrary file access vulnerability in Samsung Email prior to 6.1.60.16 allows attacker to read isolated data in sandbox. | |||
| CVE-2021-25376 | 0.00 | — | 0.00 | Apr 9, 2021 | An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLS negotiation is failed. | |||
| CVE-2021-25375 | 0.00 | — | 0.00 | Apr 9, 2021 | Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment. | |||
| CVE-2018-10497 | 0.00 | — | 0.00 | Sep 24, 2018 | This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The… | |||
| CVE-2018-10498 | 0.00 | — | 0.00 | Sep 24, 2018 | This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this… |
- CVE-2025-21077Nov 5, 2025risk 0.00cvss —epss 0.00
Improper input validation in Samsung Email prior to version 6.2.06.0 allows local attackers to launch arbitrary activity with Samsung Email privilege.
- CVE-2025-20894Feb 4, 2025risk 0.00cvss —epss 0.00
Improper access control in Samsung Email prior to version 6.1.97.1 allows physical attackers to access data across multiple user profiles.
- CVE-2024-34636Aug 7, 2024risk 0.00cvss —epss 0.00
Use of implicit intent for sensitive communication in Samsung Email prior to version 6.1.94.2 allows local attackers to get sensitive information.
- CVE-2024-20867May 7, 2024risk 0.00cvss —epss 0.00
Improper privilege management vulnerability in Samsung Email prior to version 6.1.91.14 allows local attackers to access sensitive information.
- CVE-2024-20807Jan 4, 2024risk 0.00cvss —epss 0.00
Implicit intent hijacking vulnerability in Samsung Email prior to version 6.1.90.16 allows local attacker to get sensitive information.
- CVE-2023-42553Nov 7, 2023risk 0.00cvss —epss 0.00
Improper authorization verification vulnerability in Samsung Email prior to version 6.1.90.4 allows attackers to read sandbox data of email.
- CVE-2023-30729Sep 6, 2023risk 0.00cvss —epss 0.00
Improper Certificate Validation in Samsung Email prior to version 6.1.82.0 allows remote attacker to intercept the network traffic including sensitive information.
- CVE-2022-36864Sep 9, 2022risk 0.00cvss —epss 0.00
Improper access control and intent redirection in Samsung Email prior to 6.1.70.20 allows attacker to access specific formatted file and execute privileged behavior.
- CVE-2022-36837Aug 5, 2022risk 0.00cvss —epss 0.00
Intent redirection vulnerability using implicit intent in Samsung email prior to version 6.1.70.20 allows attacker to get sensitive information.
- CVE-2022-22287Jan 7, 2022risk 0.00cvss —epss 0.00
Abitrary file access vulnerability in Samsung Email prior to 6.1.60.16 allows attacker to read isolated data in sandbox.
- CVE-2021-25376Apr 9, 2021risk 0.00cvss —epss 0.00
An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLS negotiation is failed.
- CVE-2021-25375Apr 9, 2021risk 0.00cvss —epss 0.00
Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment.
- CVE-2018-10497Sep 24, 2018risk 0.00cvss —epss 0.00
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The…
- CVE-2018-10498Sep 24, 2018risk 0.00cvss —epss 0.00
This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this…