VYPR

Vendor CVEs

Samsung Mobile

All CVEs

2,204 total · sorted by risk
  • CVE-2025-21001Jul 8, 2025
    risk 0.00cvss epss 0.00

    Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to stop broadcasting Auracast.

  • CVE-2025-21000Jul 8, 2025
    risk 0.00cvss epss 0.00

    Improper privilege management in Bluetooth prior to SMR Jul-2025 Release 1 allows local attackers to enable Bluetooth.

  • CVE-2025-20999Jul 8, 2025
    risk 0.00cvss epss 0.00

    Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Release 1 allows secondary users to access owner's saved Wi-Fi password.

  • CVE-2025-20998Jul 8, 2025
    risk 0.00cvss epss 0.00

    Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number.

  • CVE-2025-20997Jul 8, 2025
    risk 0.00cvss epss 0.00

    Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch.

  • CVE-2025-20983Jul 8, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.

  • CVE-2025-20982Jul 8, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.

  • CVE-2025-47202Jul 7, 2025
    risk 0.00cvss epss 0.00

    In RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400, the lack of a length check leads to out-of-bounds writes.

  • CVE-2025-26780Jul 7, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in L2 in Samsung Mobile Processor and Modem Exynos 2400 and Modem 5400. The lack of a length check leads to a Denial of Service via a malformed PDCP packet.

  • CVE-2025-20996Jun 4, 2025
    risk 0.00cvss epss 0.00

    Improper authorization in Smart Switch installed on non-Samsung Device prior to version 3.7.64.10 allows local attackers to read data with the privilege of Smart Switch. User interaction is required for triggering this vulnerability.

  • CVE-2025-20995Jun 4, 2025
    risk 0.00cvss epss 0.00

    Improper handling of insufficient permission in ClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to read and write arbitrary files.

  • CVE-2025-20994Jun 4, 2025
    risk 0.00cvss epss 0.00

    Improper handling of insufficient permission in SyncClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to access read and write arbitrary files.

  • CVE-2025-20993Jun 4, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds write in libsecimaging.camera.samsung.so prior to SMR Jun-2025 Release 1 allows local attackers to write out-of-bounds memory.

  • CVE-2025-20992Jun 4, 2025
    risk 0.00cvss epss 0.00

    Out-of-bound read in libsecimaging.camera.samsung.so prior to SMR Feb-2025 Release 1 allows local attackers to read out-of-bounds memory.

  • CVE-2025-20991Jun 4, 2025
    risk 0.00cvss epss 0.00

    Improper export of Android application components in Bluetooth prior to SMR Jun-2025 Release 1 allows local attackers to make devices discoverable.

  • CVE-2025-20989Jun 4, 2025
    risk 0.00cvss epss 0.00

    Improper logging in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a hmac_key.

  • CVE-2025-20988Jun 4, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to read out-of-bounds memory.

  • CVE-2025-20987Jun 4, 2025
    risk 0.00cvss epss 0.00

    Improper access control in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a auth_token.

  • CVE-2025-20986Jun 4, 2025
    risk 0.00cvss epss 0.00

    Improper access control in ScreenCapture for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to take screenshots.

  • CVE-2025-20985Jun 4, 2025
    risk 0.00cvss epss 0.00

    Improper privilege management in ThemeManager prior to SMR Jun-2025 Release 1 allows local privileged attackers to reuse trial items.

  • CVE-2025-20984Jun 4, 2025
    risk 0.00cvss epss 0.00

    Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access data in Samsung Cloud for Galaxy Watch.

  • CVE-2025-20981Jun 4, 2025
    risk 0.00cvss epss 0.00

    Improper access control in AudioService prior to SMR Jun-2025 Release 1 allows local attackers to access sensitive information.

  • CVE-2025-23106Jun 4, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation.

  • CVE-2025-23101Jun 4, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor Exynos 1380. A Use-After-Free in the mobile processor leads to privilege escalation.

  • CVE-2025-23096Jun 4, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. A Double Free in the mobile processor leads to privilege escalation.

  • CVE-2025-23095Jun 4, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. A Double Free in the mobile processor leads to privilege escalation.

  • CVE-2025-23102Jun 3, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380, 1480 and 2400. A Double Free in the mobile processor leads to privilege escalation.

  • CVE-2025-23100Jun 3, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. The absence of a NULL check leads to a Denial of Service.

  • CVE-2025-23098Jun 3, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380. A Use-After-Free in the mobile processor leads to privilege escalation.

  • CVE-2025-23107Jun 3, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.

  • CVE-2025-23103Jun 3, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.

  • CVE-2025-23097Jun 3, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor Exynos 1380. The lack of a length check leads to out-of-bounds writes.

  • CVE-2025-23104Jun 2, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor Exynos 2200. A Use-After-Free in the mobile processor leads to privilege escalation.

  • CVE-2025-23099Jun 2, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.

  • CVE-2025-23105Jun 2, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation.

  • CVE-2025-22377May 27, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. A Heap-based Out-of-Bounds Write exists in the GPRS protocol…

  • CVE-2024-49197May 27, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Wi-Fi in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOP_KEEP_ALIVE_OFFLOAD leads to out-of-bounds access.

  • CVE-2024-49196May 27, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in the GPU in Samsung Mobile Processor Exynos 1480 and 2400. Type confusion leads to a Denial of Service.

  • CVE-2025-32407May 16, 2025
    risk 0.00cvss epss 0.00

    Samsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does not properly validate TLS certificates, allowing for an attacker to impersonate any and all websites visited by the user. This is a critical misconfiguration in the way the browser…

  • CVE-2024-55569May 14, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes.

  • CVE-2025-27891May 14, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds reads via malformed…

  • CVE-2025-26785May 14, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes.

  • CVE-2025-26784May 14, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes.

  • CVE-2024-56427May 14, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds access via malformed…

  • CVE-2025-26783May 14, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, W1000, Modem 5300, and Modem 5400. Incorrect handling of undefined values leads to a Denial of Service.

  • CVE-2025-20977May 7, 2025
    risk 0.00cvss epss 0.00

    Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.

  • CVE-2025-20976May 7, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds memory.

  • CVE-2025-20972May 7, 2025
    risk 0.00cvss epss 0.00

    Improper verification of intent by broadcast receiver in Samsung Flow prior to version 4.9.17.6 allows local attackers to modify Samsung Flow configuration.

  • CVE-2025-20971May 7, 2025
    risk 0.00cvss epss 0.00

    Improper input validation in Samsung Flow prior to version 4.9.17.6 allows local attackers to access data within Samsung Flow.

  • CVE-2025-20969May 7, 2025
    risk 0.00cvss epss 0.00

    Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within Samsung Gallery.

Page 12 of 45