Vendor CVEs
Samsung Mobile
All CVEs
2,204 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-21001 | 0.00 | — | 0.00 | Jul 8, 2025 | Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to stop broadcasting Auracast. | |||
| CVE-2025-21000 | 0.00 | — | 0.00 | Jul 8, 2025 | Improper privilege management in Bluetooth prior to SMR Jul-2025 Release 1 allows local attackers to enable Bluetooth. | |||
| CVE-2025-20999 | 0.00 | — | 0.00 | Jul 8, 2025 | Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Release 1 allows secondary users to access owner's saved Wi-Fi password. | |||
| CVE-2025-20998 | 0.00 | — | 0.00 | Jul 8, 2025 | Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number. | |||
| CVE-2025-20997 | 0.00 | — | 0.00 | Jul 8, 2025 | Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch. | |||
| CVE-2025-20983 | 0.00 | — | 0.00 | Jul 8, 2025 | Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. | |||
| CVE-2025-20982 | 0.00 | — | 0.00 | Jul 8, 2025 | Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. | |||
| CVE-2025-47202 | 0.00 | — | 0.00 | Jul 7, 2025 | In RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400, the lack of a length check leads to out-of-bounds writes. | |||
| CVE-2025-26780 | 0.00 | — | 0.00 | Jul 7, 2025 | An issue was discovered in L2 in Samsung Mobile Processor and Modem Exynos 2400 and Modem 5400. The lack of a length check leads to a Denial of Service via a malformed PDCP packet. | |||
| CVE-2025-20996 | 0.00 | — | 0.00 | Jun 4, 2025 | Improper authorization in Smart Switch installed on non-Samsung Device prior to version 3.7.64.10 allows local attackers to read data with the privilege of Smart Switch. User interaction is required for triggering this vulnerability. | |||
| CVE-2025-20995 | 0.00 | — | 0.00 | Jun 4, 2025 | Improper handling of insufficient permission in ClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to read and write arbitrary files. | |||
| CVE-2025-20994 | 0.00 | — | 0.00 | Jun 4, 2025 | Improper handling of insufficient permission in SyncClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to access read and write arbitrary files. | |||
| CVE-2025-20993 | 0.00 | — | 0.00 | Jun 4, 2025 | Out-of-bounds write in libsecimaging.camera.samsung.so prior to SMR Jun-2025 Release 1 allows local attackers to write out-of-bounds memory. | |||
| CVE-2025-20992 | 0.00 | — | 0.00 | Jun 4, 2025 | Out-of-bound read in libsecimaging.camera.samsung.so prior to SMR Feb-2025 Release 1 allows local attackers to read out-of-bounds memory. | |||
| CVE-2025-20991 | 0.00 | — | 0.00 | Jun 4, 2025 | Improper export of Android application components in Bluetooth prior to SMR Jun-2025 Release 1 allows local attackers to make devices discoverable. | |||
| CVE-2025-20989 | 0.00 | — | 0.00 | Jun 4, 2025 | Improper logging in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a hmac_key. | |||
| CVE-2025-20988 | 0.00 | — | 0.00 | Jun 4, 2025 | Out-of-bounds read in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to read out-of-bounds memory. | |||
| CVE-2025-20987 | 0.00 | — | 0.00 | Jun 4, 2025 | Improper access control in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a auth_token. | |||
| CVE-2025-20986 | 0.00 | — | 0.00 | Jun 4, 2025 | Improper access control in ScreenCapture for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to take screenshots. | |||
| CVE-2025-20985 | 0.00 | — | 0.00 | Jun 4, 2025 | Improper privilege management in ThemeManager prior to SMR Jun-2025 Release 1 allows local privileged attackers to reuse trial items. | |||
| CVE-2025-20984 | 0.00 | — | 0.00 | Jun 4, 2025 | Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access data in Samsung Cloud for Galaxy Watch. | |||
| CVE-2025-20981 | 0.00 | — | 0.00 | Jun 4, 2025 | Improper access control in AudioService prior to SMR Jun-2025 Release 1 allows local attackers to access sensitive information. | |||
| CVE-2025-23106 | 0.00 | — | 0.00 | Jun 4, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation. | |||
| CVE-2025-23101 | 0.00 | — | 0.00 | Jun 4, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 1380. A Use-After-Free in the mobile processor leads to privilege escalation. | |||
| CVE-2025-23096 | 0.00 | — | 0.00 | Jun 4, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. A Double Free in the mobile processor leads to privilege escalation. | |||
| CVE-2025-23095 | 0.00 | — | 0.00 | Jun 4, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. A Double Free in the mobile processor leads to privilege escalation. | |||
| CVE-2025-23102 | 0.00 | — | 0.00 | Jun 3, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380, 1480 and 2400. A Double Free in the mobile processor leads to privilege escalation. | |||
| CVE-2025-23100 | 0.00 | — | 0.00 | Jun 3, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. The absence of a NULL check leads to a Denial of Service. | |||
| CVE-2025-23098 | 0.00 | — | 0.00 | Jun 3, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380. A Use-After-Free in the mobile processor leads to privilege escalation. | |||
| CVE-2025-23107 | 0.00 | — | 0.00 | Jun 3, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes. | |||
| CVE-2025-23103 | 0.00 | — | 0.00 | Jun 3, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes. | |||
| CVE-2025-23097 | 0.00 | — | 0.00 | Jun 3, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 1380. The lack of a length check leads to out-of-bounds writes. | |||
| CVE-2025-23104 | 0.00 | — | 0.00 | Jun 2, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 2200. A Use-After-Free in the mobile processor leads to privilege escalation. | |||
| CVE-2025-23099 | 0.00 | — | 0.00 | Jun 2, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes. | |||
| CVE-2025-23105 | 0.00 | — | 0.00 | Jun 2, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation. | |||
| CVE-2025-22377 | 0.00 | — | 0.00 | May 27, 2025 | An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. A Heap-based Out-of-Bounds Write exists in the GPRS protocol… | |||
| CVE-2024-49197 | 0.00 | — | 0.00 | May 27, 2025 | An issue was discovered in Wi-Fi in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOP_KEEP_ALIVE_OFFLOAD leads to out-of-bounds access. | |||
| CVE-2024-49196 | 0.00 | — | 0.00 | May 27, 2025 | An issue was discovered in the GPU in Samsung Mobile Processor Exynos 1480 and 2400. Type confusion leads to a Denial of Service. | |||
| CVE-2025-32407 | 0.00 | — | 0.00 | May 16, 2025 | Samsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does not properly validate TLS certificates, allowing for an attacker to impersonate any and all websites visited by the user. This is a critical misconfiguration in the way the browser… | |||
| CVE-2024-55569 | 0.00 | — | 0.00 | May 14, 2025 | An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes. | |||
| CVE-2025-27891 | 0.00 | — | 0.00 | May 14, 2025 | An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds reads via malformed… | |||
| CVE-2025-26785 | 0.00 | — | 0.00 | May 14, 2025 | An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes. | |||
| CVE-2025-26784 | 0.00 | — | 0.00 | May 14, 2025 | An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes. | |||
| CVE-2024-56427 | 0.00 | — | 0.00 | May 14, 2025 | An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds access via malformed… | |||
| CVE-2025-26783 | 0.00 | — | 0.00 | May 14, 2025 | An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, W1000, Modem 5300, and Modem 5400. Incorrect handling of undefined values leads to a Denial of Service. | |||
| CVE-2025-20977 | 0.00 | — | 0.00 | May 7, 2025 | Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability. | |||
| CVE-2025-20976 | 0.00 | — | 0.00 | May 7, 2025 | Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds memory. | |||
| CVE-2025-20972 | 0.00 | — | 0.00 | May 7, 2025 | Improper verification of intent by broadcast receiver in Samsung Flow prior to version 4.9.17.6 allows local attackers to modify Samsung Flow configuration. | |||
| CVE-2025-20971 | 0.00 | — | 0.00 | May 7, 2025 | Improper input validation in Samsung Flow prior to version 4.9.17.6 allows local attackers to access data within Samsung Flow. | |||
| CVE-2025-20969 | 0.00 | — | 0.00 | May 7, 2025 | Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within Samsung Gallery. |
- CVE-2025-21001Jul 8, 2025risk 0.00cvss —epss 0.00
Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to stop broadcasting Auracast.
- CVE-2025-21000Jul 8, 2025risk 0.00cvss —epss 0.00
Improper privilege management in Bluetooth prior to SMR Jul-2025 Release 1 allows local attackers to enable Bluetooth.
- CVE-2025-20999Jul 8, 2025risk 0.00cvss —epss 0.00
Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Release 1 allows secondary users to access owner's saved Wi-Fi password.
- CVE-2025-20998Jul 8, 2025risk 0.00cvss —epss 0.00
Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number.
- CVE-2025-20997Jul 8, 2025risk 0.00cvss —epss 0.00
Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch.
- CVE-2025-20983Jul 8, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
- CVE-2025-20982Jul 8, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
- CVE-2025-47202Jul 7, 2025risk 0.00cvss —epss 0.00
In RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400, the lack of a length check leads to out-of-bounds writes.
- CVE-2025-26780Jul 7, 2025risk 0.00cvss —epss 0.00
An issue was discovered in L2 in Samsung Mobile Processor and Modem Exynos 2400 and Modem 5400. The lack of a length check leads to a Denial of Service via a malformed PDCP packet.
- CVE-2025-20996Jun 4, 2025risk 0.00cvss —epss 0.00
Improper authorization in Smart Switch installed on non-Samsung Device prior to version 3.7.64.10 allows local attackers to read data with the privilege of Smart Switch. User interaction is required for triggering this vulnerability.
- CVE-2025-20995Jun 4, 2025risk 0.00cvss —epss 0.00
Improper handling of insufficient permission in ClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to read and write arbitrary files.
- CVE-2025-20994Jun 4, 2025risk 0.00cvss —epss 0.00
Improper handling of insufficient permission in SyncClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local attackers to access read and write arbitrary files.
- CVE-2025-20993Jun 4, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in libsecimaging.camera.samsung.so prior to SMR Jun-2025 Release 1 allows local attackers to write out-of-bounds memory.
- CVE-2025-20992Jun 4, 2025risk 0.00cvss —epss 0.00
Out-of-bound read in libsecimaging.camera.samsung.so prior to SMR Feb-2025 Release 1 allows local attackers to read out-of-bounds memory.
- CVE-2025-20991Jun 4, 2025risk 0.00cvss —epss 0.00
Improper export of Android application components in Bluetooth prior to SMR Jun-2025 Release 1 allows local attackers to make devices discoverable.
- CVE-2025-20989Jun 4, 2025risk 0.00cvss —epss 0.00
Improper logging in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a hmac_key.
- CVE-2025-20988Jun 4, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to read out-of-bounds memory.
- CVE-2025-20987Jun 4, 2025risk 0.00cvss —epss 0.00
Improper access control in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a auth_token.
- CVE-2025-20986Jun 4, 2025risk 0.00cvss —epss 0.00
Improper access control in ScreenCapture for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to take screenshots.
- CVE-2025-20985Jun 4, 2025risk 0.00cvss —epss 0.00
Improper privilege management in ThemeManager prior to SMR Jun-2025 Release 1 allows local privileged attackers to reuse trial items.
- CVE-2025-20984Jun 4, 2025risk 0.00cvss —epss 0.00
Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access data in Samsung Cloud for Galaxy Watch.
- CVE-2025-20981Jun 4, 2025risk 0.00cvss —epss 0.00
Improper access control in AudioService prior to SMR Jun-2025 Release 1 allows local attackers to access sensitive information.
- CVE-2025-23106Jun 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation.
- CVE-2025-23101Jun 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 1380. A Use-After-Free in the mobile processor leads to privilege escalation.
- CVE-2025-23096Jun 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. A Double Free in the mobile processor leads to privilege escalation.
- CVE-2025-23095Jun 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. A Double Free in the mobile processor leads to privilege escalation.
- CVE-2025-23102Jun 3, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380, 1480 and 2400. A Double Free in the mobile processor leads to privilege escalation.
- CVE-2025-23100Jun 3, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. The absence of a NULL check leads to a Denial of Service.
- CVE-2025-23098Jun 3, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380. A Use-After-Free in the mobile processor leads to privilege escalation.
- CVE-2025-23107Jun 3, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.
- CVE-2025-23103Jun 3, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.
- CVE-2025-23097Jun 3, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 1380. The lack of a length check leads to out-of-bounds writes.
- CVE-2025-23104Jun 2, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 2200. A Use-After-Free in the mobile processor leads to privilege escalation.
- CVE-2025-23099Jun 2, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes.
- CVE-2025-23105Jun 2, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation.
- CVE-2025-22377May 27, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. A Heap-based Out-of-Bounds Write exists in the GPRS protocol…
- CVE-2024-49197May 27, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Wi-Fi in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Lack of a boundary check in STOP_KEEP_ALIVE_OFFLOAD leads to out-of-bounds access.
- CVE-2024-49196May 27, 2025risk 0.00cvss —epss 0.00
An issue was discovered in the GPU in Samsung Mobile Processor Exynos 1480 and 2400. Type confusion leads to a Denial of Service.
- CVE-2025-32407May 16, 2025risk 0.00cvss —epss 0.00
Samsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does not properly validate TLS certificates, allowing for an attacker to impersonate any and all websites visited by the user. This is a critical misconfiguration in the way the browser…
- CVE-2024-55569May 14, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes.
- CVE-2025-27891May 14, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds reads via malformed…
- CVE-2025-26785May 14, 2025risk 0.00cvss —epss 0.00
An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes.
- CVE-2025-26784May 14, 2025risk 0.00cvss —epss 0.00
An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes.
- CVE-2024-56427May 14, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds access via malformed…
- CVE-2025-26783May 14, 2025risk 0.00cvss —epss 0.00
An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, W1000, Modem 5300, and Modem 5400. Incorrect handling of undefined values leads to a Denial of Service.
- CVE-2025-20977May 7, 2025risk 0.00cvss —epss 0.00
Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.
- CVE-2025-20976May 7, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds memory.
- CVE-2025-20972May 7, 2025risk 0.00cvss —epss 0.00
Improper verification of intent by broadcast receiver in Samsung Flow prior to version 4.9.17.6 allows local attackers to modify Samsung Flow configuration.
- CVE-2025-20971May 7, 2025risk 0.00cvss —epss 0.00
Improper input validation in Samsung Flow prior to version 4.9.17.6 allows local attackers to access data within Samsung Flow.
- CVE-2025-20969May 7, 2025risk 0.00cvss —epss 0.00
Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within Samsung Gallery.
Page 12 of 45