VYPR

Vendor CVEs

Samsung Mobile

All CVEs

2,204 total · sorted by risk
  • CVE-2025-20968May 7, 2025
    risk 0.00cvss epss 0.00

    Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and perform internal operations within Samsung Gallery.

  • CVE-2025-20967May 7, 2025
    risk 0.00cvss epss 0.00

    Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows attackers to read and write arbitrary file with the privilege of Samsung Gallery.

  • CVE-2025-20966May 7, 2025
    risk 0.00cvss epss 0.00

    Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows physical attackers to access data across multiple user profiles.

  • CVE-2025-20964May 7, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds write in parsing media files in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory.

  • CVE-2025-20963May 7, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory.

  • CVE-2025-20962May 7, 2025
    risk 0.00cvss epss 0.00

    Improper handling of insufficient permission in SpenGesture service prior to SMR May-2025 Release 1 allows local attackers to track the S Pen position.

  • CVE-2025-20961May 7, 2025
    risk 0.00cvss epss 0.00

    Improper handling of insufficient permission or privileges in sepunion service prior to SMR May-2025 Release 1 allows local privileged attackers to access files with system privilege.

  • CVE-2025-20960May 7, 2025
    risk 0.00cvss epss 0.00

    Improper handling of insufficient permission in CocktailBarService prior to SMR May-2025 Release 1 allows local attackers to use the privileged api.

  • CVE-2025-20959May 7, 2025
    risk 0.00cvss epss 0.00

    Use of implicit intent for sensitive communication in Wi-Fi P2P service prior to SMR May-2025 Release 1 allows local attackers to access sensitive information.

  • CVE-2025-20958May 7, 2025
    risk 0.00cvss epss 0.00

    Improper verification of intent by broadcast receiver in UnifiedWFC prior to SMR May-2025 Release 1 allows local attackers to manipulate VoWiFi related behaviors.

  • CVE-2025-20957May 7, 2025
    risk 0.00cvss epss 0.00

    Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch arbitrary activities with SmartManagerCN privilege.

  • CVE-2025-20956May 7, 2025
    risk 0.00cvss epss 0.00

    Improper export of android application components in Settings in Galaxy Watch prior to SMR May-2025 Release 1 allows physical attackers to access developer settings.

  • CVE-2025-20955May 7, 2025
    risk 0.00cvss epss 0.00

    Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification images.

  • CVE-2025-20954May 7, 2025
    risk 0.00cvss epss 0.00

    Use of implicit intent for sensitive communication in EnrichedCall prior to SMR May-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability.

  • CVE-2025-20953May 7, 2025
    risk 0.00cvss epss 0.00

    Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch activities within SmartManagerCN.

  • CVE-2025-20949May 7, 2025
    risk 0.00cvss epss 0.00

    Path traversal vulnerability in Samsung Members prior to version 5.0.00.11 allows attackers to read and write arbitrary file with the privilege of Samsung Members.

  • CVE-2025-20937May 7, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds write in Keymaster trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.

  • CVE-2025-20952Apr 9, 2025
    risk 0.00cvss epss 0.00

    Improper access control in Mdecservice prior to SMR Apr-2025 Release 1 allows local attackers to access arbitrary files with system privilege.

  • CVE-2025-20946Apr 8, 2025
    risk 0.00cvss epss 0.00

    Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 Release 1 allows local attackers to pair with specific bluetooth devices without user interaction.

  • CVE-2025-20939Apr 8, 2025
    risk 0.00cvss epss 0.00

    Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update device unique identifier of Watch devices.

  • CVE-2025-20951Apr 8, 2025
    risk 0.00cvss epss 0.00

    Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.90.7 allows local attackers to write arbitrary files with the privilege of Galaxy Store.

  • CVE-2025-20950Apr 8, 2025
    risk 0.00cvss epss 0.00

    Use of implicit intent for sensitive communication in SamsungNotes prior to version 4.4.26.45 allows local attackers to access sensitive information.

  • CVE-2025-20948Apr 8, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in enrollment with cdsp frame secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to read out-of-bounds memory.

  • CVE-2025-20947Apr 8, 2025
    risk 0.00cvss epss 0.00

    Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access image files across multiple users. User interaction is required for triggering this vulnerability.

  • CVE-2025-20945Apr 8, 2025
    risk 0.00cvss epss 0.00

    Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to access sensitive information of Galaxy watch.

  • CVE-2025-20944Apr 8, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in parsing audio data in libsavsac.so prior to SMR Apr-2025 Release 1 allows local attackers to read out-of-bounds memory.

  • CVE-2025-20943Apr 8, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds write in secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to cause memory corruption.

  • CVE-2025-20942Apr 8, 2025
    risk 0.00cvss epss 0.00

    Improper Verification of Intent by Broadcast Receiver in DeviceIdService prior to SMR Apr-2025 Release 1 allows local attackers to reset OAID.

  • CVE-2025-20941Apr 8, 2025
    risk 0.00cvss epss 0.00

    Improper access control in InputManager to SMR Apr-2025 Release 1 allows local attackers to access the scancode of specific input device.

  • CVE-2025-20938Apr 8, 2025
    risk 0.00cvss epss 0.00

    Improper access control in SamsungContacts prior to SMR Apr-2025 Release 1 allows local attackers to access protected data in SamsungContacts.

  • CVE-2025-20936Apr 8, 2025
    risk 0.00cvss epss 0.00

    Improper access control in HDCP trustlet prior to SMR Apr-2025 Release 1 allows local attackers with shell privilege to escalate their privileges to root.

  • CVE-2025-20934Apr 8, 2025
    risk 0.00cvss epss 0.00

    Improper access control in Sticker Center prior to SMR Apr-2025 Release 1 allows local attackers to access image files with system privilege.

  • CVE-2025-2233Mar 11, 2025
    risk 0.00cvss epss 0.01

    Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Samsung SmartThings. Authentication is not required to exploit…

  • CVE-2025-20933Mar 6, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory.

  • CVE-2025-20932Mar 6, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to혻read out-of-bounds memory.

  • CVE-2025-20931Mar 6, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code.

  • CVE-2025-20930Mar 6, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory.

  • CVE-2025-20929Mar 6, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code.

  • CVE-2025-20928Mar 6, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in parsing wbmp image in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory.

  • CVE-2025-20927Mar 6, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in parsing image data in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory.

  • CVE-2025-20926Mar 6, 2025
    risk 0.00cvss epss 0.00

    Improper export of Android application components in My Files prior to version 15.0.07.5 in Android 14 allows local attackers to access files with My Files' privilege.

  • CVE-2025-20925Mar 6, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in applying binary of text data in Samsung Notes prior to version 4.4.26.71 allows local attackers to potentially read memory.

  • CVE-2025-20924Mar 6, 2025
    risk 0.00cvss epss 0.00

    Improper access control in Samsung Notes prior to version 4.4.26.71 allows physical attackers to access data across multiple user profiles.

  • CVE-2025-20922Mar 6, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in appending text paragraph in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

  • CVE-2025-20921Mar 6, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

  • CVE-2025-20920Mar 6, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in action link data in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

  • CVE-2025-20919Mar 6, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

  • CVE-2025-20918Mar 6, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in applying extra data of base content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

  • CVE-2025-20917Mar 6, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in applying binary of pdf content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

  • CVE-2025-20916Mar 6, 2025
    risk 0.00cvss epss 0.00

    Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

Page 13 of 45