Vendor CVEs
Samsung Mobile
All CVEs
2,204 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-49495 | 0.00 | — | 0.00 | Jan 5, 2026 | An issue was discovered in the WiFi driver in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580. Mishandling of an NL80211 vendor command leads to a buffer overflow. | |||
| CVE-2025-27807 | 0.00 | — | 0.00 | Jan 5, 2026 | An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes… | |||
| CVE-2025-52517 | 0.00 | — | 0.00 | Jan 5, 2026 | An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. A race condition in the issimian device driver results in a double free, leading to a denial of service. | |||
| CVE-2025-52519 | 0.00 | — | 0.00 | Jan 5, 2026 | An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, and 2500. Improper validation of user-space input in the issimian device driver leads to information disclosure and a denial of service. | |||
| CVE-2025-52516 | 0.00 | — | 0.00 | Jan 5, 2026 | An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. An invalid kernel address dereference in the issimian device driver leads to a denial of service. | |||
| CVE-2025-52515 | 0.00 | — | 0.00 | Jan 5, 2026 | An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. A race condition in the issimian device driver results in an out-of-bounds access, leading to a denial of service. | |||
| CVE-2025-43706 | 0.00 | — | 0.00 | Jan 5, 2026 | An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2400, 1580, 9110, W920, W930, Modem 5123, and Modem 5400. Incorrect handling of RRC packets leads to a Denial of Service. | |||
| CVE-2025-53966 | 0.00 | — | 0.00 | Jan 5, 2026 | An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, and 1580. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow during handling of an IOCTL message. | |||
| CVE-2025-54326 | 0.00 | — | 0.00 | Dec 3, 2025 | An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service. | |||
| CVE-2025-53965 | 0.00 | — | 0.00 | Dec 3, 2025 | An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to decode the SOR transparent container… | |||
| CVE-2025-58487 | 0.00 | — | 0.00 | Dec 2, 2025 | Improper authorization in Samsung Account prior to version 15.5.01.1 allows local attacker to launch arbitrary activity with Samsung Account privilege. | |||
| CVE-2025-58486 | 0.00 | — | 0.00 | Dec 2, 2025 | Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script. | |||
| CVE-2025-58485 | 0.00 | — | 0.00 | Dec 2, 2025 | Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbitrary script. | |||
| CVE-2025-58483 | 0.00 | — | 0.00 | Dec 2, 2025 | Improper export of android application components in Galaxy Store for Galaxy Watch prior to version 1.0.06.29 allows local attacker to install arbitrary application on Galaxy Store. | |||
| CVE-2025-58480 | 0.00 | — | 0.00 | Dec 2, 2025 | Heap-based buffer overflow in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory. | |||
| CVE-2025-58479 | 0.00 | — | 0.00 | Dec 2, 2025 | Out-of-bounds read in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory. | |||
| CVE-2025-58478 | 0.00 | — | 0.00 | Dec 2, 2025 | Out-of-bounds write in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory. | |||
| CVE-2025-58477 | 0.00 | — | 0.00 | Dec 2, 2025 | Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory. | |||
| CVE-2025-58476 | 0.00 | — | 0.00 | Dec 2, 2025 | Out-of-bounds read vulnerability in bootloader prior to SMR Dec-2025 Release 1 allows physical attackers to access out-of-bounds memory. | |||
| CVE-2025-58475 | 0.00 | — | 0.00 | Dec 2, 2025 | Improper input validation in libsec-ril.so prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. | |||
| CVE-2025-21080 | 0.00 | — | 0.00 | Dec 2, 2025 | Improper export of android application components in Dynamic Lockscreen prior to SMR Dec-2025 Release 1 allows local attackers to access files with Dynamic Lockscreen's privilege. | |||
| CVE-2025-21072 | 0.00 | — | 0.00 | Dec 2, 2025 | Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. | |||
| CVE-2025-21079 | 0.00 | — | 0.00 | Nov 5, 2025 | Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability. | |||
| CVE-2025-21078 | 0.00 | — | 0.00 | Nov 5, 2025 | Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications. | |||
| CVE-2025-21077 | 0.00 | — | 0.00 | Nov 5, 2025 | Improper input validation in Samsung Email prior to version 6.2.06.0 allows local attackers to launch arbitrary activity with Samsung Email privilege. | |||
| CVE-2025-21076 | 0.00 | — | 0.00 | Nov 5, 2025 | Improper handling of insufficient permissions or privileges in Samsung Account prior to version 15.5.00.18 allows local attackers to access data in Samsung Account. User interaction is required for triggering this vulnerability. | |||
| CVE-2025-21075 | 0.00 | — | 0.00 | Nov 5, 2025 | Out-of-bounds write in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory. | |||
| CVE-2025-21074 | 0.00 | — | 0.00 | Nov 5, 2025 | Out-of-bounds read in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory. | |||
| CVE-2025-21073 | 0.00 | — | 0.00 | Nov 5, 2025 | Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privileged physical attackers to access user data. User interaction is required for triggering this vulnerability. | |||
| CVE-2025-21071 | 0.00 | — | 0.00 | Nov 5, 2025 | Out-of-bounds write in handling opcode in fingerprint trustlet prior to SMR Nov-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. | |||
| CVE-2025-54334 | 0.00 | — | 0.00 | Nov 4, 2025 | An issue was discovered in the NPU driver in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, 2500. There is a NULL Pointer Dereference of hdev in the __npu_vertex_bootup function. | |||
| CVE-2024-56426 | 0.00 | — | 0.00 | Nov 4, 2025 | An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000. The lack of a length check leads to out-of-bounds writes via malformed USB packets to the target. | |||
| CVE-2025-49494 | 0.00 | — | 0.00 | Nov 4, 2025 | An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 9110, Modem 5123. Mishandling of an 5G NRMM packet leads to a Denial of Service. | |||
| CVE-2025-54323 | 0.00 | — | 0.00 | Nov 4, 2025 | An issue was discovered in the camera in Samsung Mobile Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, and 1580. Improper debug printing leads to information leakage. | |||
| CVE-2025-52512 | 0.00 | — | 0.00 | Nov 4, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in out-of-bounds memory access, leading to a denial of service. | |||
| CVE-2025-54335 | 0.00 | — | 0.00 | Nov 4, 2025 | An issue was discovered in the GPU driver in Samsung Mobile Processor Exynos 1480, 2400, 1580, 2500. There is a use-after-free in the Xclipse GPU Driver. | |||
| CVE-2025-54327 | 0.00 | — | 0.00 | Nov 4, 2025 | An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1380, W920, W930, W1000. Improper input validation in the VTS driver leads to an arbitrary write. | |||
| CVE-2025-54330 | 0.00 | — | 0.00 | Nov 4, 2025 | An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Out-of-bounds Read of q->bufs[] in the __is_done_for_me function. | |||
| CVE-2025-54329 | 0.00 | — | 0.00 | Nov 4, 2025 | An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to send a multiple-payloads message… | |||
| CVE-2025-52910 | 0.00 | — | 0.00 | Nov 4, 2025 | An issue was discovered in the GPU in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1330, 1380, 1480, 2400. A Use-After-Free leads to privilege escalation. | |||
| CVE-2025-27374 | 0.00 | — | 0.00 | Nov 4, 2025 | An issue was discovered in the Secure Boot component in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850, 1080, 1280, 2200, 1330, 1380, 1480, 2400. The lack of a length check leads to out-of-bounds writes. | |||
| CVE-2025-54325 | 0.00 | — | 0.00 | Nov 4, 2025 | An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1080, 1280, 2200, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000. A race condition in the VTS driver results in an out-of-bounds read, leading to an information leak. | |||
| CVE-2025-54333 | 0.00 | — | 0.00 | Nov 4, 2025 | An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Invalid Pointer Dereference of node in the get_vs4l_profiler_node function. | |||
| CVE-2025-54332 | 0.00 | — | 0.00 | Nov 4, 2025 | An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is a NULL Pointer Dereference of profiler.node in the npu_vertex_profileoff function. | |||
| CVE-2025-54331 | 0.00 | — | 0.00 | Nov 4, 2025 | An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Untrusted Pointer Dereference of src_hdr in the copy_ncp_header function. | |||
| CVE-2025-52513 | 0.00 | — | 0.00 | Nov 4, 2025 | An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in an out-of-bounds write, leading to a denial of service. | |||
| CVE-2025-26781 | 0.00 | — | 0.01 | Oct 20, 2025 | An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service. | |||
| CVE-2024-55568 | 0.00 | — | 0.01 | Oct 20, 2025 | An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The absence of a NULL check leads to a Denial of Service when an… | |||
| CVE-2025-26782 | 0.00 | — | 0.01 | Oct 20, 2025 | An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service. | |||
| CVE-2025-48025 | 0.00 | — | 0.00 | Oct 20, 2025 | In Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000, there is an improper access control vulnerability related to a log file. |
- CVE-2025-49495Jan 5, 2026risk 0.00cvss —epss 0.00
An issue was discovered in the WiFi driver in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580. Mishandling of an NL80211 vendor command leads to a buffer overflow.
- CVE-2025-27807Jan 5, 2026risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes…
- CVE-2025-52517Jan 5, 2026risk 0.00cvss —epss 0.00
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. A race condition in the issimian device driver results in a double free, leading to a denial of service.
- CVE-2025-52519Jan 5, 2026risk 0.00cvss —epss 0.00
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, and 2500. Improper validation of user-space input in the issimian device driver leads to information disclosure and a denial of service.
- CVE-2025-52516Jan 5, 2026risk 0.00cvss —epss 0.00
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. An invalid kernel address dereference in the issimian device driver leads to a denial of service.
- CVE-2025-52515Jan 5, 2026risk 0.00cvss —epss 0.00
An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. A race condition in the issimian device driver results in an out-of-bounds access, leading to a denial of service.
- CVE-2025-43706Jan 5, 2026risk 0.00cvss —epss 0.00
An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2400, 1580, 9110, W920, W930, Modem 5123, and Modem 5400. Incorrect handling of RRC packets leads to a Denial of Service.
- CVE-2025-53966Jan 5, 2026risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, and 1580. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow during handling of an IOCTL message.
- CVE-2025-54326Dec 3, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service.
- CVE-2025-53965Dec 3, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to decode the SOR transparent container…
- CVE-2025-58487Dec 2, 2025risk 0.00cvss —epss 0.00
Improper authorization in Samsung Account prior to version 15.5.01.1 allows local attacker to launch arbitrary activity with Samsung Account privilege.
- CVE-2025-58486Dec 2, 2025risk 0.00cvss —epss 0.00
Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script.
- CVE-2025-58485Dec 2, 2025risk 0.00cvss —epss 0.00
Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbitrary script.
- CVE-2025-58483Dec 2, 2025risk 0.00cvss —epss 0.00
Improper export of android application components in Galaxy Store for Galaxy Watch prior to version 1.0.06.29 allows local attacker to install arbitrary application on Galaxy Store.
- CVE-2025-58480Dec 2, 2025risk 0.00cvss —epss 0.00
Heap-based buffer overflow in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
- CVE-2025-58479Dec 2, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
- CVE-2025-58478Dec 2, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
- CVE-2025-58477Dec 2, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory.
- CVE-2025-58476Dec 2, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read vulnerability in bootloader prior to SMR Dec-2025 Release 1 allows physical attackers to access out-of-bounds memory.
- CVE-2025-58475Dec 2, 2025risk 0.00cvss —epss 0.00
Improper input validation in libsec-ril.so prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
- CVE-2025-21080Dec 2, 2025risk 0.00cvss —epss 0.00
Improper export of android application components in Dynamic Lockscreen prior to SMR Dec-2025 Release 1 allows local attackers to access files with Dynamic Lockscreen's privilege.
- CVE-2025-21072Dec 2, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
- CVE-2025-21079Nov 5, 2025risk 0.00cvss —epss 0.00
Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability.
- CVE-2025-21078Nov 5, 2025risk 0.00cvss —epss 0.00
Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications.
- CVE-2025-21077Nov 5, 2025risk 0.00cvss —epss 0.00
Improper input validation in Samsung Email prior to version 6.2.06.0 allows local attackers to launch arbitrary activity with Samsung Email privilege.
- CVE-2025-21076Nov 5, 2025risk 0.00cvss —epss 0.00
Improper handling of insufficient permissions or privileges in Samsung Account prior to version 15.5.00.18 allows local attackers to access data in Samsung Account. User interaction is required for triggering this vulnerability.
- CVE-2025-21075Nov 5, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory.
- CVE-2025-21074Nov 5, 2025risk 0.00cvss —epss 0.00
Out-of-bounds read in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory.
- CVE-2025-21073Nov 5, 2025risk 0.00cvss —epss 0.00
Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privileged physical attackers to access user data. User interaction is required for triggering this vulnerability.
- CVE-2025-21071Nov 5, 2025risk 0.00cvss —epss 0.00
Out-of-bounds write in handling opcode in fingerprint trustlet prior to SMR Nov-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
- CVE-2025-54334Nov 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in the NPU driver in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, 2500. There is a NULL Pointer Dereference of hdev in the __npu_vertex_bootup function.
- CVE-2024-56426Nov 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000. The lack of a length check leads to out-of-bounds writes via malformed USB packets to the target.
- CVE-2025-49494Nov 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 9110, Modem 5123. Mishandling of an 5G NRMM packet leads to a Denial of Service.
- CVE-2025-54323Nov 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in the camera in Samsung Mobile Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, and 1580. Improper debug printing leads to information leakage.
- CVE-2025-52512Nov 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in out-of-bounds memory access, leading to a denial of service.
- CVE-2025-54335Nov 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in the GPU driver in Samsung Mobile Processor Exynos 1480, 2400, 1580, 2500. There is a use-after-free in the Xclipse GPU Driver.
- CVE-2025-54327Nov 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1380, W920, W930, W1000. Improper input validation in the VTS driver leads to an arbitrary write.
- CVE-2025-54330Nov 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Out-of-bounds Read of q->bufs[] in the __is_done_for_me function.
- CVE-2025-54329Nov 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to send a multiple-payloads message…
- CVE-2025-52910Nov 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in the GPU in Samsung Mobile Processor and Wearable Processor Exynos 1280, 2200, 1330, 1380, 1480, 2400. A Use-After-Free leads to privilege escalation.
- CVE-2025-27374Nov 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in the Secure Boot component in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850, 1080, 1280, 2200, 1330, 1380, 1480, 2400. The lack of a length check leads to out-of-bounds writes.
- CVE-2025-54325Nov 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in VTS in Samsung Mobile Processor and Wearable Processor Exynos 1080, 1280, 2200, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000. A race condition in the VTS driver results in an out-of-bounds read, leading to an information leak.
- CVE-2025-54333Nov 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Invalid Pointer Dereference of node in the get_vs4l_profiler_node function.
- CVE-2025-54332Nov 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is a NULL Pointer Dereference of profiler.node in the npu_vertex_profileoff function.
- CVE-2025-54331Nov 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Untrusted Pointer Dereference of src_hdr in the copy_ncp_header function.
- CVE-2025-52513Nov 4, 2025risk 0.00cvss —epss 0.00
An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in an out-of-bounds write, leading to a denial of service.
- CVE-2025-26781Oct 20, 2025risk 0.00cvss —epss 0.01
An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service.
- CVE-2024-55568Oct 20, 2025risk 0.00cvss —epss 0.01
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The absence of a NULL check leads to a Denial of Service when an…
- CVE-2025-26782Oct 20, 2025risk 0.00cvss —epss 0.01
An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service.
- CVE-2025-48025Oct 20, 2025risk 0.00cvss —epss 0.00
In Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000, there is an improper access control vulnerability related to a log file.
Page 9 of 45