Filtered by vendor Samsung
Subscriptions
Total
1214 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-31953 | 2 Apple, Samsung | 2 Macos, Magician | 2025-06-03 | 6.7 Medium |
| An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it is possible to tamper with the directory and executable files used during the installation process, an attacker can escalate privileges through arbitrary code execution. (The attacker must already have user privileges, and an administrator password must be entered during the program installation stage for privilege escalation.) | ||||
| CVE-2024-53921 | 2 Microsoft, Samsung | 2 Windows, Magician | 2025-06-03 | 2.8 Low |
| An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process. | ||||
| CVE-2024-20805 | 1 Samsung | 2 Android, Myfiles | 2025-06-03 | 3.3 Low |
| Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file. | ||||
| CVE-2023-42561 | 1 Samsung | 1 Android | 2025-05-29 | 7.1 High |
| Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical attacker to execute arbitrary code. | ||||
| CVE-2025-4632 | 1 Samsung | 1 Magicinfo 9 Server | 2025-05-27 | 9.8 Critical |
| Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority. | ||||
| CVE-2023-45864 | 1 Samsung | 14 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 11 more | 2025-05-22 | 4 Medium |
| A race condition issue discovered in Samsung Mobile Processor Exynos 9820, 980, 1080, 2100, 2200, 1280, and 1380 allows unintended modifications of values within certain areas. | ||||
| CVE-2025-20955 | 1 Samsung | 1 Android | 2025-05-21 | 5.5 Medium |
| Improper Export of Android Application Components in NotificationHistoryImageProvider prior to SMR May-2025 Release 1 allows local attackers to access notification images. | ||||
| CVE-2025-20957 | 1 Samsung | 1 Android | 2025-05-21 | 7.3 High |
| Improper access control in SmartManagerCN prior to SMR May-2025 Release 1 allows local attackers to launch arbitrary activities with SmartManagerCN privilege. | ||||
| CVE-2025-20958 | 1 Samsung | 1 Android | 2025-05-21 | 4.4 Medium |
| Improper verification of intent by broadcast receiver in UnifiedWFC prior to SMR May-2025 Release 1 allows local attackers to manipulate VoWiFi related behaviors. | ||||
| CVE-2025-20959 | 1 Samsung | 1 Android | 2025-05-21 | 5.1 Medium |
| Use of implicit intent for sensitive communication in Wi-Fi P2P service prior to SMR May-2025 Release 1 allows local attackers to access sensitive information. | ||||
| CVE-2025-20960 | 1 Samsung | 1 Android | 2025-05-21 | 4 Medium |
| Improper handling of insufficient permission in CocktailBarService prior to SMR May-2025 Release 1 allows local attackers to use the privileged api. | ||||
| CVE-2025-20961 | 1 Samsung | 1 Android | 2025-05-21 | 5.5 Medium |
| Improper handling of insufficient permission or privileges in sepunion service prior to SMR May-2025 Release 1 allows local privileged attackers to access files with system privilege. | ||||
| CVE-2025-20962 | 1 Samsung | 1 Android | 2025-05-21 | 4 Medium |
| Improper handling of insufficient permission in SpenGesture service prior to SMR May-2025 Release 1 allows local attackers to track the S Pen position. | ||||
| CVE-2025-20963 | 1 Samsung | 1 Android | 2025-05-21 | 6.6 Medium |
| Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory. | ||||
| CVE-2025-20964 | 1 Samsung | 1 Android | 2025-05-21 | 6.6 Medium |
| Out-of-bounds write in parsing media files in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory. | ||||
| CVE-2022-39877 | 2 Google, Samsung | 2 Android, Group Sharing | 2025-05-20 | 4 Medium |
| Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device. | ||||
| CVE-2024-20813 | 1 Samsung | 1 Android | 2025-05-15 | 8.4 High |
| Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2024-20812 | 1 Samsung | 1 Android | 2025-05-15 | 8.4 High |
| Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2024-20825 | 1 Samsung | 1 Galaxy Store | 2025-05-15 | 5.5 Medium |
| Implicit intent hijacking vulnerability in IAP of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | ||||
| CVE-2024-23769 | 2 Microsoft, Samsung | 2 Windows, Magician | 2025-05-15 | 7.3 High |
| Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 (for Windows) allows a local attacker to read privileged data. | ||||