Filtered by vendor Samsung Mobile
Subscriptions
Total
77 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-21010 | 2 Samsung, Samsung Mobile | 3 Android, Mobile Devices, Samsung Mobile Devices | 2026-04-15 | 6.6 Medium |
| Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions. | ||||
| CVE-2025-21012 | 2 Samsung, Samsung Mobile | 2 Samsung Mobile Devices, Samsung Mobile Devices | 2026-04-15 | 5.5 Medium |
| Improper access control in fall detection for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to modify fall detection configuration. | ||||
| CVE-2025-21013 | 2 Samsung, Samsung Mobile | 3 Galaxy Watch, Samsung Mobile Devices, Samsung Mobile Devices | 2026-04-15 | 6.2 Medium |
| Improper access control in SemSensorManager for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to outdoor exercise and sleep time. | ||||
| CVE-2024-34681 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2026-04-15 | 6.6 Medium |
| Improper input validation in BluetoothAdapter prior to SMR Nov-2024 Release 1 allows local attackers to cause local permanent denial of service on Galaxy Watch. | ||||
| CVE-2024-49420 | 1 Samsung Mobile | 1 Gaming Hub | 2026-04-15 | 7.5 High |
| Improper handling of responses in GamingHub prior to version 6.1.04.6 in Korea, 7.1.03.7 in Global allows remote attackers to launch arbitrary activity. | ||||
| CVE-2025-21011 | 2 Samsung, Samsung Mobile | 3 Galaxy Watch, Samsung Mobile Devices, Samsung Mobile Devices | 2026-04-15 | 5.5 Medium |
| Improper access control in SemSensorService for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to motion and body sensors. | ||||
| CVE-2025-21016 | 2 Samsung, Samsung Mobile | 2 Samsung Mobile Devices, Samsung Mobile Devices | 2026-04-15 | 4.3 Medium |
| Improper access control in PkgPredictorService prior to SMR Aug-2025 Release 1 in Chinese Android 13, 14, 15 and 16 allows local attackers to use the privileged APIs. | ||||
| CVE-2025-20906 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2026-04-15 | 5.5 Medium |
| Improper Export of Android Application Components in Settings prior to SMR Feb-2025 Release 1 allows local attackers to enable ADB. | ||||
| CVE-2026-20988 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-03-23 | 5.0 Medium |
| Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability. | ||||
| CVE-2026-20989 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-03-23 | 2.4 Low |
| Improper verification of cryptographic signature in Font Settings prior to SMR Mar-2026 Release 1 allows physical attackers to use custom font. | ||||
| CVE-2026-20990 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-03-23 | 8.1 High |
| Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege. | ||||
| CVE-2026-20991 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-03-23 | 4.4 Medium |
| Improper privilege management in ThemeManager prior to SMR Mar-2026 Release 1 allows local privileged attackers to reuse trial contents. | ||||
| CVE-2026-20992 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-03-23 | 3.3 Low |
| Improper authorization in Settings prior to SMR Mar-2026 Release 1 allows local attacker to disable configuring the background data usage of application. | ||||
| CVE-2025-62815 | 2 Samsung, Samsung Mobile | 12 Exynos, Exynos 1380, Exynos 1380 Firmware and 9 more | 2026-03-04 | 5.5 Medium |
| An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of npu_proto_drv.ast.thread_ref in set_cpu_affinity() causes a denial of service. | ||||
| CVE-2025-20929 | 2 Samsung, Samsung Mobile | 2 Notes, Samsung Notes | 2026-02-26 | 7.3 High |
| Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code. | ||||
| CVE-2025-20931 | 2 Samsung, Samsung Mobile | 2 Notes, Samsung Notes | 2026-02-26 | 7.3 High |
| Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code. | ||||
| CVE-2025-20982 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-02-26 | 6.4 Medium |
| Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. | ||||
| CVE-2025-21015 | 2 Samsung, Samsung Mobile | 3 Android, Samsung Mobile Devices, Samsung Mobile Devices | 2026-02-24 | 4 Medium |
| Path Traversal in Document scanner prior to SMR Aug-2025 Release 1 allows local attackers to delete file with Document scanner's privilege. | ||||
| CVE-2025-21014 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-02-24 | 4.3 Medium |
| Improper export of android application component in Emergency SoS prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information. | ||||
| CVE-2025-20991 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-02-10 | 4 Medium |
| Improper export of Android application components in Bluetooth prior to SMR Jun-2025 Release 1 allows local attackers to make devices discoverable. | ||||