Filtered by vendor Samsung
Subscriptions
Filtered by product Mobile
Subscriptions
Total
36 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-21482 | 2 Google, Samsung | 4 Android, Camera, Mobile and 1 more | 2025-10-01 | 6.1 Medium |
| Missing authorization vulnerability in Camera prior to versions 11.1.02.18 in Android 11, 12.1.03.8 in Android 12 and 13.1.01.4 in Android 13 allows physical attackers to install package through Galaxy store before completion of Setup wizard. | ||||
| CVE-2025-21035 | 2 Google, Samsung | 5 Android, Calendar, Mobile and 2 more | 2025-09-29 | 4.6 Medium |
| Improper access control in Samsung Calendar prior to version 12.5.06.5 in Android 14 and 12.6.01.12 in Android 15 allows physical attackers to access data across multiple user profiles. | ||||
| CVE-2025-21056 | 1 Samsung | 2 Mobile, Samsung Mobile | 2025-09-26 | 6.6 Medium |
| Improper input validation in Retail Mode prior to version 5.59.4 allows self attackers to execute privileged commands on their own devices. | ||||
| CVE-2023-21468 | 1 Samsung | 3 Android, Mobile, Samsung Mobile | 2025-09-19 | 5.9 Medium |
| Improper access control vulnerability in Telephony prior to SMR Apr-2023 Release 1 allows attackers to access files with escalated permission. | ||||
| CVE-2023-21469 | 2 Google, Samsung | 4 Android, Android, Mobile and 1 more | 2025-09-19 | 4 Medium |
| Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.GEOFENCE action. | ||||
| CVE-2023-21474 | 2 Google, Samsung | 4 Android, Android, Mobile and 1 more | 2025-09-19 | 6.3 Medium |
| Intent redirection vulnerability in SecSettings prior to SMR Apr-2022 Release 1 allows attackers to access arbitrary file with system privilege. | ||||
| CVE-2023-21478 | 1 Samsung | 3 Android, Mobile, Samsung Mobile | 2025-09-19 | 6 Medium |
| Improper input validation vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data. | ||||
| CVE-2023-21480 | 1 Samsung | 4 Android, Mobile, Samsung and 1 more | 2025-09-19 | 8.5 High |
| Improper input validation vulnerability in CertByte prior to SMR Apr-2023 Release 1 allows local attackers to launch privileged activities. | ||||
| CVE-2025-21041 | 2 Google, Samsung | 4 Android, Android, Mobile and 1 more | 2025-09-19 | 6.2 Medium |
| Insecure Storage of Sensitive Information in Secure Folder prior to Android 16 allows local attackers to access sensitive information. | ||||
| CVE-2025-21034 | 1 Samsung | 4 Android, Mobile, Samsung and 1 more | 2025-09-11 | 4 Medium |
| Out-of-bounds write in libsavsvc.so prior to SMR Sep-2025 Release 1 allows local attackers to potentially execute arbitrary code. | ||||
| CVE-2025-21033 | 2 Google, Samsung | 4 Android, Android, Mobile and 1 more | 2025-09-11 | 4 Medium |
| Improper access control in ContactProvider prior to SMR Sep-2025 Release 1 allows local attackers to access sensitive information. | ||||
| CVE-2025-21032 | 1 Samsung | 4 Android, Mobile, One Ui and 1 more | 2025-09-11 | 5.9 Medium |
| Improper access control in One UI Home prior to SMR Sep-2025 Release 1 allows physical attackers to bypass Kiosk mode under limited conditions. | ||||
| CVE-2025-21029 | 2 Google, Samsung | 4 Android, Android, Mobile and 1 more | 2025-09-11 | 4 Medium |
| Improper handling of insufficient permission in System UI prior to SMR Sep-2025 Release 1 allows local attackers to send arbitrary replies to messages from the cover display. | ||||
| CVE-2025-21028 | 1 Samsung | 4 Android, Mobile, Samsung and 1 more | 2025-09-11 | 5.5 Medium |
| Improper privilege management in ThemeManager prior to SMR Sep-2025 Release 1 allows local privileged attackers to reuse trial items. | ||||
| CVE-2025-21026 | 2 Google, Samsung | 4 Android, Android, Mobile and 1 more | 2025-09-11 | 4 Medium |
| Improper handling of insufficient permission in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to interrupt the call. | ||||
| CVE-2025-21027 | 1 Samsung | 3 Android, Mobile, Samsung Mobile | 2025-09-11 | 5.1 Medium |
| Improper verification of intent by broadcast receiver in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to temporarily disable the SIM. | ||||
| CVE-2025-21025 | 2 Google, Samsung | 4 Android, Android, Mobile and 1 more | 2025-09-11 | 5.1 Medium |
| Improper access control in MARsExemptionManager prior to SMR Sep-2025 Release 1 allows local attackers to be excluded from background execution management. | ||||
| CVE-2023-21466 | 2 Google, Samsung | 4 Android, Android, Mobile and 1 more | 2025-09-08 | 5.3 Medium |
| PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023 Release 1 allows local attackers to access contentProvider without proper permission. | ||||
| CVE-2023-21467 | 1 Samsung | 3 Exynos, Mobile, Samsung Mobile | 2025-09-08 | 4.6 Medium |
| Error in 3GPP specification implementation in Exynos baseband prior to SMR Apr-2023 Release 1 allows incorrect handling of unencrypted message. | ||||
| CVE-2025-32100 | 1 Samsung | 42 Exynos, Exynos 1080, Exynos 1080 Firmware and 39 more | 2025-09-05 | 6.5 Medium |
| An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A programming mistake for buffer copy leads to out-of-bounds writes via malformed ROHC packets. | ||||