Filtered by vendor Samsung
Subscriptions
Total
1534 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-20947 | 1 Samsung | 1 Android | 2026-02-05 | 5.5 Medium |
| Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access image files across multiple users. User interaction is required for triggering this vulnerability. | ||||
| CVE-2025-20948 | 1 Samsung | 1 Android | 2026-02-05 | 5.5 Medium |
| Out-of-bounds read in enrollment with cdsp frame secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to read out-of-bounds memory. | ||||
| CVE-2025-20938 | 1 Samsung | 1 Android | 2026-02-05 | 5.5 Medium |
| Improper access control in SamsungContacts prior to SMR Apr-2025 Release 1 allows local attackers to access protected data in SamsungContacts. | ||||
| CVE-2026-20983 | 1 Samsung | 1 Mobile Devices | 2026-02-05 | N/A |
| Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege. | ||||
| CVE-2026-20984 | 2 Samsung, Samsung Mobile | 2 Galaxy Wearable, Galaxy Wearable | 2026-02-04 | N/A |
| Improper handling of insufficient permission in Galaxy Wearable installed on non-Samsung Device prior to version 2.2.68 allows local attackers to access sensitive information. | ||||
| CVE-2026-20986 | 1 Samsung | 1 Samsung Members | 2026-02-04 | N/A |
| Path traversal in Samsung Members prior to Chinese version 15.5.05.4 allows local attackers to overwrite data within Samsung Members. | ||||
| CVE-2026-20985 | 1 Samsung | 1 Samsung Members | 2026-02-04 | N/A |
| Improper input validation in Samsung Members prior to version 5.6.00.11 allows remote attackers to connect arbitrary URL and launch arbitrary activity with Samsung Members privilege. User interaction is required for triggering this vulnerability. | ||||
| CVE-2026-20977 | 1 Samsung | 1 Mobile Devices | 2026-02-04 | N/A |
| Improper access control in Emergency Sharing prior to SMR Feb-2026 Release 1 allows local attackers to interrupt its functioning. | ||||
| CVE-2025-20952 | 1 Samsung | 1 Android | 2026-02-02 | 5.5 Medium |
| Improper access control in Mdecservice prior to SMR Apr-2025 Release 1 allows local attackers to access arbitrary files with system privilege. | ||||
| CVE-2026-20973 | 1 Samsung | 2 Android, Mobile Devices | 2026-02-02 | 5.3 Medium |
| Out-of-bounds read in libimagecodec.quram.so prior to SMR Jan-2026 Release 1 allows remote attacker to access out-of-bounds memory. | ||||
| CVE-2025-20984 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-02-02 | 6.8 Medium |
| Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access data in Samsung Cloud for Galaxy Watch. | ||||
| CVE-2025-20986 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-02-02 | 5.5 Medium |
| Improper access control in ScreenCapture for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to take screenshots. | ||||
| CVE-2025-20911 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-02-02 | 4.4 Medium |
| Improper access control in sem_wifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of Galaxy Watch. | ||||
| CVE-2024-49422 | 1 Samsung | 1 Android | 2026-02-02 | 5.2 Medium |
| Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability. | ||||
| CVE-2025-20966 | 1 Samsung | 2 Android, Gallery | 2026-01-30 | 4.6 Medium |
| Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows physical attackers to access data across multiple user profiles. | ||||
| CVE-2025-20967 | 1 Samsung | 2 Android, Gallery | 2026-01-30 | 5.1 Medium |
| Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows attackers to read and write arbitrary file with the privilege of Samsung Gallery. | ||||
| CVE-2025-20968 | 1 Samsung | 2 Android, Gallery | 2026-01-30 | 7.2 High |
| Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows remote attackers to access data and perform internal operations within Samsung Gallery. | ||||
| CVE-2025-20969 | 1 Samsung | 2 Android, Gallery | 2026-01-30 | 5.5 Medium |
| Improper input validation in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows local attackers to access data within Samsung Gallery. | ||||
| CVE-2025-52519 | 1 Samsung | 16 Exynos, Exynos 1330, Exynos 1330 Firmware and 13 more | 2026-01-30 | 7.1 High |
| An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, and 2500. Improper validation of user-space input in the issimian device driver leads to information disclosure and a denial of service. | ||||
| CVE-2025-57836 | 2 Microsoft, Samsung | 2 Windows, Magician | 2026-01-30 | 7.8 High |
| An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a temporary folder with weak permissions during installation, allowing a non-admin user to perform DLL hijacking and escalate privileges. | ||||