Filtered by vendor Samsung
Subscribe
Search
Total
220 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25495 | 1 Samsung | 1 Notes | 2022-04-26 | 4.6 MEDIUM | 7.8 HIGH |
| A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution. | |||||
| CVE-2021-25492 | 1 Samsung | 1 Notes | 2022-04-26 | 3.6 LOW | 7.1 HIGH |
| Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read. | |||||
| CVE-2022-23428 | 2 Google, Samsung | 2 Android, Exynos | 2022-02-18 | 7.2 HIGH | 7.8 HIGH |
| An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2022-22286 | 2 Google, Samsung | 2 Android, Bixby Routines | 2022-01-19 | 3.6 LOW | 7.1 HIGH |
| A vulnerability using PendingIntent in Bixby Routines prior to version 3.1.21.8 in Android R(11.0) and 2.6.30.5 in Android Q(10.0) allows attackers to execute privileged action by hijacking and modifying the intent. | |||||
| CVE-2022-22285 | 2 Google, Samsung | 2 Android, Reminder | 2022-01-19 | 3.6 LOW | 7.1 HIGH |
| A vulnerability using PendingIntent in Reminder prior to version 12.2.05.0 in Android R(11.0) and 12.3.02.1000 in Android S(12.0) allows attackers to execute privileged action by hijacking and modifying the intent. | |||||
| CVE-2022-22288 | 1 Samsung | 1 Galaxy Store | 2022-01-19 | 5.0 MEDIUM | 7.5 HIGH |
| Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the allowlist. | |||||
| CVE-2022-22265 | 2 Google, Samsung | 2 Android, Exynos | 2022-01-14 | 4.6 MEDIUM | 7.8 HIGH |
| An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-42114 | 3 Micron, Samsung, Skhynix | 12 Ddr4 Sdram, Ddr4 Sdram Firmware, Lddr4 and 9 more | 2021-11-29 | 7.9 HIGH | 8.3 HIGH |
| Modern DRAM devices (PC-DDR4, LPDDR4X) are affected by a vulnerability in their internal Target Row Refresh (TRR) mitigation against Rowhammer attacks. Novel non-uniform Rowhammer access patterns, consisting of aggressors with different frequencies, phases, and amplitudes allow triggering bit flips on affected memory modules using our Blacksmith fuzzer. The patterns generated by Blacksmith were able to trigger bitflips on all 40 PC-DDR4 DRAM devices in our test pool, which cover the three major DRAM manufacturers: Samsung, SK Hynix, and Micron. This means that, even when chips advertised as Rowhammer-free are used, attackers may still be able to exploit Rowhammer. For example, this enables privilege-escalation attacks against the kernel or binaries such as the sudo binary, and also triggering bit flips in RSA-2048 keys (e.g., SSH keys) to gain cross-tenant virtual-machine access. We can confirm that DRAM devices acquired in July 2020 with DRAM chips from all three major DRAM vendors (Samsung, SK Hynix, Micron) are affected by this vulnerability. For more details, please refer to our publication. | |||||
| CVE-2021-25509 | 1 Samsung | 1 Samsung Flow | 2021-11-09 | 3.6 LOW | 7.1 HIGH |
| A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the Windows known folders. | |||||
| CVE-2021-25505 | 1 Samsung | 1 Samsung Pass | 2021-11-08 | 6.8 MEDIUM | 7.8 HIGH |
| Improper authentication in Samsung Pass prior to 3.0.02.4 allows to use app without authentication when lockscreen is unlocked. | |||||
| CVE-2021-25496 | 1 Samsung | 1 Notes | 2021-10-14 | 4.6 MEDIUM | 7.8 HIGH |
| A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | |||||
| CVE-2021-25497 | 1 Samsung | 1 Notes | 2021-10-14 | 4.6 MEDIUM | 7.8 HIGH |
| A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | |||||
| CVE-2021-25498 | 1 Samsung | 1 Notes | 2021-10-14 | 4.6 MEDIUM | 7.8 HIGH |
| A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution. | |||||
| CVE-2021-25494 | 1 Samsung | 1 Notes | 2021-10-14 | 4.6 MEDIUM | 7.8 HIGH |
| A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution. | |||||
| CVE-2021-25470 | 2 Google, Samsung | 2 Android, Exynos | 2021-10-13 | 3.6 LOW | 7.9 HIGH |
| An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE. | |||||
| CVE-2021-25471 | 2 Google, Samsung | 2 Android, Exynos | 2021-10-13 | 5.0 MEDIUM | 7.5 HIGH |
| A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion. | |||||
| CVE-2021-25479 | 2 Google, Samsung | 2 Android, Exynos | 2021-10-13 | 6.5 MEDIUM | 7.2 HIGH |
| A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25478 | 2 Google, Samsung | 2 Android, Exynos | 2021-10-13 | 6.5 MEDIUM | 7.2 HIGH |
| A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25487 | 2 Google, Samsung | 2 Android, Exynos | 2021-10-13 | 4.6 MEDIUM | 7.8 HIGH |
| Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer. | |||||
| CVE-2021-25493 | 1 Samsung | 1 Notes | 2021-10-13 | 3.6 LOW | 7.1 HIGH |
| Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read | |||||
| CVE-2021-25465 | 1 Samsung | 1 Themes | 2021-09-22 | 4.4 MEDIUM | 7.0 HIGH |
| An improper scheme check vulnerability in Samsung Themes prior to version 5.2.01 allows attackers to perform Man-in-the-middle attack. | |||||
| CVE-2021-25407 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2021-09-21 | 4.6 MEDIUM | 7.8 HIGH |
| A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write. | |||||
| CVE-2021-22684 | 1 Samsung | 1 Tizenrt | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
| Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functions_calloc and mm_zalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash | |||||
| CVE-2019-20564 | 1 Samsung | 2 Note9, S9 | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with any (before October 2019 for S9 or Note9) software. Attackers can manipulate the IMEI. The Samsung ID is SVE-2019-15435 (October 2019). | |||||
| CVE-2021-25399 | 1 Samsung | 1 Smart Manager | 2021-06-21 | 3.6 LOW | 7.1 HIGH |
| Improper configuration in Smart Manager prior to version 11.0.05.0 allows attacker to access the file with system privilege. | |||||
| CVE-2021-25424 | 1 Samsung | 18 Galaxy Watch, Galaxy Watch 3, Galaxy Watch 3 Firmware and 15 more | 2021-06-17 | 5.8 MEDIUM | 8.8 HIGH |
| Improper authentication vulnerability in Tizen bluetooth-frwk prior to Firmware update JUN-2021 Release allows bluetooth attacker to take over the user's bluetooth device without user awareness. | |||||
| CVE-2021-25418 | 1 Samsung | 1 Internet | 2021-06-16 | 4.4 MEDIUM | 7.8 HIGH |
| Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in specific condition. | |||||
| CVE-2021-25408 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2021-06-16 | 4.6 MEDIUM | 7.8 HIGH |
| A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-3438 | 2 Hp, Samsung | 382 Color Laser 150 4zb94a, Color Laser 150 4zb95a, Color Laser Mfp 170 4zb96a and 379 more | 2021-06-08 | 4.6 MEDIUM | 7.8 HIGH |
| A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege. | |||||
| CVE-2021-25380 | 1 Samsung | 1 Bixby | 2021-04-23 | 7.5 HIGH | 7.3 HIGH |
| Improper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker to execute the actions registered by the user. | |||||
| CVE-2021-25377 | 2 Google, Samsung | 2 Android, Experience Service | 2021-04-21 | 4.6 MEDIUM | 7.8 HIGH |
| Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action. | |||||
| CVE-2021-25373 | 2 Google, Samsung | 2 Android, Customization Service | 2021-04-21 | 4.6 MEDIUM | 7.8 HIGH |
| Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | |||||
| CVE-2021-25381 | 2 Google, Samsung | 2 Android, Account | 2021-04-19 | 4.6 MEDIUM | 7.8 HIGH |
| Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | |||||
| CVE-2021-25353 | 1 Samsung | 1 Galaxy Themes | 2021-04-01 | 3.6 LOW | 7.1 HIGH |
| Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of Galaxy Themes application without permission via hijacking the PendingIntent. | |||||
| CVE-2021-25349 | 2 Google, Samsung | 2 Android, Slow Motion Editor | 2021-04-01 | 4.6 MEDIUM | 7.8 HIGH |
| Using unsafe PendingIntent in Slow Motion Editor prior to version 3.5.18.5 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | |||||
| CVE-2021-25352 | 1 Samsung | 1 Bixby Voice | 2021-03-31 | 4.6 MEDIUM | 7.8 HIGH |
| Using PendingIntent with implicit intent in Bixby Voice prior to version 3.0.52.14 allows attackers to execute privileged action by hijacking and modifying the intent. | |||||
| CVE-2021-25355 | 1 Samsung | 1 Notes | 2021-03-30 | 4.6 MEDIUM | 7.8 HIGH |
| Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | |||||
| CVE-2021-25368 | 1 Samsung | 1 Cloud | 2021-03-30 | 5.0 MEDIUM | 7.5 HIGH |
| Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed. | |||||
| CVE-2020-35693 | 2 Google, Samsung | 8 Android, Galaxy A3, Galaxy Note 4 and 5 more | 2020-12-31 | 5.4 MEDIUM | 8.8 HIGH |
| On some Samsung phones and tablets running Android through 7.1.1, it is possible for an attacker-controlled Bluetooth Low Energy (BLE) device to pair silently with a vulnerable target device, without any user interaction, when the target device's Bluetooth is on, and it is running an app that offers a connectable BLE advertisement. An example of such an app could be a Bluetooth-based contact tracing app, such as Australia's COVIDSafe app, Singapore's TraceTogether app, or France's TousAntiCovid (formerly StopCovid). As part of the pairing process, two pieces (among others) of personally identifiable information are exchanged: the Identity Address of the Bluetooth adapter of the target device, and its associated Identity Resolving Key (IRK). Either one of these identifiers can be used to perform re-identification of the target device for long term tracking. The list of affected devices includes (but is not limited to): Galaxy Note 5, Galaxy S6 Edge, Galaxy A3, Tab A (2017), J2 Pro (2018), Galaxy Note 4, and Galaxy S5. | |||||
| CVE-2020-28341 | 2 Google, Samsung | 2 Android, Exynos 990 | 2020-11-10 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos990 chipsets) software. The S3K250AF Secure Element CC EAL 5+ chip allows attackers to execute arbitrary code and obtain sensitive information via a buffer overflow. The Samsung ID is SVE-2020-18632 (November 2020). | |||||
| CVE-2020-28343 | 2 Google, Samsung | 4 Android, Exynos 980, Exynos 9820 and 1 more | 2020-11-10 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. The NPU driver allows attackers to execute arbitrary code because of unintended write and read operations on memory. The Samsung ID is SVE-2020-18610 (November 2020). | |||||
| CVE-2019-19273 | 2 Google, Samsung | 5 Android, Exynos 8895, Galaxy Note8 and 2 more | 2020-11-10 | 7.2 HIGH | 7.8 HIGH |
| On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations. The Samsung ID is SVE-2019-16265. | |||||
| CVE-2020-7811 | 2 Microsoft, Samsung | 2 Windows, Update | 2020-10-19 | 4.6 MEDIUM | 7.8 HIGH |
| Samsung Update 3.0.2.0 ~ 3.0.32.0 has a vulnerability that allows privilege escalation as commands crafted by attacker are executed while the engine deserializes the data received during inter-process communication | |||||
| CVE-2019-6740 | 1 Samsung | 2 Galaxy S9, Galaxy S9 Firmware | 2020-10-06 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to January 2019 Security Update (SMR-JAN-2019 - SVE-2018-13467). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ASN.1 parser. When parsing ASN.1 strings, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7472. | |||||
| CVE-2020-25056 | 2 Google, Samsung | 2 Android, Galaxy S20 | 2020-09-03 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with Q(10.0) (Galaxy S20) software. Because HAL improperly checks versions, bootloading by the S.LSI NFC chipset is mishandled. The Samsung ID is SVE-2020-16169 (August 2020). | |||||
| CVE-2019-15454 | 1 Samsung | 2 Galaxy J4, Galaxy J4 Firmware | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| The Samsung J4 Android device with a build fingerprint of samsung/j4lteub/j4lte:8.0.0/R16NW/J400MUBU2ARL4:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app. | |||||
| CVE-2019-15463 | 1 Samsung | 2 Galaxy J7 Prime, Galaxy J7 Prime Firmware | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| The Samsung j7popeltemtr Android device with a build fingerprint of samsung/j7popeltemtr/j7popeltemtr:8.1.0/M1AJQ/J727T1UVS5BSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app. | |||||
| CVE-2019-15451 | 1 Samsung | 2 Galaxy J3, Galaxy J3 Firmware | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| The Samsung J3 Android device with a build fingerprint of samsung/j3y17ltedx/j3y17lte:8.0.0/R16NW/J330GDXS3BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=6010000, versionName=6.1.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app. | |||||
| CVE-2019-15465 | 1 Samsung | 2 Galaxy J7 Pro, Galaxy J7 Pro Firmware | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteubm/j7y17lte:8.1.0/M1AJQ/J730GMUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app. | |||||
| CVE-2019-15447 | 1 Samsung | 2 Galaxy S7 Edge, Galaxy S7 Edge Firmware | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| The Samsung S7 Edge Android device with a build fingerprint of samsung/hero2ltexx/hero2lte:8.0.0/R16NW/G935FXXS4ESC3:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app. | |||||