← Back

Samsung

samsung

1,508 CVEs • 2,866 products

Products (2,866)

Click to collapse
Toggle
Android
android
451 CVEs
Exynos 1380 Firmware
exynos_1380_firmware
125 CVEs
Exynos 1280 Firmware
exynos_1280_firmware
118 CVEs
Exynos 980 Firmware
exynos_980_firmware
114 CVEs
Exynos 1330 Firmware
exynos_1330_firmware
99 CVEs
Exynos 850 Firmware
exynos_850_firmware
97 CVEs
Exynos 1080 Firmware
exynos_1080_firmware
97 CVEs
Exynos 1480 Firmware
exynos_1480_firmware
90 CVEs
Exynos 2200 Firmware
exynos_2200_firmware
88 CVEs
Exynos W920 Firmware
exynos_w920_firmware
75 CVEs
Exynos 2400 Firmware
exynos_2400_firmware
72 CVEs
Exynos 2100 Firmware
exynos_2100_firmware
65 CVEs
Exynos W930 Firmware
exynos_w930_firmware
65 CVEs
Notes
notes
63 CVEs
Exynos Modem 5300 Firmware
exynos_modem_5300_firmware
51 CVEs
Exynos 990 Firmware
exynos_990_firmware
50 CVEs
Exynos Modem 5123 Firmware
exynos_modem_5123_firmware
49 CVEs
Exynos 9110 Firmware
exynos_9110_firmware
48 CVEs
Exynos W1000 Firmware
exynos_w1000_firmware
44 CVEs
Exynos 1580 Firmware
exynos_1580_firmware
42 CVEs
Sth Eth 250 Firmware
sth-eth-250_firmware
40 CVEs
X14j Firmware
x14j_firmware
36 CVEs
Galaxy Store
galaxy_store
31 CVEs
Exynos 9820 Firmware
exynos_9820_firmware
29 CVEs
Samsung Mobile
samsung_mobile
28 CVEs
Internet
internet
28 CVEs
Account
account
28 CVEs
Magicinfo 9 Server
magicinfo_9_server
23 CVEs
Exynos Auto T5123 Firmware
exynos_auto_t5123_firmware
21 CVEs
Exynos 9825 Firmware
exynos_9825_firmware
21 CVEs
Exynos 2500 Firmware
exynos_2500_firmware
21 CVEs
Escargot
escargot
20 CVEs
Wear Os
wear_os
19 CVEs
Smartthings
smartthings
17 CVEs
Exynos Modem 5400 Firmware
exynos_modem_5400_firmware
15 CVEs
Galaxy S6 Firmware
galaxy_s6_firmware
13 CVEs
Members
members
13 CVEs
Mtower
mtower
13 CVEs
Smart Switch
smart_switch
13 CVEs
Kies
kies
11 CVEs
Health
health
11 CVEs
Exynos 5300 Firmware
exynos_5300_firmware
11 CVEs
Exynos 5123 Firmware
exynos_5123_firmware
11 CVEs
Pass
pass
10 CVEs
Email
email
9 CVEs
Modem 5400 Firmware
modem_5400_firmware
9 CVEs
Modem 5123 Firmware
modem_5123_firmware
9 CVEs
Galaxy S4 Firmware
galaxy_s4_firmware
8 CVEs
Magician
magician
8 CVEs
Syncthru Web Service
syncthru_web_service
8 CVEs
Cloud
cloud
8 CVEs
Gallery
gallery
8 CVEs
Blockchain Keystore
blockchain_keystore
8 CVEs
One
one
8 CVEs
Series 5 Chromebook
series_5_chromebook
7 CVEs
Galaxy Watch Plugin
galaxy_watch_plugin
6 CVEs
Camera
camera
6 CVEs
Flow
flow
6 CVEs
Samsung Blockchain Keystore
samsung_blockchain_keystore
6 CVEs
Data Management Server Firmware
data_management_server_firmware
6 CVEs
Galaxy Note 3 Firmware
galaxy_note_3_firmware
5 CVEs
Samsung Email
samsung_email
5 CVEs
Gear 2 Firmware
gear_2_firmware
5 CVEs
Gear S Firmware
gear_s_firmware
5 CVEs
Gear S2 Firmware
gear_s2_firmware
5 CVEs
Gear S3 Firmware
gear_s3_firmware
5 CVEs
Tizenrt
tizenrt
5 CVEs
Group Sharing
group_sharing
5 CVEs
Samsung Pass
samsung_pass
5 CVEs
Smart Switch Pc
smart_switch_pc
5 CVEs
Find My Mobile
find_my_mobile
5 CVEs
Quick Share
quick_share
5 CVEs
Calendar
calendar
5 CVEs
Modem 5300 Firmware
modem_5300_firmware
5 CVEs
Net I Viewer
net-i_viewer
4 CVEs
Smartviewer
smartviewer
4 CVEs
Knox
knox
4 CVEs
Galaxy S6 Edge Firmware
galaxy_s6_edge_firmware
4 CVEs
Galaxy Apps
galaxy_apps
4 CVEs
X7400gx Firmware
x7400gx_firmware
4 CVEs
Galaxy S3 Firmware
galaxy_s3_firmware
4 CVEs
Galaxy J7 Neo Firmware
galaxy_j7_neo_firmware
4 CVEs
Galaxy Gear Firmware
galaxy_gear_firmware
4 CVEs
Gear Live Firmware
gear_live_firmware
4 CVEs
Gear Sport Firmware
gear_sport_firmware
4 CVEs
Gear Fit Firmware
gear_fit_firmware
4 CVEs
Gear Fit 2 Firmware
gear_fit_2_firmware
4 CVEs
Gear Fit 2 Pro Firmware
gear_fit_2_pro_firmware
4 CVEs
Exynos
exynos
4 CVEs
Samsung Flow
samsung_flow
4 CVEs
Samsung Pay
samsung_pay
4 CVEs
Exynos Firmware
exynos_firmware
4 CVEs
Myfiles
myfiles
4 CVEs
Exynos 9810 Firmware
exynos_9810_firmware
4 CVEs
Exynos 9610 Firmware
exynos_9610_firmware
4 CVEs
Sassistant
sassistant
4 CVEs
Voice Recorder
voice_recorder
4 CVEs
Assistant
assistant
4 CVEs
Rlottie
rlottie
4 CVEs
Smart Viewer
smart_viewer
3 CVEs

CVEs (1,508)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-25522
1Samsung
1Smart Capture
Nov 21, 2024
Dec 8, 2021
N/A· v4
3.3 LOW· v3
2.1 LOW· v2
Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02.10 allows attacker to access victim's captured images without permission.
CVE-2021-25521
1Samsung
1Internet
Nov 21, 2024
Dec 8, 2021
N/A· v4
3.3 LOW· v3
2.1 LOW· v2
Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in Samsung Internet.
CVE-2021-25520
1Samsung
1Internet
Nov 21, 2024
Dec 8, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to execute script codes in Samsung Internet.
CVE-2021-42114
3Micron
SamsungSkhynix
6Ddr4 Sdram Firmware
Ddr4 Sdram FirmwareDdr4 Sdram Firmware+3 more
Nov 21, 2024
Nov 16, 2021
N/A· v4
8.3 HIGH· v3
7.9 HIGH· v2
Modern DRAM devices (PC-DDR4, LPDDR4X) are affected by a vulnerability in their internal Target Row Refresh (TRR) mitigation against Rowhammer attacks. Novel non-uniform Rowhammer access patterns, consisting of aggressor...Show more
Modern DRAM devices (PC-DDR4, LPDDR4X) are affected by a vulnerability in their internal Target Row Refresh (TRR) mitigation against Rowhammer attacks. Novel non-uniform Rowhammer access patterns, consisting of aggressors with different frequencies, phases, and amplitudes allow triggering bit flips on affected memory modules using our Blacksmith fuzzer. The patterns generated by Blacksmith were able to trigger bitflips on all 40 PC-DDR4 DRAM devices in our test pool, which cover the three major DRAM manufacturers: Samsung, SK Hynix, and Micron. This means that, even when chips advertised as Rowhammer-free are used, attackers may still be able to exploit Rowhammer. For example, this enables privilege-escalation attacks against the kernel or binaries such as the sudo binary, and also triggering bit flips in RSA-2048 keys (e.g., SSH keys) to gain cross-tenant virtual-machine access. We can confirm that DRAM devices acquired in July 2020 with DRAM chips from all three major DRAM vendors (Samsung, SK Hynix, Micron) are affected by this vulnerability. For more details, please refer to our publication.Show less
CVE-2021-25509
1Samsung
1Samsung Flow
Nov 21, 2024
Nov 5, 2021
N/A· v4
7.1 HIGH· v3
3.6 LOW· v2
A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the Windows known folders.
CVE-2021-25508
1Samsung
1Smartthings
Nov 21, 2024
Nov 5, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Improper privilege management vulnerability in API Key used in SmartThings prior to 1.7.73.22 allows an attacker to abuse the API key without limitation.
CVE-2021-25507
1Samsung
1Samsung Flow
Nov 21, 2024
Nov 5, 2021
N/A· v4
5.7 MEDIUM· v3
2.7 LOW· v2
Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Samsung Flow PC application connected with user device to access part of notification data in Secure Folder without authori...Show more
Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Samsung Flow PC application connected with user device to access part of notification data in Secure Folder without authorization.Show less
CVE-2021-25506
1Samsung
1Health
Nov 21, 2024
Nov 5, 2021
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
Non-existent provider in Samsung Health prior to 6.19.1.0001 allows attacker to access it via malicious content provider or lead to denial of service.
CVE-2021-25505
1Samsung
1Samsung Pass
Nov 21, 2024
Nov 5, 2021
N/A· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
Improper authentication in Samsung Pass prior to 3.0.02.4 allows to use app without authentication when lockscreen is unlocked.
CVE-2021-25504
1Samsung
1Group Sharing
Nov 21, 2024
Nov 5, 2021
N/A· v4
4.0 MEDIUM· v3
2.1 LOW· v2
Intent redirection vulnerability in Group Sharing prior to 10.8.03.2 allows attacker to access contact information.
CVE-2021-25499
1Samsung
1Galaxy Store
Nov 21, 2024
Oct 6, 2021
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy Store.
CVE-2021-25498
1Samsung
1Notes
Nov 21, 2024
Oct 6, 2021
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.
CVE-2021-25497
1Samsung
1Notes
Nov 21, 2024
Oct 6, 2021
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.
CVE-2021-25496
1Samsung
1Notes
Nov 21, 2024
Oct 6, 2021
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.
CVE-2021-25495
1Samsung
1Notes
Nov 21, 2024
Oct 6, 2021
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.
CVE-2021-25494
1Samsung
1Notes
Nov 21, 2024
Oct 6, 2021
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.
CVE-2021-25493
1Samsung
1Notes
Nov 21, 2024
Oct 6, 2021
N/A· v4
7.1 HIGH· v3
3.6 LOW· v2
Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read
CVE-2021-25492
1Samsung
1Notes
Nov 21, 2024
Oct 6, 2021
N/A· v4
7.1 HIGH· v3
3.6 LOW· v2
Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read.
CVE-2021-25489
1Samsung
1Android
Oct 30, 2025
Oct 6, 2021
N/A· v4
5.5 MEDIUM· v3
4.9 MEDIUM· v2
Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.
CVE-2021-25487
1Samsung
1Android
Oct 30, 2025
Oct 6, 2021
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.