Samsung

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-25381 1Samsung 1Account Nov 21, 2024 Apr 9, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijac...Show more Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.Show less
CVE-2021-25380 1Samsung 1Bixby Nov 21, 2024 Apr 9, 2021 N/A· v4 7.3 HIGH· v3 7.5 HIGH· v2 Improper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker to execute the actions registered by the user.
CVE-2021-25379 1Samsung 1Gallery Nov 21, 2024 Apr 9, 2021 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 Intent redirection vulnerability in Gallery prior to version 5.4.16.1 allows attacker to execute privileged action.
CVE-2021-25378 1Samsung 1Smartthings Nov 21, 2024 Apr 9, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Improper access control of certain port in SmartThings prior to version 1.7.63.6 allows remote temporary denial of service.
CVE-2021-25377 1Samsung 1Experience Service Nov 21, 2024 Apr 9, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action.
CVE-2021-25376 1Samsung 1Email Nov 21, 2024 Apr 9, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLS negotiation is failed.
CVE-2021-25375 1Samsung 1Email Nov 21, 2024 Apr 9, 2021 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment.
CVE-2021-25374 1Samsung 1Members Nov 21, 2024 Apr 9, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access...Show more An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account.Show less
CVE-2021-25373 1Samsung 1Customization Service Nov 21, 2024 Apr 9, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform u...Show more Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.Show less
CVE-2021-25372 1Samsung 1Android Jan 14, 2026 Mar 26, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access.
CVE-2021-25371 1Samsung 1Android Oct 30, 2025 Mar 26, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.
CVE-2021-25370 1Samsung 1Android Jan 14, 2026 Mar 26, 2021 N/A· v4 4.4 MEDIUM· v3 4.9 MEDIUM· v2 An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic.
CVE-2021-25369 1Samsung 1Android Oct 30, 2025 Mar 26, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace.
CVE-2021-25368 1Samsung 1Cloud Nov 21, 2024 Mar 25, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed.
CVE-2021-25367 1Samsung 1Notes Nov 21, 2024 Mar 25, 2021 N/A· v4 5.4 MEDIUM· v3 5.5 MEDIUM· v2 Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission.
CVE-2021-25366 1Samsung 1Internet Nov 21, 2024 Mar 25, 2021 N/A· v4 2.9 LOW· v3 3.6 LOW· v2 Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication.
CVE-2021-25355 1Samsung 1Notes Nov 21, 2024 Mar 25, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent.
CVE-2021-25354 1Samsung 1Internet Nov 21, 2024 Mar 25, 2021 N/A· v4 5.3 MEDIUM· v3 6.8 MEDIUM· v2 Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink.
CVE-2021-25353 1Samsung 1Galaxy Themes Nov 21, 2024 Mar 25, 2021 N/A· v4 7.1 HIGH· v3 3.6 LOW· v2 Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of Galaxy Themes application without permission via hijacking the PendingIntent.
CVE-2021-25352 1Samsung 1Bixby Voice Nov 21, 2024 Mar 25, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Using PendingIntent with implicit intent in Bixby Voice prior to version 3.0.52.14 allows attackers to execute privileged action by hijacking and modifying the intent.

Previous 1...606162...76 Next