← Back

Samsung

samsung

1,508 CVEs • 2,866 products

Products (2,866)

Click to collapse
Toggle
Android
android
451 CVEs
Exynos 1380 Firmware
exynos_1380_firmware
125 CVEs
Exynos 1280 Firmware
exynos_1280_firmware
118 CVEs
Exynos 980 Firmware
exynos_980_firmware
114 CVEs
Exynos 1330 Firmware
exynos_1330_firmware
99 CVEs
Exynos 850 Firmware
exynos_850_firmware
97 CVEs
Exynos 1080 Firmware
exynos_1080_firmware
97 CVEs
Exynos 1480 Firmware
exynos_1480_firmware
90 CVEs
Exynos 2200 Firmware
exynos_2200_firmware
88 CVEs
Exynos W920 Firmware
exynos_w920_firmware
75 CVEs
Exynos 2400 Firmware
exynos_2400_firmware
72 CVEs
Exynos 2100 Firmware
exynos_2100_firmware
65 CVEs
Exynos W930 Firmware
exynos_w930_firmware
65 CVEs
Notes
notes
63 CVEs
Exynos Modem 5300 Firmware
exynos_modem_5300_firmware
51 CVEs
Exynos 990 Firmware
exynos_990_firmware
50 CVEs
Exynos Modem 5123 Firmware
exynos_modem_5123_firmware
49 CVEs
Exynos 9110 Firmware
exynos_9110_firmware
48 CVEs
Exynos W1000 Firmware
exynos_w1000_firmware
44 CVEs
Exynos 1580 Firmware
exynos_1580_firmware
42 CVEs
Sth Eth 250 Firmware
sth-eth-250_firmware
40 CVEs
X14j Firmware
x14j_firmware
36 CVEs
Galaxy Store
galaxy_store
31 CVEs
Exynos 9820 Firmware
exynos_9820_firmware
29 CVEs
Samsung Mobile
samsung_mobile
28 CVEs
Internet
internet
28 CVEs
Account
account
28 CVEs
Magicinfo 9 Server
magicinfo_9_server
23 CVEs
Exynos Auto T5123 Firmware
exynos_auto_t5123_firmware
21 CVEs
Exynos 9825 Firmware
exynos_9825_firmware
21 CVEs
Exynos 2500 Firmware
exynos_2500_firmware
21 CVEs
Escargot
escargot
20 CVEs
Wear Os
wear_os
19 CVEs
Smartthings
smartthings
17 CVEs
Exynos Modem 5400 Firmware
exynos_modem_5400_firmware
15 CVEs
Galaxy S6 Firmware
galaxy_s6_firmware
13 CVEs
Members
members
13 CVEs
Mtower
mtower
13 CVEs
Smart Switch
smart_switch
13 CVEs
Kies
kies
11 CVEs
Health
health
11 CVEs
Exynos 5300 Firmware
exynos_5300_firmware
11 CVEs
Exynos 5123 Firmware
exynos_5123_firmware
11 CVEs
Pass
pass
10 CVEs
Email
email
9 CVEs
Modem 5400 Firmware
modem_5400_firmware
9 CVEs
Modem 5123 Firmware
modem_5123_firmware
9 CVEs
Galaxy S4 Firmware
galaxy_s4_firmware
8 CVEs
Magician
magician
8 CVEs
Syncthru Web Service
syncthru_web_service
8 CVEs
Cloud
cloud
8 CVEs
Gallery
gallery
8 CVEs
Blockchain Keystore
blockchain_keystore
8 CVEs
One
one
8 CVEs
Series 5 Chromebook
series_5_chromebook
7 CVEs
Galaxy Watch Plugin
galaxy_watch_plugin
6 CVEs
Camera
camera
6 CVEs
Flow
flow
6 CVEs
Samsung Blockchain Keystore
samsung_blockchain_keystore
6 CVEs
Data Management Server Firmware
data_management_server_firmware
6 CVEs
Galaxy Note 3 Firmware
galaxy_note_3_firmware
5 CVEs
Samsung Email
samsung_email
5 CVEs
Gear 2 Firmware
gear_2_firmware
5 CVEs
Gear S Firmware
gear_s_firmware
5 CVEs
Gear S2 Firmware
gear_s2_firmware
5 CVEs
Gear S3 Firmware
gear_s3_firmware
5 CVEs
Tizenrt
tizenrt
5 CVEs
Group Sharing
group_sharing
5 CVEs
Samsung Pass
samsung_pass
5 CVEs
Smart Switch Pc
smart_switch_pc
5 CVEs
Find My Mobile
find_my_mobile
5 CVEs
Quick Share
quick_share
5 CVEs
Calendar
calendar
5 CVEs
Modem 5300 Firmware
modem_5300_firmware
5 CVEs
Net I Viewer
net-i_viewer
4 CVEs
Smartviewer
smartviewer
4 CVEs
Knox
knox
4 CVEs
Galaxy S6 Edge Firmware
galaxy_s6_edge_firmware
4 CVEs
Galaxy Apps
galaxy_apps
4 CVEs
X7400gx Firmware
x7400gx_firmware
4 CVEs
Galaxy S3 Firmware
galaxy_s3_firmware
4 CVEs
Galaxy J7 Neo Firmware
galaxy_j7_neo_firmware
4 CVEs
Galaxy Gear Firmware
galaxy_gear_firmware
4 CVEs
Gear Live Firmware
gear_live_firmware
4 CVEs
Gear Sport Firmware
gear_sport_firmware
4 CVEs
Gear Fit Firmware
gear_fit_firmware
4 CVEs
Gear Fit 2 Firmware
gear_fit_2_firmware
4 CVEs
Gear Fit 2 Pro Firmware
gear_fit_2_pro_firmware
4 CVEs
Exynos
exynos
4 CVEs
Samsung Flow
samsung_flow
4 CVEs
Samsung Pay
samsung_pay
4 CVEs
Exynos Firmware
exynos_firmware
4 CVEs
Myfiles
myfiles
4 CVEs
Exynos 9810 Firmware
exynos_9810_firmware
4 CVEs
Exynos 9610 Firmware
exynos_9610_firmware
4 CVEs
Sassistant
sassistant
4 CVEs
Voice Recorder
voice_recorder
4 CVEs
Assistant
assistant
4 CVEs
Rlottie
rlottie
4 CVEs
Smart Viewer
smart_viewer
3 CVEs

CVEs (1,508)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2015-7890
1Samsung
1Galaxy S6 Edge Firmware
Nov 21, 2024
Feb 12, 2020
N/A· v4
5.5 MEDIUM· v3
4.9 MEDIUM· v2
Multiple buffer overflows in the esa_write function in /dev/seirenin the Exynos Seiren Audio driver, as used in Samsung S6 Edge, allow local users to cause a denial of service (memory corruption) via a large (1) buffer o...Show more
Multiple buffer overflows in the esa_write function in /dev/seirenin the Exynos Seiren Audio driver, as used in Samsung S6 Edge, allow local users to cause a denial of service (memory corruption) via a large (1) buffer or (2) size parameter.Show less
CVE-2019-6744
1Samsung
1Knox
Nov 21, 2024
Feb 10, 2020
N/A· v4
4.3 MEDIUM· v3
2.1 LOW· v2
This vulnerability allows local attackers to disclose sensitive information on affected installations of Samsung Knox 1.2.02.39 on Samsung Galaxy S9 build G9600ZHS3ARL1 Secure Folder. An attacker must first obtain physic...Show more
This vulnerability allows local attackers to disclose sensitive information on affected installations of Samsung Knox 1.2.02.39 on Samsung Galaxy S9 build G9600ZHS3ARL1 Secure Folder. An attacker must first obtain physical access to the device in order to exploit this vulnerability. The specific flaws exists within the the handling of the lock screen for Secure Folder. The issue results from the lack of proper validation that a user has correctly authenticated. An attacker can leverage this vulnerability to disclose the contents of the secure container. Was ZDI-CAN-7381.Show less
CVE-2019-20451
1Samsung
2Prismview Player 11
Prismview System 9
Nov 21, 2024
Feb 10, 2020
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code execution by uploading RebootSystem.lnk and requesting /REBOOTSYSTEM or /RESTARTVNC. (Authentication is required but an...Show more
The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code execution by uploading RebootSystem.lnk and requesting /REBOOTSYSTEM or /RESTARTVNC. (Authentication is required but an XML file containing credentials can be downloaded.)Show less
CVE-2019-19273
2Google
Samsung
2Android
Exynos 8895
Nov 21, 2024
Feb 4, 2020
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations. The Samsung ID is SVE-2019-16265.
CVE-2018-16272
1Samsung
10Galaxy Gear Firmware
Gear 2 FirmwareGear Fit 2 Firmware+7 more
Nov 21, 2024
Jan 22, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The wpa_supplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations. This affects Tizen-based f...Show more
The wpa_supplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.Show less
CVE-2018-16271
1Samsung
10Galaxy Gear Firmware
Gear 2 FirmwareGear Fit 2 Firmware+7 more
Nov 21, 2024
Jan 22, 2020
N/A· v4
6.5 MEDIUM· v3
3.3 LOW· v2
The wemail_consumer_service (from the built-in application wemail) in Samsung Galaxy Gear series allows an unprivileged process to manipulate a user's mailbox, due to improper D-Bus security policy configurations. An arb...Show more
The wemail_consumer_service (from the built-in application wemail) in Samsung Galaxy Gear series allows an unprivileged process to manipulate a user's mailbox, due to improper D-Bus security policy configurations. An arbitrary email can also be sent from the mailbox via the paired smartphone. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.Show less
CVE-2018-16270
1Samsung
10Galaxy Gear Firmware
Gear 2 FirmwareGear Fit 2 Firmware+7 more
Nov 21, 2024
Jan 22, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction. This allows an unprivileged process to dump Bluetooth HCI packets to an arbitrary file path.
CVE-2018-16269
1Samsung
10Galaxy Gear Firmware
Gear 2 FirmwareGear Fit 2 Firmware+7 more
Nov 21, 2024
Jan 22, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
The wnoti system service in Samsung Galaxy Gear series allows an unprivileged process to take over the internal notification message data, due to improper D-Bus security policy configurations. This affects Tizen-based fi...Show more
The wnoti system service in Samsung Galaxy Gear series allows an unprivileged process to take over the internal notification message data, due to improper D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2.Show less
CVE-2012-3810
1Samsung
1Kies
Nov 21, 2024
Jan 9, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Samsung Kies before 2.5.0.12094_27_11 has registry modification.
CVE-2012-3809
1Samsung
1Kies
Nov 21, 2024
Jan 9, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Samsung Kies before 2.5.0.12094_27_11 has arbitrary directory modification.
CVE-2012-3808
1Samsung
1Kies
Nov 21, 2024
Jan 9, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Samsung Kies before 2.5.0.12094_27_11 has arbitrary file modification.
CVE-2012-3807
1Samsung
1Kies
Nov 21, 2024
Jan 9, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution.
CVE-2012-3806
1Samsung
1Kies
Nov 21, 2024
Jan 9, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Samsung Kies before 2.5.0.12094_27_11 contains a NULL pointer dereference vulnerability which could allow remote attackers to perform a denial of service.
CVE-2013-4764
1Samsung
2Galaxy S3 Firmware
Galaxy S4 Firmware
Nov 21, 2024
Dec 27, 2019
N/A· v4
4.3 MEDIUM· v3
2.1 LOW· v2
Samsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send arbitrary SMS texts to arbitrary destinations without permission.
CVE-2013-4763
1Samsung
2Galaxy S3 Firmware
Galaxy S4 Firmware
Nov 21, 2024
Dec 27, 2019
N/A· v4
4.6 MEDIUM· v3
2.1 LOW· v2
Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages without requesting permission.
CVE-2015-7892
1Samsung
1M2m1shot Driver
Nov 21, 2024
Dec 9, 2019
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
Stack-based buffer overflow in the m2m1shot_compat_ioctl32 function in the Samsung m2m1shot driver framework, as used in Samsung S6 Edge, allows local users to have unspecified impact via a large data.buf_out.num_planes...Show more
Stack-based buffer overflow in the m2m1shot_compat_ioctl32 function in the Samsung m2m1shot driver framework, as used in Samsung S6 Edge, allows local users to have unspecified impact via a large data.buf_out.num_planes value in an ioctl call.Show less
CVE-2019-15465
1Samsung
1Galaxy J7 Pro Firmware
Nov 21, 2024
Nov 14, 2019
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteubm/j7y17lte:8.1.0/M1AJQ/J730GMUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter...Show more
The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteubm/j7y17lte:8.1.0/M1AJQ/J730GMUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.Show less
CVE-2019-15464
1Samsung
1Galaxy J7 Pro Firmware
Nov 21, 2024
Nov 14, 2019
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteub/j7y17lte:8.1.0/M1AJQ/J730GUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter ap...Show more
The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteub/j7y17lte:8.1.0/M1AJQ/J730GUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.Show less
CVE-2019-15463
1Samsung
1Galaxy J7 Prime Firmware
Nov 21, 2024
Nov 14, 2019
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
The Samsung j7popeltemtr Android device with a build fingerprint of samsung/j7popeltemtr/j7popeltemtr:8.1.0/M1AJQ/J727T1UVS5BSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.t...Show more
The Samsung j7popeltemtr Android device with a build fingerprint of samsung/j7popeltemtr/j7popeltemtr:8.1.0/M1AJQ/J727T1UVS5BSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000100, versionName=7.0.1.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.Show less
CVE-2019-15462
1Samsung
1Galaxy J7 Duo Firmware
Nov 21, 2024
Nov 14, 2019
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
The Samsung J7 Duo Android device with a build fingerprint of samsung/j7duolteub/j7duolte:8.0.0/R16NW/J720MUBS3ASB2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter ap...Show more
The Samsung J7 Duo Android device with a build fingerprint of samsung/j7duolteub/j7duolte:8.0.0/R16NW/J720MUBS3ASB2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app (versionCode=7000000, versionName=7.0.0.0) that allows other pre-installed apps to perform app installation via an accessible app component. This capability can be accessed by any pre-installed app on the device which can obtain signatureOrSystem permissions that are required by other other pre-installed apps that exported their capabilities to other pre-installed app.Show less