Filtered by vendor Samsung
Subscribe
Total
1495 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-20939 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-27 | N/A | 5.4 MEDIUM |
| Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update device unique identifier of Watch devices. | |||||
| CVE-2025-0634 | 1 Samsung | 1 Rlottie | 2026-01-22 | N/A | 9.8 CRITICAL |
| Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion.This issue affects rLottie: V0.2. | |||||
| CVE-2025-20936 | 1 Samsung | 1 Android | 2026-01-22 | N/A | 8.8 HIGH |
| Improper access control in HDCP trustlet prior to SMR Apr-2025 Release 1 allows local attackers with shell privilege to escalate their privileges to root. | |||||
| CVE-2025-20997 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-20 | N/A | 6.2 MEDIUM |
| Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch. | |||||
| CVE-2025-20998 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-20 | N/A | 5.5 MEDIUM |
| Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number. | |||||
| CVE-2025-21004 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-20 | N/A | 6.2 MEDIUM |
| Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device. | |||||
| CVE-2026-20976 | 1 Samsung | 1 Galaxy Store | 2026-01-15 | N/A | 7.8 HIGH |
| Improper input validation in Galaxy Store prior to version 4.6.02 allows local attacker to execute arbitrary script. | |||||
| CVE-2026-20975 | 1 Samsung | 1 Cloud | 2026-01-15 | N/A | 5.5 MEDIUM |
| Improper handling of insufficient permission in Samsung Cloud prior to version 5.6.11 allows local attackers to access specific files in arbitrary path. | |||||
| CVE-2026-20969 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 5.5 MEDIUM |
| Improper input validation in SecSettings prior to SMR Jan-2026 Release 1 allows local attacker to access file with system privilege. User interaction is required for triggering this vulnerability. | |||||
| CVE-2026-20972 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 3.3 LOW |
| Improper Export of Android Application Components in UwbTest prior to SMR Jan-2026 Release 1 allows local attackers to enable UWB. | |||||
| CVE-2026-20971 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 7.8 HIGH |
| Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code. | |||||
| CVE-2026-20970 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 7.8 HIGH |
| Improper access control in SLocation prior to SMR Jan-2026 Release 1 allows local attackers to execute the privileged APIs. | |||||
| CVE-2026-20968 | 1 Samsung | 1 Android | 2026-01-15 | N/A | 6.7 MEDIUM |
| Use after free in DualDAR prior to SMR Jan-2026 Release 1 allows local privileged attackers to execute arbitrary code. | |||||
| CVE-2025-20956 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-15 | N/A | 4.3 MEDIUM |
| Improper export of android application components in Settings in Galaxy Watch prior to SMR May-2025 Release 1 allows physical attackers to access developer settings. | |||||
| CVE-2021-25372 | 1 Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2026-01-14 | 7.2 HIGH | 6.1 MEDIUM |
| An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access. | |||||
| CVE-2021-25370 | 1 Samsung | 1 Android | 2026-01-14 | 4.9 MEDIUM | 6.1 MEDIUM |
| An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic. | |||||
| CVE-2024-20887 | 1 Samsung | 1 Galaxy Buds Manager | 2026-01-14 | N/A | 6.2 MEDIUM |
| Arbitrary directory creation in GalaxyBudsManager PC prior to version 2.1.240315.51 allows attacker to create arbitrary directory. | |||||
| CVE-2024-20851 | 1 Samsung | 1 Cloud | 2026-01-12 | N/A | 4.4 MEDIUM |
| Improper access control vulnerability in Samsung Data Store prior to version 5.3.00.4 allows local attackers to launch arbitrary activity with Samsung Data Store privilege. | |||||
| CVE-2024-20853 | 1 Samsung | 1 Galaxy Themes | 2026-01-12 | N/A | 5.1 MEDIUM |
| Improper verification of intent by broadcast receiver vulnerability in ThemeStore prior to 5.3.05.2 allows local attackers to write arbitrary files to sandbox of ThemeStore. | |||||
| CVE-2024-34598 | 1 Samsung | 1 Good Lock | 2026-01-12 | N/A | 7.7 HIGH |
| Improper export of component in GoodLock prior to version 2.2.04.95 allows local attackers to install arbitrary applications from Galaxy Store. | |||||