Filtered by vendor Samsung
Subscribe
Total
932 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-25371 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP. | |||||
CVE-2020-26146 | 3 Arista, Samsung, Siemens | 38 C-100, C-100 Firmware, C-110 and 35 more | 2023-12-10 | 2.9 LOW | 5.3 MEDIUM |
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design. | |||||
CVE-2021-25408 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution. | |||||
CVE-2021-25406 | 1 Samsung | 1 Gear S | 2023-12-10 | 3.3 LOW | 6.5 MEDIUM |
Information exposure vulnerability in Gear S Plugin prior to version 2.2.05.20122441 allows unstrusted applications to access connected BT device information. | |||||
CVE-2021-25447 | 1 Samsung | 2 Smartthings, Smartthings Firmware | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause local file inclusion in webview. | |||||
CVE-2021-25366 | 1 Samsung | 1 Internet | 2023-12-10 | 3.6 LOW | 2.9 LOW |
Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication. | |||||
CVE-2021-25442 | 1 Samsung | 1 Knox Cloud Services | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
Improper MDM policy management vulnerability in KME module prior to KCS version 1.39 allows MDM users to bypass Knox Manage authentication. | |||||
CVE-2021-25448 | 1 Samsung | 1 Smart Touch Call | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
Improper access control vulnerability in Smart Touch Call prior to version 1.0.0.5 allows arbitrary webpage loading in webview. | |||||
CVE-2021-25419 | 1 Samsung | 1 Internet | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link. | |||||
CVE-2021-25445 | 1 Samsung | 1 Internet | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in Samsung Internet. | |||||
CVE-2021-25407 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write. | |||||
CVE-2021-3438 | 2 Hp, Samsung | 382 Color Laser 150 4zb94a, Color Laser 150 4zb95a, Color Laser Mfp 170 4zb96a and 379 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege. | |||||
CVE-2021-25399 | 1 Samsung | 1 Smart Manager | 2023-12-10 | 3.6 LOW | 7.1 HIGH |
Improper configuration in Smart Manager prior to version 11.0.05.0 allows attacker to access the file with system privilege. | |||||
CVE-2021-25405 | 1 Samsung | 1 Notes | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files. | |||||
CVE-2021-25375 | 1 Samsung | 1 Email | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment. | |||||
CVE-2021-25425 | 1 Samsung | 1 Health | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
Improper check vulnerability in Samsung Health prior to version 6.17 allows attacker to read internal cache data via exported component. | |||||
CVE-2021-25421 | 1 Samsung | 1 Galaxy Watch 3 Plugin | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
Improper log management vulnerability in Galaxy Watch3 PlugIn prior to version 2.2.09.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log. | |||||
CVE-2020-26145 | 2 Samsung, Siemens | 26 Galaxy I9305, Galaxy I9305 Firmware, 6gk5763-1al00-3aa0 and 23 more | 2023-12-10 | 3.3 LOW | 6.5 MEDIUM |
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration. | |||||
CVE-2021-25380 | 1 Samsung | 1 Bixby | 2023-12-10 | 7.5 HIGH | 7.3 HIGH |
Improper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker to execute the actions registered by the user. | |||||
CVE-2021-25411 | 2 Google, Samsung | 5 Android, Exynos 9610, Exynos 9810 and 2 more | 2023-12-10 | 2.1 LOW | 4.4 MEDIUM |
Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root privileged local attackers to write read-only kernel memory. |