Filtered by vendor Samsung
Subscriptions
Total
1494 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-0634 | 1 Samsung | 1 Rlottie | 2026-01-22 | 9.8 Critical |
| Use After Free vulnerability in Samsung Open Source rLottie allows Remote Code Inclusion.This issue affects rLottie: V0.2. | ||||
| CVE-2025-20936 | 1 Samsung | 1 Android | 2026-01-22 | 8.8 High |
| Improper access control in HDCP trustlet prior to SMR Apr-2025 Release 1 allows local attackers with shell privilege to escalate their privileges to root. | ||||
| CVE-2025-20997 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-20 | 6.2 Medium |
| Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch. | ||||
| CVE-2025-20998 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-20 | 5.5 Medium |
| Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number. | ||||
| CVE-2025-21004 | 2 Samsung, Samsung Mobile | 12 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 9 more | 2026-01-20 | 6.2 Medium |
| Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device. | ||||
| CVE-2026-20976 | 1 Samsung | 1 Galaxy Store | 2026-01-15 | 7.8 High |
| Improper input validation in Galaxy Store prior to version 4.6.02 allows local attacker to execute arbitrary script. | ||||
| CVE-2026-20975 | 1 Samsung | 1 Cloud | 2026-01-15 | 5.5 Medium |
| Improper handling of insufficient permission in Samsung Cloud prior to version 5.6.11 allows local attackers to access specific files in arbitrary path. | ||||
| CVE-2026-20969 | 1 Samsung | 2 Android, Mobile Devices | 2026-01-15 | 5.5 Medium |
| Improper input validation in SecSettings prior to SMR Jan-2026 Release 1 allows local attacker to access file with system privilege. User interaction is required for triggering this vulnerability. | ||||
| CVE-2026-20972 | 2 Google, Samsung | 4 Android, Android, Mobile and 1 more | 2026-01-15 | 3.3 Low |
| Improper Export of Android Application Components in UwbTest prior to SMR Jan-2026 Release 1 allows local attackers to enable UWB. | ||||
| CVE-2026-20971 | 1 Samsung | 3 Android, Mobile, Mobile Devices | 2026-01-15 | 7.8 High |
| Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local attackers to potentially execute arbitrary code. | ||||
| CVE-2026-20970 | 1 Samsung | 3 Android, Mobile, Mobile Devices | 2026-01-15 | 7.8 High |
| Improper access control in SLocation prior to SMR Jan-2026 Release 1 allows local attackers to execute the privileged APIs. | ||||
| CVE-2026-20968 | 1 Samsung | 3 Android, Mobile, Samsung Mobile | 2026-01-15 | 6.7 Medium |
| Use after free in DualDAR prior to SMR Jan-2026 Release 1 allows local privileged attackers to execute arbitrary code. | ||||
| CVE-2025-20956 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-01-15 | 4.3 Medium |
| Improper export of android application components in Settings in Galaxy Watch prior to SMR May-2025 Release 1 allows physical attackers to access developer settings. | ||||
| CVE-2021-25372 | 1 Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2026-01-14 | 6.1 Medium |
| An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access. | ||||
| CVE-2021-25370 | 1 Samsung | 1 Android | 2026-01-14 | 6.1 Medium |
| An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic. | ||||
| CVE-2024-20887 | 1 Samsung | 1 Galaxy Buds Manager | 2026-01-14 | 6.2 Medium |
| Arbitrary directory creation in GalaxyBudsManager PC prior to version 2.1.240315.51 allows attacker to create arbitrary directory. | ||||
| CVE-2026-20973 | 1 Samsung | 1 Mobile Devices | 2026-01-13 | 5.3 Medium |
| Out-of-bounds read in libimagecodec.quram.so prior to SMR Jan-2026 Release 1 allows remote attacker to access out-of-bounds memory. | ||||
| CVE-2026-20974 | 1 Samsung | 1 Mobile Devices | 2026-01-13 | N/A |
| Improper input validation in data related to network restrictions prior to SMR Jan-2026 Release 1 allows physical attackers to bypass Carrier Relock. | ||||
| CVE-2024-20851 | 1 Samsung | 1 Cloud | 2026-01-12 | 4.4 Medium |
| Improper access control vulnerability in Samsung Data Store prior to version 5.3.00.4 allows local attackers to launch arbitrary activity with Samsung Data Store privilege. | ||||
| CVE-2024-20853 | 1 Samsung | 1 Galaxy Themes | 2026-01-12 | 5.1 Medium |
| Improper verification of intent by broadcast receiver vulnerability in ThemeStore prior to 5.3.05.2 allows local attackers to write arbitrary files to sandbox of ThemeStore. | ||||