Filtered by vendor Samsung
Subscriptions
Total
1551 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-21010 | 1 Samsung | 2 Android, Samsung Account App | 2025-08-12 | 6 Medium |
| Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account. | ||||
| CVE-2025-20990 | 1 Samsung | 4 Android, Mobile, Samsung Mobile and 1 more | 2025-08-12 | 4 Medium |
| Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier. | ||||
| CVE-2025-53082 | 1 Samsung | 2 Data Management Server, Data Management Server Firmware | 2025-08-11 | 6.1 Medium |
| An 'Arbitrary File Deletion' in Samsung DMS(Data Management Server) allows attackers to delete arbitrary files from unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses. | ||||
| CVE-2025-53081 | 1 Samsung | 2 Data Management Server, Data Management Server Firmware | 2025-08-11 | 6.4 Medium |
| An 'Arbitrary File Creation' in Samsung DMS(Data Management Server) allows attackers to create arbitrary files in unintended locations on the filesystem. Exploitation is restricted to specific, authorized private IP addresses. | ||||
| CVE-2025-53080 | 1 Samsung | 2 Data Management Server, Data Management Server Firmware | 2025-08-11 | 7.1 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS(Data Management Server) allows authenticated attackers to create arbitrary files in unintended locations on the filesystem | ||||
| CVE-2025-53079 | 1 Samsung | 2 Data Management Server, Data Management Server Firmware | 2025-08-11 | 4.9 Medium |
| Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) to read sensitive files | ||||
| CVE-2025-53078 | 1 Samsung | 2 Data Management Server, Data Management Server Firmware | 2025-08-11 | 8 High |
| Deserialization of Untrusted Data in Samsung DMS(Data Management Server) allows attackers to execute arbitrary code via write file to system | ||||
| CVE-2025-53077 | 1 Samsung | 2 Data Management Server, Data Management Server Firmware | 2025-08-11 | 6.5 Medium |
| An execution after redirect in Samsung DMS(Data Management Server) allows attackers to execute limited functions without permissions. An attacker could compromise the integrity of the platform by executing this vulnerability. | ||||
| CVE-2025-21023 | 1 Samsung | 1 Galaxy Watch | 2025-08-06 | 3.3 Low |
| Improper access control in WcsExtension for Galaxy Watch prior to Android Watch 16 allows local attackers to access sensitive information. | ||||
| CVE-2025-21011 | 2 Samsung, Samsung Mobile | 3 Galaxy Watch, Samsung Mobile Devices, Samsung Mobile Devices | 2025-08-06 | 5.5 Medium |
| Improper access control in SemSensorService for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to motion and body sensors. | ||||
| CVE-2025-21013 | 2 Samsung, Samsung Mobile | 3 Galaxy Watch, Samsung Mobile Devices, Samsung Mobile Devices | 2025-08-06 | 6.2 Medium |
| Improper access control in SemSensorManager for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to outdoor exercise and sleep time. | ||||
| CVE-2025-21016 | 2 Samsung, Samsung Mobile | 2 Samsung Mobile Devices, Samsung Mobile Devices | 2025-08-06 | 4.3 Medium |
| Improper access control in PkgPredictorService prior to SMR Aug-2025 Release 1 in Chinese Android 13, 14, 15 and 16 allows local attackers to use the privileged APIs. | ||||
| CVE-2025-21012 | 2 Samsung, Samsung Mobile | 2 Samsung Mobile Devices, Samsung Mobile Devices | 2025-08-06 | 5.5 Medium |
| Improper access control in fall detection for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to modify fall detection configuration. | ||||
| CVE-2025-54452 | 2 Samsung, Samsung Electronics | 2 Magicinfo 9 Server, Magicinfo 9 Server | 2025-07-28 | 7.3 High |
| Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows Authentication Bypass.This issue affects MagicINFO 9 Server: less than 21.1080.0. | ||||
| CVE-2025-20965 | 1 Samsung | 1 Bixby | 2025-07-18 | 6.2 Medium |
| Improper handling of insufficient permission in Bixby wakeup prior to version 2.3.74.8 allows local attackers to access sensitive data. | ||||
| CVE-2025-20896 | 1 Samsung | 1 Easysetup | 2025-07-17 | 4 Medium |
| Use of implicit intent for sensitive communication in EasySetup prior to version 11.1.18 allows local attackers to access sensitive information. | ||||
| CVE-2025-20895 | 1 Samsung | 1 Galaxy Store | 2025-07-17 | 3.2 Low |
| Authentication Bypass Using an Alternate Path in Galaxy Store prior to version 4.5.87.6 allows physical attackers to install arbitrary applications to bypass restrictions of Setupwizard. | ||||
| CVE-2024-20870 | 1 Samsung | 1 Galaxy Store | 2025-07-17 | 5.1 Medium |
| Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.71.8 allows local attackers to write arbitrary files with the privilege of Galaxy Store. | ||||
| CVE-2024-20869 | 1 Samsung | 1 Internet | 2025-07-17 | 5.5 Medium |
| Improper privilege management vulnerability in Samsung Internet prior to version 25.0.0.41 allows local attackers to bypass protection for cookies. | ||||
| CVE-2025-20950 | 1 Samsung | 1 Notes | 2025-07-17 | 4 Medium |
| Use of implicit intent for sensitive communication in SamsungNotes prior to version 4.4.26.45 allows local attackers to access sensitive information. | ||||