Filtered by vendor Samsung
Subscriptions
Total
1551 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-58341 | 1 Samsung | 25 Exynos, Exynos 1080, Exynos 1080 Firmware and 22 more | 2026-02-05 | 6.2 Medium |
| An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/ap_cert_disable_ht_vht write operation, leading to kernel memory exhaustion. | ||||
| CVE-2025-58342 | 1 Samsung | 25 Exynos, Exynos 1080, Exynos 1080 Firmware and 22 more | 2026-02-05 | 6.2 Medium |
| An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/uapsd write operation, leading to kernel memory exhaustion. | ||||
| CVE-2025-58344 | 1 Samsung | 25 Exynos, Exynos 1080, Exynos 1080 Firmware and 22 more | 2026-02-05 | 6.2 Medium |
| An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation in a /proc/driver/unifi0/conn_log_event_burst_to_us write operation, leading to kernel memory exhaustion. | ||||
| CVE-2025-59439 | 1 Samsung | 19 Exynos, Exynos 1080, Exynos 1080 Firmware and 16 more | 2026-02-05 | 7.5 High |
| An issue was discovered in Samsung Mobile Processor, Wearable Processor and Modem Exynos 980, 990, 850, 1080, 9110, W920, W930, W1000 and Modem 5123. Incorrect handling of NAS Registration messages leads to a Denial of Service because of Improper Handling of Exceptional Conditions. | ||||
| CVE-2025-20941 | 1 Samsung | 1 Android | 2026-02-05 | 6.2 Medium |
| Improper access control in InputManager to SMR Apr-2025 Release 1 allows local attackers to access the scancode of specific input device. | ||||
| CVE-2025-20942 | 1 Samsung | 1 Android | 2026-02-05 | 4.4 Medium |
| Improper Verification of Intent by Broadcast Receiver in DeviceIdService prior to SMR Apr-2025 Release 1 allows local attackers to reset OAID. | ||||
| CVE-2025-20943 | 1 Samsung | 1 Android | 2026-02-05 | 6.4 Medium |
| Out-of-bounds write in secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to cause memory corruption. | ||||
| CVE-2025-20944 | 1 Samsung | 1 Android | 2026-02-05 | 6.2 Medium |
| Out-of-bounds read in parsing audio data in libsavsac.so prior to SMR Apr-2025 Release 1 allows local attackers to read out-of-bounds memory. | ||||
| CVE-2025-20947 | 1 Samsung | 1 Android | 2026-02-05 | 5.5 Medium |
| Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access image files across multiple users. User interaction is required for triggering this vulnerability. | ||||
| CVE-2025-20948 | 1 Samsung | 1 Android | 2026-02-05 | 5.5 Medium |
| Out-of-bounds read in enrollment with cdsp frame secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to read out-of-bounds memory. | ||||
| CVE-2025-20938 | 1 Samsung | 1 Android | 2026-02-05 | 5.5 Medium |
| Improper access control in SamsungContacts prior to SMR Apr-2025 Release 1 allows local attackers to access protected data in SamsungContacts. | ||||
| CVE-2026-20984 | 2 Samsung, Samsung Mobile | 2 Galaxy Wearable, Galaxy Wearable | 2026-02-04 | N/A |
| Improper handling of insufficient permission in Galaxy Wearable installed on non-Samsung Device prior to version 2.2.68 allows local attackers to access sensitive information. | ||||
| CVE-2025-20952 | 1 Samsung | 1 Android | 2026-02-02 | 5.5 Medium |
| Improper access control in Mdecservice prior to SMR Apr-2025 Release 1 allows local attackers to access arbitrary files with system privilege. | ||||
| CVE-2026-20974 | 1 Samsung | 2 Android, Mobile Devices | 2026-02-02 | 4.6 Medium |
| Improper input validation in data related to network restrictions prior to SMR Jan-2026 Release 1 allows physical attackers to bypass Carrier Relock. | ||||
| CVE-2026-20973 | 1 Samsung | 2 Android, Mobile Devices | 2026-02-02 | 5.3 Medium |
| Out-of-bounds read in libimagecodec.quram.so prior to SMR Jan-2026 Release 1 allows remote attacker to access out-of-bounds memory. | ||||
| CVE-2025-20984 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-02-02 | 6.8 Medium |
| Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access data in Samsung Cloud for Galaxy Watch. | ||||
| CVE-2025-20986 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-02-02 | 5.5 Medium |
| Improper access control in ScreenCapture for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to take screenshots. | ||||
| CVE-2025-20911 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-02-02 | 4.4 Medium |
| Improper access control in sem_wifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of Galaxy Watch. | ||||
| CVE-2024-49422 | 1 Samsung | 1 Android | 2026-02-02 | 5.2 Medium |
| Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability. | ||||
| CVE-2025-20966 | 1 Samsung | 2 Android, Gallery | 2026-01-30 | 4.6 Medium |
| Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows physical attackers to access data across multiple user profiles. | ||||