Filtered by vendor Samsung
Subscriptions
Filtered by product Samsung Mobile
Subscriptions
Total
58 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-21472 | 1 Samsung | 4 Android, Exynos, Mobile and 1 more | 2025-09-05 | 6.8 Medium |
| Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader. | ||||
| CVE-2023-21473 | 1 Samsung | 4 Android, Exynos, Mobile and 1 more | 2025-09-05 | 6.8 Medium |
| Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader. | ||||
| CVE-2023-21475 | 1 Samsung | 3 Android, Mobile, Samsung Mobile | 2025-09-05 | 8 High |
| Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2023-21476 | 1 Samsung | 3 Android, Mobile, Samsung Mobile | 2025-09-05 | 8 High |
| Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2024-34598 | 1 Samsung | 3 Goodlock, Mobile, Samsung Mobile | 2025-09-05 | 7.7 High |
| Improper export of component in GoodLock prior to version 2.2.04.95 allows local attackers to install arbitrary applications from Galaxy Store. | ||||
| CVE-2022-39888 | 1 Samsung | 3 Mobile, Samsung Mobile, Samsung Mobile Devices | 2025-09-05 | 4.3 Medium |
| Improper access control vulnerability in retrieveExternalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to access to Proxy information. | ||||
| CVE-2023-21479 | 2 Google, Samsung | 4 Android, Mobile, Samsung Mobile and 1 more | 2025-09-04 | 5.3 Medium |
| Improper authorization in Smart suggestions prior to SMR Apr-2023 Release 1 in Android 13 and 4.1.01.0 in Android 12 allows remote attackers to register a schedule. | ||||
| CVE-2025-21030 | 2 Google, Samsung | 3 Android, Mobile, Samsung Mobile | 2025-09-04 | 4.3 Medium |
| Improper handling of insufficient permission in AppPrelaunchManagerService prior to SMR Sep-2025 Release 1 in Chinese Android 15 allows local attackers to execute arbitrary application in the background. | ||||
| CVE-2023-21477 | 1 Samsung | 2 Mobile, Samsung Mobile | 2025-09-04 | 7.9 High |
| Access of Memory Location After End of Buffer vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data. | ||||
| CVE-2025-20990 | 1 Samsung | 4 Android, Mobile, Samsung Mobile and 1 more | 2025-08-12 | 4 Medium |
| Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier. | ||||
| CVE-2015-7898 | 1 Samsung | 2 Galaxy S6, Samsung Mobile | 2025-04-20 | N/A |
| Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | ||||
| CVE-2016-6527 | 1 Samsung | 1 Samsung Mobile | 2025-04-20 | N/A |
| The SmartCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. | ||||
| CVE-2015-7895 | 1 Samsung | 2 Galaxy S6, Samsung Mobile | 2025-04-20 | N/A |
| Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | ||||
| CVE-2016-6526 | 1 Samsung | 1 Samsung Mobile | 2025-04-20 | N/A |
| The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. | ||||
| CVE-2015-7891 | 1 Samsung | 1 Samsung Mobile | 2025-04-20 | N/A |
| Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598. | ||||
| CVE-2016-4038 | 1 Samsung | 4 Apq8084, Msm8974, Msm8974pro and 1 more | 2025-04-20 | N/A |
| Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the gpio_config.gpio_name value. | ||||
| CVE-2016-4546 | 1 Samsung | 1 Samsung Mobile | 2025-04-20 | N/A |
| Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call. | ||||
| CVE-2016-4547 | 1 Samsung | 1 Samsung Mobile | 2025-04-20 | N/A |
| Samsung devices with Android KK(4.4), L(5.0/5.1), or M(6.0) allow attackers to cause a denial of service (system crash) via a crafted system call to TvoutService_C. | ||||
| CVE-2017-5351 | 1 Samsung | 1 Samsung Mobile | 2025-04-20 | N/A |
| Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the system by creating an arbitrarily large number of active VR service threads. The Samsung ID is SVE-2016-7650. | ||||
| CVE-2015-7896 | 1 Samsung | 2 Galaxy S6, Samsung Mobile | 2025-04-20 | N/A |
| LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file. | ||||