Vulnerabilities in Samsung Mobile
1,316 resultsCVE-2021-25404—Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log.EPSS 0.2%CVE-2022-36839MEDIUMSQL injection vulnerability via IAPService in Samsung Checkout prior to version 5.0.53.1 allows attackers to access IAP information.EPSS 0.2%CVE-2022-22287LOWAbitrary file access vulnerability in Samsung Email prior to 6.1.60.16 allows attacker to read isolated data in sandbox.EPSS 0.2%CVE-2022-27575LOWInformation exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app inforEPSS 0.2%CVE-2021-25421—Improper log management vulnerability in Galaxy Watch3 PlugIn prior to version 2.2.09.21033151 allows attacker with log permissions to leak EPSS 0.2%CVE-2022-39901MEDIUMImproper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption EPSS 0.2%CVE-2021-25456MEDIUMOOB read vulnerability in libswmfextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute memcpy at arbitrary addresEPSS 0.2%CVE-2024-20828LOWImproper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloEPSS 0.2%CVE-2021-25423—Improper log management vulnerability in Watch Active2 PlugIn prior to 2.2.08.21033151 version allows attacker with log permissions to leak EPSS 0.2%CVE-2021-25422—Improper log management vulnerability in Watch Active PlugIn prior to version 2.2.07.21033151 allows attacker with log permissions to leak WEPSS 0.2%CVE-2021-25336LOWImproper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applicationEPSS 0.2%CVE-2021-25420—Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151 allows attacker with log permissions to leak WEPSS 0.2%CVE-2024-34623HIGHOut-of-bounds write in applying connected information in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execEPSS 0.2%CVE-2023-30736MEDIUMImproper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows attacker to execute javascript interface. ToEPSS 0.2%CVE-2022-28778MEDIUMImproper access control vulnerability in Samsung Security Supporter prior to version 1.2.40.0 allows attacker to set the arbitrary folder asEPSS 0.2%CVE-2024-20894MEDIUMImproper handling of exceptional conditions in Secure Folder prior to SMR Jul-2024 Release 1 allows physical attackers to bypass authenticatEPSS 0.2%CVE-2025-21074MEDIUMOut-of-bounds read in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory.EPSS 0.2%CVE-2022-30712HIGHImproper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.EPSS 0.2%CVE-2021-25350LOWInformation Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user informaEPSS 0.2%CVE-2022-28777MEDIUMImproper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local attacker to execute call function without CEPSS 0.2%