Vulnerabilities in Samsung Mobile
1,316 resultsCVE-2022-33706—Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical attackers to access the pictures using SEPSS 0.2%CVE-2024-20871MEDIUMImproper authorization vulnerability in Samsung Keyboard prior to version One UI 5.1.1 allows physical attackers to partially bypass the facEPSS 0.2%CVE-2023-30641MEDIUMImproper access control vulnerability in Settings prior to SMR Jul-2023 Release 1 allows physical attacker to use restricted user profile toEPSS 0.2%CVE-2022-36877LOWExposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions 4.3.00.11 in Global and 14.0.02.4 in ChinaEPSS 0.2%CVE-2023-21512LOWImproper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notiEPSS 0.2%CVE-2024-20882MEDIUMOut-of-bounds read vulnerability in bootloader prior to SMR June-2024 Release 1 allows physical attackers to arbitrary data access.EPSS 0.2%CVE-2025-20946HIGHImproper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 ReEPSS 0.2%CVE-2021-25509MEDIUMA missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the WiEPSS 0.2%CVE-2021-25492HIGHLack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read.EPSS 0.2%CVE-2024-20845HIGHOut-of-bounds write vulnerability while releasing memory in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arEPSS 0.2%CVE-2024-49411MEDIUMPath Traversal in ThemeCenter prior to SMR Dec-2024 Release 1 allows physical attackers to copy apk files to arbitrary path with ThemeCenterEPSS 0.2%CVE-2021-25527LOWImproper export of Android application components vulnerability in Samsung Pay (India only) prior to version 4.1.77 allows attacker to accesEPSS 0.2%CVE-2021-25522MEDIUMInsecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02.10 allows attacker to access victim's captuEPSS 0.2%CVE-2023-42537HIGHAn improper input validation in get_head_crc in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read EPSS 0.2%CVE-2023-42536HIGHAn improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read andEPSS 0.2%CVE-2022-36878LOWExposure of Sensitive Information in Find My Mobile prior to version 7.2.25.14 allows local attacker to access IMEI via log.EPSS 0.2%CVE-2021-25454LOWOOB read vulnerability in libsaacextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute remote DoS via forged aac EPSS 0.2%CVE-2022-30748MEDIUMUnprotected dynamic receiver in Samsung Members prior to version 4.2.005 allows attacker to launch arbitrary activity.EPSS 0.2%CVE-2022-36873MEDIUMImproper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC addressEPSS 0.2%CVE-2022-39846MEDIUMDLL hijacking vulnerability in Smart Switch PC prior to version 4.3.22083_3 allows attacker to execute arbitrary code.EPSS 0.2%