Skip to main content

Samsung

980 CVEs vendor

Monthly

CVE-2020-26146 MEDIUM CISA This Month

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Samsung Information Disclosure
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
1.5%
CVE-2020-26145 MEDIUM PATCH This Month

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Samsung Code Injection Galaxy I9305 Firmware 6Gk5763 1Al00 7Da0 Firmware 6Gk5766 1Ge00 7Da0 Firmware +10
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
4.3%
CVE-2020-26144 MEDIUM CISA This Month

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Code Injection Galaxy I9305 Firmware C 250 Firmware C 260 Firmware +15
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.6%
CVE-2021-25381 HIGH This Week

Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Samsung Authentication Bypass Account
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-25377 HIGH This Week

Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Samsung Authentication Bypass Experience Service
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-25376 MEDIUM This Month

An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLS negotiation is failed. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Email
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2021-25375 MEDIUM This Month

Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Email
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-25374 HIGH This Week

An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Samsung Authentication Bypass Members
NVD
CVSS 3.1
7.5
EPSS
3.1%
CVE-2021-25368 HIGH This Week

Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Cloud
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-25367 MEDIUM This Month

Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Samsung Path Traversal Notes
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-25366 LOW Monitor

Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication. Rated low severity (CVSS 2.9), this vulnerability is low attack complexity. No vendor patch available.

Samsung Authentication Bypass Internet
NVD
CVSS 3.1
2.9
EPSS
0.3%
CVE-2021-25355 HIGH This Week

Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Samsung Authentication Bypass Notes
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-25354 MEDIUM This Month

Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Internet
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2021-25351 LOW Monitor

Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Account
NVD
CVSS 3.1
2.4
EPSS
0.3%
CVE-2021-25350 LOW Monitor

Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user information via log. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Account
NVD
CVSS 3.1
3.9
EPSS
0.2%
CVE-2021-25348 LOW Monitor

Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Internet
NVD
CVSS 3.1
2.4
EPSS
0.3%
CVE-2021-25347 MEDIUM This Month

Hijacking vulnerability in Samsung Email application version prior to SMR Feb-2021 Release 1 allows attackers to intercept when the provider is executed. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2021-25343 LOW Monitor

Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1) and below) and 3.8.00.13 (in Android P(9.0) and above) allows unauthorized actions including denial. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Samsung Denial Of Service Authentication Bypass Members
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2021-25340 LOW Monitor

Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows physically proximate attackers to change in arbitrary settings during Initialization State. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
2.4
EPSS
0.1%
CVE-2021-25339 MEDIUM This Month

Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory. Rated medium severity (CVSS 5.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
5.2
EPSS
0.1%
CVE-2021-25338 MEDIUM This Month

Improper memory access control in RKP in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to write certain part of RKP EL2 memory region. Rated medium severity (CVSS 5.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
5.2
EPSS
0.1%
CVE-2021-25337 HIGH POC KEV THREAT This Week

Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Privilege Escalation Android
NVD
CVSS 3.1
7.1
EPSS
2.8%
CVE-2021-25336 LOW Monitor

Improper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to acquire notification access via sending a crafted. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2021-25335 LOW Monitor

Improper lockscreen status check in cocktailbar service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows unauthenticated users to access hidden notification contents over the. Rated low severity (CVSS 2.5). No vendor patch available.

Samsung Information Disclosure One Ui Android
NVD
CVSS 3.1
2.5
EPSS
0.1%
CVE-2021-25334 MEDIUM This Month

Improper input check in wallpaper service in Samsung mobile devices prior to SMR Feb-2021 Release 1 allows untrusted application to cause permanent denial of service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Denial Of Service Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-25333 LOW Monitor

Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Authentication Bypass Pay Mini
NVD
CVSS 3.1
2.4
EPSS
0.3%
CVE-2021-25332 LOW Monitor

Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to contacts information over the lockscreen in specific condition. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Authentication Bypass Pay Mini
NVD
CVSS 3.1
2.4
EPSS
0.3%
CVE-2021-25331 LOW Monitor

Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen in specific condition. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Authentication Bypass Pay Mini
NVD
CVSS 3.1
2.4
EPSS
0.3%
CVE-2021-22495 MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) (Exynos chipsets) software. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption Android
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-22494 MEDIUM This Month

An issue was discovered in the fingerprint scanner on Samsung Note20 mobile devices with Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-22492 HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Broadcom Bluetooth chipsets) software. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Broadcom Android
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2020-35693 HIGH POC This Week

On some Samsung phones and tablets running Android through 7.1.1, it is possible for an attacker-controlled Bluetooth Low Energy (BLE) device to pair silently with a vulnerable target device, without. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Samsung Information Disclosure Android
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2020-35553 HIGH This Week

An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Qualcomm SM8250 chipsets) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Qualcomm Denial Of Service Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-35552 MEDIUM This Month

An issue was discovered in the GPS daemon on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (non-Qualcomm chipsets) software. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Qualcomm Information Disclosure Android
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2020-35551 CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2020-35550 CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2020-35549 MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-35548 MEDIUM This Month

An issue was discovered in Finder on Samsung mobile devices with Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Denial Of Service Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-28343 HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption RCE Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-28342 HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (China / India) software. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-28341 HIGH This Week

An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos990 chipsets) software. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung RCE Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-28340 CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2020-7811 HIGH This Week

Samsung Update 3.0.2.0 ~ 3.0.32.0 has a vulnerability that allows privilege escalation as commands crafted by attacker are executed while the engine deserializes the data received during. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Samsung Privilege Escalation Deserialization Update
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-26607 CRITICAL Act Now

An issue was discovered in TimaService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2020-26606 HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-26605 HIGH This Week

An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Exynos chipsets) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-26604 HIGH This Week

An issue was discovered in SystemUI on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-26603 MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Path Traversal Android
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2020-26602 HIGH This Week

An issue was discovered in EthernetNetwork on Samsung mobile devices with O(8.1), P(9.0), Q(10.0), and R(11.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-26601 HIGH This Week

An issue was discovered in DirEncryptService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-26600 HIGH This Week

An issue was discovered on Samsung mobile devices with Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-26599 MEDIUM This Month

An issue was discovered on Samsung mobile devices with Q(10.0) software. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2020-25280 MEDIUM This Month

An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos and MediaTek chipsets) software. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Mediatek Information Disclosure Android
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2020-25279 CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung RCE Android
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2020-25278 CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption RCE Android
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2020-25056 HIGH This Week

An issue was discovered on Samsung mobile devices with Q(10.0) (Galaxy S20) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-25055 CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2020-25054 CRITICAL Act Now

An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Information Disclosure Exynos
NVD
CVSS 3.1
9.1
EPSS
1.2%
CVE-2020-25053 CRITICAL Act Now

An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung RCE Android
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2020-25052 CRITICAL Act Now

An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Memory Corruption Samsung RCE +1
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2020-25051 HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-25050 HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-25049 CRITICAL Act Now

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2020-25048 MEDIUM This Month

An issue was discovered on Samsung mobile devices with Q(10.0) (with ONEUI 2.1) software. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2020-25047 MEDIUM This Month

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (released in China and India) software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-25046 MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-15584 MEDIUM This Month

An issue was discovered on Samsung mobile devices with Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Android
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-15583 MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Path Traversal Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-15582 MEDIUM This Month

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 7885 chipsets) software. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Android
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-15581 MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2020-15580 MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-15579 HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-15578 MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x) software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Privilege Escalation Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-15577 MEDIUM This Month

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-13838 LOW Monitor

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
3.5
EPSS
0.1%
CVE-2020-13837 LOW Monitor

An issue was discovered on Samsung mobile devices with Q(10.0) software. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
3.5
EPSS
0.1%
CVE-2020-13836 HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Samsung Path Traversal Android
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2020-13835 CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x) (with TEEGRIS) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2020-13834 HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (with TEEGRIS) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Samsung Authentication Bypass Android
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2020-13833 CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
9.1
EPSS
0.5%
CVE-2020-13832 CRITICAL Act Now

An issue was discovered on Samsung mobile devices with Q(10.0) (with TEEGRIS on Exynos chipsets) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung RCE Android
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2020-13831 CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos 7570 chipsets) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Android
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2020-13830 HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-13829 HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2020-12752 HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2020-12751 HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.X), P(9.0), and Q(10.0) software. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption RCE Android
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-12750 HIGH This Week

An issue was discovered on Samsung mobile devices with Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-12749 HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-12748 MEDIUM This Month

An issue was discovered on Samsung mobile devices with Q(10.0) software. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2020-12747 CRITICAL Act Now

An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos980 9630 and Exynos990 9830 chipsets) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption Android
NVD
CVSS 3.1
9.8
EPSS
0.4%
EPSS 2% CVSS 5.3
MEDIUM This Month

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Samsung Information Disclosure
NVD GitHub VulDB
EPSS 4% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Samsung Code Injection Galaxy I9305 Firmware +12
NVD GitHub VulDB
EPSS 1% CVSS 6.5
MEDIUM This Month

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Code Injection Galaxy I9305 Firmware +17
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Samsung Authentication Bypass +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Samsung Authentication Bypass +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLS negotiation is failed. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Email
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Email
NVD
EPSS 3% CVSS 7.5
HIGH This Week

An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Samsung Authentication Bypass +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Cloud
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Samsung Path Traversal Notes
NVD
EPSS 0% CVSS 2.9
LOW Monitor

Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication. Rated low severity (CVSS 2.9), this vulnerability is low attack complexity. No vendor patch available.

Samsung Authentication Bypass Internet
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Samsung Authentication Bypass Notes
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Internet
NVD
EPSS 0% CVSS 2.4
LOW Monitor

Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Account
NVD
EPSS 0% CVSS 3.9
LOW Monitor

Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user information via log. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Account
NVD
EPSS 0% CVSS 2.4
LOW Monitor

Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Internet
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Hijacking vulnerability in Samsung Email application version prior to SMR Feb-2021 Release 1 allows attackers to intercept when the provider is executed. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1) and below) and 3.8.00.13 (in Android P(9.0) and above) allows unauthorized actions including denial. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Samsung Denial Of Service +2
NVD
EPSS 0% CVSS 2.4
LOW Monitor

Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows physically proximate attackers to change in arbitrary settings during Initialization State. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
EPSS 0% CVSS 5.2
MEDIUM This Month

Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory. Rated medium severity (CVSS 5.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 5.2
MEDIUM This Month

Improper memory access control in RKP in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to write certain part of RKP EL2 memory region. Rated medium severity (CVSS 5.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 3% CVSS 7.1
HIGH POC KEV THREAT This Week

Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Privilege Escalation Android
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Improper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to acquire notification access via sending a crafted. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Privilege Escalation Android
NVD
EPSS 0% CVSS 2.5
LOW Monitor

Improper lockscreen status check in cocktailbar service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows unauthenticated users to access hidden notification contents over the. Rated low severity (CVSS 2.5). No vendor patch available.

Samsung Information Disclosure One Ui +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper input check in wallpaper service in Samsung mobile devices prior to SMR Feb-2021 Release 1 allows untrusted application to cause permanent denial of service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Denial Of Service Android
NVD
EPSS 0% CVSS 2.4
LOW Monitor

Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen via scanning specific QR code. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Authentication Bypass +1
NVD
EPSS 0% CVSS 2.4
LOW Monitor

Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to contacts information over the lockscreen in specific condition. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Authentication Bypass +1
NVD
EPSS 0% CVSS 2.4
LOW Monitor

Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreen in specific condition. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Authentication Bypass +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) (Exynos chipsets) software. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered in the fingerprint scanner on Samsung Note20 mobile devices with Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Broadcom Bluetooth chipsets) software. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Broadcom +1
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

On some Samsung phones and tablets running Android through 7.1.1, it is possible for an attacker-controlled Bluetooth Low Energy (BLE) device to pair silently with a vulnerable target device, without. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Samsung Information Disclosure +1
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Qualcomm SM8250 chipsets) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Qualcomm Denial Of Service +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

An issue was discovered in the GPS daemon on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (non-Qualcomm chipsets) software. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Qualcomm Information Disclosure +1
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered in Finder on Samsung mobile devices with Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Denial Of Service Android
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (China / India) software. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos990 chipsets) software. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung RCE +1
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Samsung Update 3.0.2.0 ~ 3.0.32.0 has a vulnerability that allows privilege escalation as commands crafted by attacker are executed while the engine deserializes the data received during. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Samsung Privilege Escalation Deserialization +1
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

An issue was discovered in TimaService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Exynos chipsets) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered in SystemUI on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Path Traversal Android
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered in EthernetNetwork on Samsung mobile devices with O(8.1), P(9.0), Q(10.0), and R(11.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered in DirEncryptService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered on Samsung mobile devices with Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

An issue was discovered on Samsung mobile devices with Q(10.0) software. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos and MediaTek chipsets) software. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Mediatek Information Disclosure +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung RCE +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered on Samsung mobile devices with Q(10.0) (Galaxy S20) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Information Disclosure +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung RCE Android
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Memory Corruption +3
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

An issue was discovered on Samsung mobile devices with Q(10.0) (with ONEUI 2.1) software. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (released in China and India) software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered on Samsung mobile devices with Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Android
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Path Traversal Android
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 7885 chipsets) software. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Android
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x) software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Privilege Escalation Android
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 3.5
LOW Monitor

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
EPSS 0% CVSS 3.5
LOW Monitor

An issue was discovered on Samsung mobile devices with Q(10.0) software. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Samsung Path Traversal +1
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x) (with TEEGRIS) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (with TEEGRIS) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Samsung Authentication Bypass +1
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An issue was discovered on Samsung mobile devices with Q(10.0) (with TEEGRIS on Exynos chipsets) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung RCE Android
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos 7570 chipsets) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Android
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.X), P(9.0), and Q(10.0) software. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered on Samsung mobile devices with Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Android
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

An issue was discovered on Samsung mobile devices with Q(10.0) software. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos980 9630 and Exynos990 9830 chipsets) software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption +1
NVD
Prev Page 8 of 11 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy