Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-08 | CVE-2021-25520 | Cross-site Scripting vulnerability in Samsung Internet Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to execute script codes in Samsung Internet. | 6.1 |
| 2021-12-08 | CVE-2021-25521 | Files or Directories Accessible to External Parties vulnerability in Samsung Internet Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in Samsung Internet. | 3.3 |
| 2021-12-08 | CVE-2021-25522 | Insecure Storage of Sensitive Information vulnerability in Samsung Smart Capture Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02.10 allows attacker to access victim's captured images without permission. | 3.3 |
| 2021-12-08 | CVE-2021-25523 | Insecure Storage of Sensitive Information vulnerability in Samsung Dialer Insecure storage of device information in Samsung Dialer prior to version 12.7.05.24 allows attacker to get Samsung Account ID. | 3.3 |
| 2021-12-08 | CVE-2021-25524 | Insecure Storage of Sensitive Information vulnerability in Samsung Contacts Insecure storage of device information in Contacts prior to version 12.7.05.24 allows attacker to get Samsung Account ID. | 3.3 |
| 2021-12-08 | CVE-2021-25525 | Improper Check for Unusual or Exceptional Conditions vulnerability in Samsung PAY Improper check or handling of exception conditions vulnerability in Samsung Pay (US only) prior to version 4.0.65 allows attacker to use NFC without user recognition. | 6.5 |
| 2021-12-08 | CVE-2021-25526 | Unspecified vulnerability in Samsung Blockchain Wallet Intent redirection vulnerability in Samsung Blockchain Wallet prior to version 1.3.02.8 allows attacker to execute privileged action. | 5.5 |
| 2021-12-08 | CVE-2021-25527 | Unspecified vulnerability in Samsung PAY Improper export of Android application components vulnerability in Samsung Pay (India only) prior to version 4.1.77 allows attacker to access Bill Pay and Recharge menu without authentication. | 3.3 |
| 2021-11-16 | CVE-2021-42114 | Modern DRAM devices (PC-DDR4, LPDDR4X) are affected by a vulnerability in their internal Target Row Refresh (TRR) mitigation against Rowhammer attacks. | 8.3 |
| 2021-11-05 | CVE-2021-25504 | Unspecified vulnerability in Samsung Group Sharing Intent redirection vulnerability in Group Sharing prior to 10.8.03.2 allows attacker to access contact information. | 4.0 |