Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-11 | CVE-2020-26146 | Improper Input Validation vulnerability in multiple products An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. | 5.3 |
| 2021-04-09 | CVE-2021-25381 | Incorrect Default Permissions vulnerability in Samsung Account 10.8.0.4/12.1.1.3 Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | 7.8 |
| 2021-04-09 | CVE-2021-25380 | Improper Handling of Exceptional Conditions vulnerability in Samsung Bixby Improper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker to execute the actions registered by the user. | 7.3 |
| 2021-04-09 | CVE-2021-25379 | Unspecified vulnerability in Samsung Gallery Intent redirection vulnerability in Gallery prior to version 5.4.16.1 allows attacker to execute privileged action. | 3.3 |
| 2021-04-09 | CVE-2021-25378 | Unspecified vulnerability in Samsung Smartthings Improper access control of certain port in SmartThings prior to version 1.7.63.6 allows remote temporary denial of service. | 5.3 |
| 2021-04-09 | CVE-2021-25377 | Improper Privilege Management vulnerability in Samsung Experience Service Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action. | 7.8 |
| 2021-04-09 | CVE-2021-25376 | Improper Synchronization vulnerability in Samsung Email An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLS negotiation is failed. | 5.3 |
| 2021-04-09 | CVE-2021-25375 | Use of Insufficiently Random Values vulnerability in Samsung Email Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment. | 6.5 |
| 2021-04-09 | CVE-2021-25374 | Unspecified vulnerability in Samsung Members 2.4.81.13/3.9.10.11/4.2.005 An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account. | 7.5 |
| 2021-04-09 | CVE-2021-25373 | Unspecified vulnerability in Samsung Customization Service Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | 7.8 |