Vulnerabilities > Samsung
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-04-09 | CVE-2021-25375 | Use of Insufficiently Random Values vulnerability in Samsung Email Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment. | 6.5 |
2021-04-09 | CVE-2021-25374 | Unspecified vulnerability in Samsung Members 2.4.81.13/3.9.10.11/4.2.005 An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account. | 7.5 |
2021-04-09 | CVE-2021-25373 | Unspecified vulnerability in Samsung Customization Service Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | 7.8 |
2021-03-25 | CVE-2021-25368 | Improper Authentication vulnerability in Samsung Cloud Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed. | 7.5 |
2021-03-25 | CVE-2021-25367 | Path Traversal vulnerability in Samsung Notes 2.0.02.31 Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission. | 5.4 |
2021-03-25 | CVE-2021-25366 | Unspecified vulnerability in Samsung Internet 13.2.1.46 Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication. low complexity samsung | 2.9 |
2021-03-25 | CVE-2021-25355 | Incorrect Default Permissions vulnerability in Samsung Notes 2.0.02.31 Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | 7.8 |
2021-03-25 | CVE-2021-25354 | Unspecified vulnerability in Samsung Internet Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink. | 5.3 |
2021-03-25 | CVE-2021-25353 | Unspecified vulnerability in Samsung Galaxy Themes Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of Galaxy Themes application without permission via hijacking the PendingIntent. | 7.1 |
2021-03-25 | CVE-2021-25352 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Bixby Voice Using PendingIntent with implicit intent in Bixby Voice prior to version 3.0.52.14 allows attackers to execute privileged action by hijacking and modifying the intent. | 7.8 |