Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-09 | CVE-2021-25374 | Unspecified vulnerability in Samsung Members 2.4.81.13/3.9.10.11/4.2.005 An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account. | 7.5 |
| 2021-04-09 | CVE-2021-25373 | Unspecified vulnerability in Samsung Customization Service Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | 7.8 |
| 2021-03-26 | CVE-2021-25372 | Out-of-bounds Write vulnerability in Samsung Android 10.0/11.0 An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access. | 6.7 |
| 2021-03-26 | CVE-2021-25371 | Unspecified vulnerability in Samsung Android 10.0/11.0 A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP. | 6.7 |
| 2021-03-26 | CVE-2021-25370 | Use After Free vulnerability in Samsung Android An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic. | 4.4 |
| 2021-03-26 | CVE-2021-25369 | Unspecified vulnerability in Samsung Android An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace. | 5.5 |
| 2021-03-25 | CVE-2021-25368 | Improper Authentication vulnerability in Samsung Cloud Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed. | 7.5 |
| 2021-03-25 | CVE-2021-25367 | Path Traversal vulnerability in Samsung Notes 2.0.02.31 Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission. | 5.4 |
| 2021-03-25 | CVE-2021-25366 | Unspecified vulnerability in Samsung Internet 13.2.1.46 Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication. low complexity samsung | 2.9 |
| 2021-03-25 | CVE-2021-25355 | Incorrect Default Permissions vulnerability in Samsung Notes 2.0.02.31 Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | 7.8 |