Vulnerabilities > Samsung > High

DATE CVE VULNERABILITY TITLE RISK
2021-10-06 CVE-2021-25497 Classic Buffer Overflow vulnerability in Samsung Notes 2.0.02.31/4.2.00.22/4.2.04.27
A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.
local
low complexity
samsung CWE-120
7.8
2021-10-06 CVE-2021-25498 Classic Buffer Overflow vulnerability in Samsung Notes 2.0.02.31/4.2.00.22/4.2.04.27
A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.
local
low complexity
samsung CWE-120
7.8
2021-09-09 CVE-2021-25465 Improper Input Validation vulnerability in Samsung Themes
An improper scheme check vulnerability in Samsung Themes prior to version 5.2.01 allows attackers to perform Man-in-the-middle attack.
local
high complexity
samsung CWE-20
7.0
2021-09-01 CVE-2021-39373 Insufficiently Protected Credentials vulnerability in Samsung Drive Manager 2.0.104
Samsung Drive Manager 2.0.104 on Samsung H3 devices allows attackers to bypass intended access controls on disk management.
local
low complexity
samsung CWE-522
7.8
2021-08-31 CVE-2021-22684 Unspecified vulnerability in Samsung Tizenrt
Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functions_calloc and mm_zalloc.
network
low complexity
samsung
7.5
2021-07-08 CVE-2021-25438 Unspecified vulnerability in Samsung Members 2.4.81.13/3.9.10.11
Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause local file inclusion in webview.
local
low complexity
samsung
7.8
2021-07-08 CVE-2021-25440 Unspecified vulnerability in Samsung Factorycamerafb
Improper access control vulnerability in FactoryCameraFB prior to version 3.4.74 allows untrusted applications to access arbitrary files with an escalated privilege.
local
low complexity
samsung
7.8
2021-07-08 CVE-2021-25441 Improper Input Validation vulnerability in Samsung AR Emoji Editor 4.4.03.5
Improper input validation vulnerability in AR Emoji Editor prior to version 4.4.03.5 in Android Q(10.0) and above allows untrusted applications to access arbitrary files with an escalated privilege.
local
low complexity
samsung CWE-20
7.8
2021-07-08 CVE-2021-25442 Improper Authentication vulnerability in Samsung Knox Cloud Services
Improper MDM policy management vulnerability in KME module prior to KCS version 1.39 allows MDM users to bypass Knox Manage authentication.
network
low complexity
samsung CWE-287
7.5
2021-06-11 CVE-2021-25399 Unspecified vulnerability in Samsung Smart Manager
Improper configuration in Smart Manager prior to version 11.0.05.0 allows attacker to access the file with system privilege.
local
low complexity
samsung
7.1