Vulnerabilities > Samsung > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-11 | CVE-2021-25401 | Unspecified vulnerability in Samsung Health Intent redirection vulnerability in Samsung Health prior to version 6.16 allows attacker to execute privileged action. | 7.8 |
| 2021-06-11 | CVE-2021-25418 | Incorrect Authorization vulnerability in Samsung Internet 13.2.1.46/13.2.1.70/14.0.1.20 Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in specific condition. | 7.8 |
| 2021-06-11 | CVE-2021-25424 | Improper Authentication vulnerability in Samsung products Improper authentication vulnerability in Tizen bluetooth-frwk prior to Firmware update JUN-2021 Release allows bluetooth attacker to take over the user's bluetooth device without user awareness. | 8.8 |
| 2021-05-20 | CVE-2021-3438 | Classic Buffer Overflow vulnerability in multiple products A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege. | 7.8 |
| 2021-04-09 | CVE-2021-25381 | Incorrect Default Permissions vulnerability in Samsung Account 10.8.0.4/12.1.1.3 Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | 7.8 |
| 2021-04-09 | CVE-2021-25380 | Improper Handling of Exceptional Conditions vulnerability in Samsung Bixby Improper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker to execute the actions registered by the user. | 7.3 |
| 2021-04-09 | CVE-2021-25377 | Improper Privilege Management vulnerability in Samsung Experience Service Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action. | 7.8 |
| 2021-04-09 | CVE-2021-25374 | Unspecified vulnerability in Samsung Members 2.4.81.13/3.9.10.11/4.2.005 An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account. | 7.5 |
| 2021-04-09 | CVE-2021-25373 | Unspecified vulnerability in Samsung Customization Service Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | 7.8 |
| 2021-03-25 | CVE-2021-25368 | Improper Authentication vulnerability in Samsung Cloud Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed. | 7.5 |