Vulnerabilities > Samsung > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-25 | CVE-2021-25355 | Incorrect Default Permissions vulnerability in Samsung Notes 2.0.02.31 Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | 7.8 |
| 2021-03-25 | CVE-2021-25353 | Unspecified vulnerability in Samsung Galaxy Themes Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of Galaxy Themes application without permission via hijacking the PendingIntent. | 7.1 |
| 2021-03-25 | CVE-2021-25352 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Bixby Voice Using PendingIntent with implicit intent in Bixby Voice prior to version 3.0.52.14 allows attackers to execute privileged action by hijacking and modifying the intent. | 7.8 |
| 2021-03-25 | CVE-2021-25349 | Unspecified vulnerability in Samsung Slow Motion Editor Using unsafe PendingIntent in Slow Motion Editor prior to version 3.5.18.5 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | 7.8 |
| 2020-10-12 | CVE-2020-7811 | Deserialization of Untrusted Data vulnerability in Samsung Update Samsung Update 3.0.2.0 ~ 3.0.32.0 has a vulnerability that allows privilege escalation as commands crafted by attacker are executed while the engine deserializes the data received during inter-process communication | 7.8 |
| 2020-03-24 | CVE-2019-20564 | Unspecified vulnerability in Samsung Note9 and S9 An issue was discovered on Samsung mobile devices with any (before October 2019 for S9 or Note9) software. | 7.5 |
| 2020-02-04 | CVE-2019-19273 | Out-of-bounds Write vulnerability in multiple products On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations. | 7.8 |
| 2020-01-22 | CVE-2018-16270 | Improper Privilege Management vulnerability in Samsung products Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction. | 7.5 |
| 2020-01-22 | CVE-2018-16269 | Information Exposure vulnerability in Samsung products The wnoti system service in Samsung Galaxy Gear series allows an unprivileged process to take over the internal notification message data, due to improper D-Bus security policy configurations. | 7.5 |
| 2020-01-09 | CVE-2012-3810 | Unspecified vulnerability in Samsung Kies 2.3.2.12074/2.3.2.120741313 Samsung Kies before 2.5.0.12094_27_11 has registry modification. | 7.5 |