Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-26 | CVE-2021-25370 | Use After Free vulnerability in Samsung Android An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic. | 4.4 |
| 2021-03-26 | CVE-2021-25369 | Unspecified vulnerability in Samsung Android An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace. | 5.5 |
| 2021-03-25 | CVE-2021-25367 | Path Traversal vulnerability in Samsung Notes 2.0.02.31 Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission. | 5.4 |
| 2021-03-25 | CVE-2021-25354 | Unspecified vulnerability in Samsung Internet Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink. | 5.3 |
| 2020-04-07 | CVE-2016-11050 | Unspecified vulnerability in Samsung products An issue was discovered on Samsung mobile devices with S3(KK), Note2(KK), S4(L), Note3(L), and S5(L) software. low complexity samsung | 4.3 |
| 2020-02-12 | CVE-2015-7890 | Classic Buffer Overflow vulnerability in Samsung Galaxy S6 Edge Firmware Multiple buffer overflows in the esa_write function in /dev/seirenin the Exynos Seiren Audio driver, as used in Samsung S6 Edge, allow local users to cause a denial of service (memory corruption) via a large (1) buffer or (2) size parameter. | 5.5 |
| 2020-02-10 | CVE-2019-6744 | Improper Authentication vulnerability in Samsung Knox 1.2.02.39 This vulnerability allows local attackers to disclose sensitive information on affected installations of Samsung Knox 1.2.02.39 on Samsung Galaxy S9 build G9600ZHS3ARL1 Secure Folder. | 4.3 |
| 2020-01-22 | CVE-2018-16271 | Improper Privilege Management vulnerability in Samsung products The wemail_consumer_service (from the built-in application wemail) in Samsung Galaxy Gear series allows an unprivileged process to manipulate a user's mailbox, due to improper D-Bus security policy configurations. | 6.5 |
| 2019-12-27 | CVE-2013-4764 | Incorrect Default Permissions vulnerability in Samsung Galaxy S3 Firmware and Galaxy S4 Firmware Samsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send arbitrary SMS texts to arbitrary destinations without permission. | 4.3 |
| 2019-12-27 | CVE-2013-4763 | Incorrect Default Permissions vulnerability in Samsung Galaxy S3 Firmware and Galaxy S4 Firmware Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages without requesting permission. | 4.6 |