Samsung Security Vulnerabilities
Arbitrary directory creation in Samsung Live Wallpaper PC prior to version 3.3.8.0 allows attacker to create arbitrary...
6.2CVSS
7.2AI Score
0.0004EPSS
Out-of-bounds read vulnerability in bootloader prior to SMR June-2024 Release 1 allows physical attackers to arbitrary data...
4.6CVSS
6.8AI Score
0.0004EPSS
Improper component protection vulnerability in Samsung Dialer prior to SMR May-2024 Release 1 allows local attackers to make a call without proper...
5.1CVSS
6.8AI Score
0.0004EPSS
Incorrect use of privileged API vulnerability in registerBatteryStatsCallback in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged...
6.2CVSS
6.8AI Score
0.0004EPSS
Incorrect use of privileged API vulnerability in getSemBatteryUsageStats in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged...
6.2CVSS
6.8AI Score
0.0004EPSS
Improper input validation vulnerability in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to write out-of-bounds...
4CVSS
6.9AI Score
0.0004EPSS
Stack-based buffer overflow vulnerability in bootloader prior to SMR Jun-2024 Release 1 allows physical attackers to overwrite...
6.4CVSS
7.3AI Score
0.0004EPSS
Improper input validation vulnerability in chnactiv TA prior to SMR Jun-2024 Release 1 allows local privileged attackers lead to potential arbitrary code...
6.4CVSS
7.5AI Score
0.0004EPSS
Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary...
4CVSS
7AI Score
0.0004EPSS
Improper input validation in libsheifdecadapter.so prior to SMR Jun-2024 Release 1 allows local attackers to lead to memory...
6.1CVSS
6.8AI Score
0.0004EPSS
Heap out-of-bound write vulnerability in parsing grid image header in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to execute arbitrary...
7.3CVSS
7.6AI Score
0.0004EPSS
Heap out-of-bound write vulnerability in parsing grid image in libsavscmn.so prior to SMR June-2024 Release 1 allows local attackers to execute arbitrary...
7.3CVSS
7.6AI Score
0.0004EPSS
Improper input validation vulnerability in caminfo driver prior to SMR Jun-2024 Release 1 allows local privileged attackers to write out-of-bounds...
4.2CVSS
6.8AI Score
0.0004EPSS
Improper access control vulnerability in SmartManagerCN prior to SMR Jun-2024 Release 1 allows local attackers to launch privileged...
7.9CVSS
6.8AI Score
0.0004EPSS
Improper input validation in Samsung Notes prior to version 4.4.15 allows local attackers to delete files with Samsung Notes privilege under certain...
4.4CVSS
6.6AI Score
0.0004EPSS
Improper authorization vulnerability in Samsung Keyboard prior to version One UI 5.1.1 allows physical attackers to partially bypass the factory reset...
4.9CVSS
6.5AI Score
0.0004EPSS
Improper privilege management vulnerability in Samsung Internet prior to version 25.0.0.41 allows local attackers to bypass protection for...
5.5CVSS
6.7AI Score
0.0004EPSS
Improper privilege management vulnerability in Samsung Email prior to version 6.1.91.14 allows local attackers to access sensitive...
5.5CVSS
6.5AI Score
0.0004EPSS
Improper access control vulnerability in DarManagerService prior to SMR May-2024 Release 1 allows local attackers to monitor system...
5.5CVSS
6.5AI Score
0.0004EPSS
Authentication bypass in bootloader prior to SMR May-2024 Release 1 allows physical attackers to flash arbitrary...
6.6CVSS
6.7AI Score
0.0004EPSS
Out of bounds write vulnerability in SNAP in HAL prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary...
6.7CVSS
7.3AI Score
0.0004EPSS
Out-of-bounds write in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary...
6CVSS
7.2AI Score
0.0004EPSS
Authentication bypass vulnerability in Setupwizard prior to SMR May-2024 Release 1 allows physical attackers to skip activation...
5.7CVSS
6.5AI Score
0.0004EPSS
Improper access control vulnerability in FactoryCamera prior to SMR May-2024 Release 1 allows local attackers to take pictures without...
5.5CVSS
6.5AI Score
0.0004EPSS
Improper export of android application components vulnerability in TelephonyUI prior to SMR May-2024 Release 1 allows local attackers to reboot the device without proper...
4CVSS
6.5AI Score
0.0004EPSS
Improper Authentication vulnerability in Secure Folder prior to SMR May-2024 Release 1 allows physical attackers to access Secure Folder without proper authentication in a specific...
4.3CVSS
6.6AI Score
0.0004EPSS
Improper access control vulnerability in setCocktailHostCallbacks of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current...
4CVSS
6.2AI Score
0.0004EPSS
Use after free vulnerability in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to cause memory...
6CVSS
6.8AI Score
0.0004EPSS
Improper access control vulnerability in startListening of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current...
4CVSS
6.2AI Score
0.0004EPSS
A vulnerability possible to reconfigure OTP allows local attackers to transit RMA(Return Merchandise Authorization) mode, which disables security features. This attack needs additional privilege to control...
4.4CVSS
6.7AI Score
0.0004EPSS
Improper access control vulnerability in multitasking framework prior to SMR May-2024 Release 1 allows physical attackers to access unlocked screen for a...
2.4CVSS
6.4AI Score
0.0004EPSS
Use of Implicit Intent for Sensitive Communication in Samsung Pay prior to version 5.4.99 allows local attackers to access information of Samsung...
6.2CVSS
6.4AI Score
0.0004EPSS
Improper handling of insufficient privileges vulnerability in Samsung Camera prior to versions 12.1.0.31 in Android 12, 13.1.02.07 in Android 13, and 14.0.01.06 in Android 14 allows local attackers to access image...
5.9CVSS
6.5AI Score
0.0004EPSS
Improper access control vulnerability in Samsung Data Store prior to version 5.3.00.4 allows local attackers to launch arbitrary activity with Samsung Data Store...
4.4CVSS
6.7AI Score
0.0004EPSS
Out-of-bounds write vulnerability while decoding hcr of libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary...
5.9CVSS
7.3AI Score
0.0004EPSS
Improper Access Control vulnerability in StorageManagerService prior to SMR Apr-2024 Release 1 allows local attackers to read sdcard...
4CVSS
6.4AI Score
0.0004EPSS
Out-of-bound Write vulnerability in chunk parsing implementation of libsdffextractor prior to SMR Apr-2023 Release 1 allows local attackers to execute arbitrary...
7.3CVSS
7.3AI Score
0.0004EPSS
Improper Input Validation vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local attackers to write out-of-bounds...
4CVSS
6.5AI Score
0.0004EPSS
Out-of-bound write vulnerability in command parsing implementation of libIfaaCa prior to SMR Apr-2024 Release 1 allows local privileged attackers to execute arbitrary...
5.6CVSS
7.4AI Score
0.0004EPSS
Out-of-bounds write vulnerability while parsing remaining codewords in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary...
8.4CVSS
7.2AI Score
0.0004EPSS
Out-of-bounds write vulnerability while releasing memory in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary...
8.4CVSS
7.2AI Score
0.0004EPSS
Improper Input Validation vulnerability in handling apdu of libsec-ril prior to SMR Apr-2024 Release 1 allows local privileged attackers to write out-of-bounds...
4.2CVSS
6.5AI Score
0.0004EPSS
Use after free vulnerability in pub_crypto_recv_msg prior to SMR Mar-2024 Release 1 due to race condition allows local attackers with system privilege to cause memory...
4.1CVSS
4.7AI Score
0.0004EPSS
Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers using hardware keyboard to use VoiceRecorder on the lock...
5.7CVSS
5.3AI Score
0.0004EPSS
Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers to access recording files on the lock...
4.6CVSS
4.5AI Score
0.0004EPSS
Improper handling of granting permission for Trusted Web Activities in Samsung Internet prior to version 24.0.0.41 allows local attackers to grant permission to their own TWA WebApps without user...
5.3CVSS
5.2AI Score
0.0004EPSS
Improper validation vulnerability in Samsung Internet prior to version 24.0.3.2 allows local attackers to execute arbitrary...
6.8CVSS
6.8AI Score
0.0004EPSS
Improper access control vulnerability in CustomFrequencyManagerService prior to SMR Mar-2024 Release 1 allows local attackers to execute privileged...
4CVSS
4.5AI Score
0.0004EPSS
Out of bounds Read vulnerability in ssmis_get_frm in libsubextractor.so prior to SMR Mar-2024 Release 1 allows local attackers to read out of bounds...
3.3CVSS
3.9AI Score
0.0004EPSS
The sensitive information exposure vulnerability in WlanTest prior to SMR Mar-2024 Release 1 allows local attackers to access MAC address without proper...
3.3CVSS
3.7AI Score
0.0004EPSS