PT-2025-43457

In multiple functions of NotificationStation.java, there is a possible cross-profile information disclosure due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-21050

CVE-2025-21050 affects Samsung Mobile devices in the Contacts component prior to SMR Oct-2025 Release 1. The root cause is improper input validation, enabling a local attacker to access data across multiple user profiles. Impact is confidentiality-focused (high), with local, low-complexity access...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices versions prior to SMR Oct-2025 Release 1, which stems from improper input validation and cou...

CVE-2025-21035

Improper access control in Samsung Calendar prior to version 12.5.06.5 in Android 14 and 12.6.01.12 in Android 15 allows physical attackers to access data across multiple user profiles...

CVE-2025-21035

CVE-2025-21035 describes an improper access control in Samsung Calendar. The vulnerability affects Samsung Calendar versions prior to 12.5.06.5 on Android 14 and prior to 12.6.01.12 on Android 15, potentially allowing a physical attacker to access data across multiple user profiles. Root cause is...

CVE-2025-21035

Improper access control in Samsung Calendar prior to version 12.5.06.5 in Android 14 and 12.6.01.12 in Android 15 allows physical attackers to access data across multiple user profiles...

PT-2025-35691

Name of the Vulnerable Software and Affected Versions: Samsung Notes versions prior to 4.4.30.63 Description: Improper access control in Samsung Notes allows physical attackers to access data across multiple user profiles. User interaction is required to trigger this issue. Recommendations: Updat...

Samsung Notes 安全漏洞

Samsung Notes is an application from the South Korean company Samsung SAMSUNG. An access control error vulnerability exists in Samsung Notes that stems from improper access control and can be exploited by an attacker to access data in multiple user profiles...

CVE-2025-20898

Improper input validation in Samsung Members prior to version 5.2.00.12 allows physical attackers to access data across multiple user profiles...

CVE-2025-20883

Improper access control in SoundPicker prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles...

PT-2025-4165 · Unknown · Soundpicker

Name of the Vulnerable Software and Affected Versions: SoundPicker versions prior to SMR Jan-2025 Release 1 Description: The issue is related to improper access control, allowing physical attackers to access data across multiple user profiles. This could potentially lead to unauthorized data...

CVE-2024-49407

Improper access control in Samsung Flow prior to version 4.9.15.7 allows physical attackers to access data across multiple user profiles...

CVE-2020-0419

In generateInfo of PackageInstallerSession.java, there is a possible leak of cross-profile URI data during app installation due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...