77 matches found
CVE-2025-20996
Improper authorization in Smart Switch installed on non-Samsung Device prior to version 3.7.64.10 allows local attackers to read data with the privilege of Smart Switch. User interaction is required for triggering this vulnerability...
CVE-2025-20984
Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access data in Samsung Cloud for Galaxy Watch...
CVE-2025-20984
Samsung Cloud for Galaxy Watch (prior to SMR Jun-2025 Release 1) is affected by an incorrect default permission setting that could allow local attackers to access data stored in Samsung Cloud for Galaxy Watch. The issue is tied to Samsung’s Galaxy Watch cloud data permissions and is mitigated by ...
CVE-2024-3479
An improper export vulnerability was reported in the Motorola Enterprise MotoDpms Provider com.motorola.server.enterprise.MotoDpmsProvider that could allow a local attacker to read local data...
CVE-2023-30726
PendingIntent hijacking vulnerability in GameLauncher prior to version 4.2.59.5 allows local attackers to access data...
CVE-2023-21446
Improper input validation in MyFiles prior to version 12.2.09 in Android R11, 13.1.03.501 in Android S 12 and 14.1.00.422 in Android T13 allows local attacker to access data of MyFiles...
CVE-2010-1967
Unspecified vulnerability in HP Insight Software Installer for Windows before 6.1 allows local users to read or modify data via unknown vectors...
SAMSUNG Flow 安全漏洞
SAMSUNG Flow is a software product from the South Korean company Samsung SAMSUNG. It is used to enable a seamless, secure, and connected experience on devices. A security vulnerability exists in SAMSUNG Flow versions prior to 4.9.17.6, which stems from improper input validation and could allow a...
PT-2025-20056 · Samsung · Samsung Flow
Name of the Vulnerable Software and Affected Versions: Samsung Flow versions prior to 4.9.17.6 Description: The issue is related to improper input validation, allowing local attackers to access data within Samsung Flow. Recommendations: For versions prior to 4.9.17.6, update to version 4.9.17.6 o...
CVE-2025-20938
Improper access control in SamsungContacts prior to SMR Apr-2025 Release 1 allows local attackers to access protected data in SamsungContacts...
CVE-2025-20910
Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local attackers to access data in Galaxy Watch Gallery...
CVE-2025-20910
CVE-2025-20910 affects Galaxy Watch Gallery versions prior to SMR Mar-2025 Release 1, where an incorrect default permission allows local attackers to access data in Galaxy Watch Gallery. The CVSS v3.1 vector (Local, Low attack complexity, No privileges, No user interaction) yields a base score of...
PT-2025-4179 · Samsung +1 · Secure Folder +3
Name of the Vulnerable Software and Affected Versions: Secure Folder versions prior to 1.9.20.50 in Android 14 Secure Folder versions prior to 1.8.11.0 in Android 13 Secure Folder versions prior to 1.7.04.0 in Android 12 Description: The issue is related to improper access control in Secure Folde...
CVE-2024-49416
Use of implicit intent for sensitive communication in SmartThings prior to version 1.8.21 allows local attackers to get sensitive information...
CVE-2024-34643
Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability...
PT-2024-18712 · Samsung · Samsung Mobile Devices
Name of the Vulnerable Software and Affected Versions: Samsung Mobile Devices versions prior to SMR Jan-2024 Release 1 Description: The issue is related to improper access control in the Notification service, allowing a local attacker to access notification data. Recommendations: For versions pri...
PT-2023-26248 · Fortanix +1 · Fortanix Enclaveos Confidential Computing Manager (Ccm) Platform +1
Name of the Vulnerable Software and Affected Versions: Fortanix EnclaveOS Confidential Computing Manager CCM Platform versions prior to 3.32 for Intel SGX Description: An issue was discovered in the Fortanix EnclaveOS Confidential Computing Manager CCM Platform, which relates to a lack of...
CVE-2023-42573
PendingIntent hijacking vulnerability in Search Widget prior to version 3.4 in China models allows local attackers to access data...
CVE-2023-42539
PendingIntent hijacking vulnerability in ChallengeNotificationManager in Samsung Health prior to version 6.25 allows local attackers to access data...
PT-2023-28405 · Samsung · Samsung Health
Name of the Vulnerable Software and Affected Versions: Samsung Health versions prior to 6.25 Description: The issue allows local attackers to access data through PendingIntent hijacking in the ChallengeNotificationManager. Recommendations: For versions prior to 6.25, update to version 6.25 or lat...