CVE-2025-21050

Improper input validiation in Contacts prior to SMR Oct-2025 Release 1 allows local attackers to access data across multiple user profiles...

CVE-2025-21050

Improper input validiation in Contacts prior to SMR Oct-2025 Release 1 allows local attackers to access data across multiple user profiles...

CVE-2025-21037

Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to access data across multiple user profiles. User interaction is required for triggering this vulnerability...

CVE-2025-48541

In onCreate of FaceSettings.java, there is a possible way to remove biometric unlock across user profiles due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48541

In onCreate of FaceSettings.java, there is a possible way to remove biometric unlock across user profiles due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-21037

Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to access data across multiple user profiles. User interaction is required for triggering this vulnerability...

CVE-2025-21037

Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to access data across multiple user profiles. User interaction is required for triggering this vulnerability...

CVE-2025-20894

Improper access control in Samsung Email prior to version 6.1.97.1 allows physical attackers to access data across multiple user profiles...

SAMSUNG Mobile devices 安全漏洞

Samsung Email is an email application developed by the Korean company Samsung SAMSUNG, designed to provide users with a convenient interface to manage and process email. Samsung Email suffers from an Access Control Error vulnerability that stems from an improper access control issue included in...

PT-2025-4166 · Samsung · Samsung Message

Name of the Vulnerable Software and Affected Versions: Samsung Message versions prior to SMR Jan-2025 Release 1 Description: The issue is related to improper access control in Samsung Message, allowing physical attackers to access data across multiple user profiles. This could potentially lead to...

CVE-2024-34674

Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles...

CVE-2021-0369

In CrossProfileAppsServiceImpl.java, there is the possibility of an application's INTERACTACROSSPROFILES grant state not displaying properly in the setting UI due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...

PT-2021-13048 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android version Android-11 Description: The issue is caused by a logic error in the code of CrossProfileAppsServiceImpl.java, which can lead to an application's INTERACT ACROSS PROFILES grant state not displaying properly in the setting UI...