374 matches found
CVE-2025-21010
Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account.
CVE-2023-21471
Improper access control vulnerability in SemClipboard prior to SMR Apr-2023 Release 1 allows attackers to read arbitrary files with system permission.
CVE-2025-21041
Insecure Storage of Sensitive Information in Secure Folder prior to Android 16 allows local attackers to access sensitive information.
CVE-2025-21042
Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitrary code.
CVE-2023-21466
PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023 Release 1 allows local attackers to access contentProvider without proper permission.
CVE-2023-21468
Improper access control vulnerability in Telephony prior to SMR Apr-2023 Release 1 allows attackers to access files with escalated permission.
CVE-2023-21469
Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.GEOFENCE action.
CVE-2023-21470
Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local attackers to get device location information using com.samsung.android.wifi.NETWORK_LOCATION action.
CVE-2023-21475
Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code.
CVE-2023-21476
Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code.
CVE-2023-21478
Improper input validation vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data.
CVE-2023-21480
Improper input validation vulnerability in CertByte prior to SMR Apr-2023 Release 1 allows local attackers to launch privileged activities.
CVE-2025-21025
Improper access control in MARsExemptionManager prior to SMR Sep-2025 Release 1 allows local attackers to be excluded from background execution management.
CVE-2025-21027
Improper verification of intent by broadcast receiver in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to temporarily disable the SIM.
CVE-2025-21029
Improper handling of insufficient permission in System UI prior to SMR Sep-2025 Release 1 allows local attackers to send arbitrary replies to messages from the cover display.
CVE-2025-21032
Improper access control in One UI Home prior to SMR Sep-2025 Release 1 allows physical attackers to bypass Kiosk mode under limited conditions.
CVE-2025-21034
Out-of-bounds write in libsavsvc.so prior to SMR Sep-2025 Release 1 allows local attackers to potentially execute arbitrary code.
CVE-2023-21472
Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader.
CVE-2023-21473
Improper input validation with Exynos Fastboot USB Interface prior to SMR Apr-2023 Release 1 allows a physical attacker to execute arbitrary code in bootloader.
CVE-2023-21474
Intent redirection vulnerability in SecSettings prior to SMR Apr-2022 Release 1 allows attackers to access arbitrary file with system privilege.
CVE-2025-21026
Improper handling of insufficient permission in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to interrupt the call.
CVE-2025-21028
Improper privilege management in ThemeManager prior to SMR Sep-2025 Release 1 allows local privileged attackers to reuse trial items.
CVE-2025-21033
Improper access control in ContactProvider prior to SMR Sep-2025 Release 1 allows local attackers to access sensitive information.
CVE-2025-21031
Improper access control in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to use the privileged APIs.