63 matches found
CVE-2022-36831
CVE-2022-36831 affects Samsung Notes, specifically UriFileUtils in versions prior to 4.3.14.39. The root cause is a path traversal vulnerability that allows an attacker with Samsung Notes permissions to access some files on the device (local attack vector). Impact is exposure of confidential data...
CVE-2024-20868
Samsung Notes CVE-2024-20868 affects versions before 4.4.15. The root cause is improper input validation, enabling a local attacker to delete files with Samsung Notes privileges under certain conditions. Remediation: upgrade to Samsung Notes 4.4.15 or later. This information is supported by PT-20...
CVE-2025-20925
Samsung Notes suffers from an out-of-bounds read when applying binary data to text in versions prior to 4.4.26.71. Local attackers could potentially read memory. Affected product: Samsung Notes. Root cause: out-of-bounds read during binary-to-text data handling. Impact: local memory disclosure. K...
CVE-2025-20930
Samsung Notes contains an out-of-bounds read vulnerability in the JPEG image parsing path, affecting versions prior to 4.4.26.71. The root cause is improper validation when processing JPEG data, allowing a local attacker to read memory outside bounds. A patch is available: update to Samsung Note...
CVE-2025-20922
CVE-2025-20922 affects Samsung Notes. The vulnerability is an out-of-bounds read in the function that appends text paragraphs, allowing an attacker to read memory beyond bounds. Affected versions are prior to 4.4.26.71. The available remediation is to update to 4.4.26.71 or later. No exploitation...
CVE-2025-20928
Samsung Notes contains an out-of-bounds read in wbmp image parsing, affecting versions prior to 4.4.26.71. The issue is triggered during parsing of wbmp data and enables local attackers to access out-of-bounds memory. The published details indicate the root cause as improper validation during ima...
CVE-2021-25493
Samsung Notes libSPenBase buffer boundary checking defect (CVE-2021-25493) allows out-of-bounds read on vulnerable versions prior to 4.3.02.61. Affected component is the libSPenBase library within Samsung Notes. Root cause: insufficient boundary checks in a buffer, leading to potential data expos...
CVE-2025-20929
The vulnerability CVE-2025-20929 affects Samsung Notes prior to version 4.4.26.71. The issue is an out-of-bounds write when parsing JPEG images, which Samsung notes local attackers could trigger to execute arbitrary code. The affected product is Samsung Notes (mobile app), with the root cause in ...
CVE-2025-20932
CVE-2025-20932 affects Samsung Notes and is caused by an out-of-bounds read during BMP image RLE parsing in versions prior to 4.4.26.71. The vulnerability permits a local attacker to read out-of-bounds memory. The available connected documents specify the affected software and the root cause; exp...
CVE-2021-25355
CVE-2021-25355 affects Samsung Notes prior to version 4.2.00.22. The root cause is unsafe use of PendingIntent, enabling local attackers to perform unauthorized actions by hijacking the PendingIntent without permission. Impact is local, with potential for partial confidentiality/integrity/availab...
CVE-2021-25492
CVE-2021-25492 affects Samsung Notes: the libSPenBase library in Samsung Notes versions prior to 4.3.02.61 has a boundary/buffer-checking flaw that enables out-of-bounds reads. This vulnerability arises from lack of proper boundary checking in the affected libSPenBase component, allowing potentia...
CVE-2025-20914
CVE-2025-20914 describes an out-of-bounds read in Samsung Notes when applying binary hand-writing content, disclosed for Samsung Notes versions prior to 4.4.26.71. Affected component: Samsung Notes; Root cause: out-of-bounds memory access during binary handling. Impact stated in sources is read a...
CVE-2025-20924
CVE-2025-20924 affects Samsung Notes prior to version 4.4.26.71. The issue is an improper access control bug that allows a physical attacker to access data across multiple user profiles on affected devices. Root cause is access-control failure within Samsung Notes’ multi-profile handling, enablin...
CVE-2025-20976
CVE-2025-20976 concerns Samsung Notes. Multiple sources confirm an out-of-bounds read in the binary-integration step when applying binary of text content, affecting Samsung Notes prior to version 4.4.29.23. The issue allows reading beyond allocated memory, with impact on confidentiality. A fix is...
CVE-2021-25497
CVE-2021-25497 is a buffer overflow in Samsung Notes’ libSPenBase, specifically in the maetd_cpy_slice function. The issue affects Samsung Notes prior to version 4.3.02.61 and can lead to arbitrary code execution. The connected sources consistently describe a local vulnerability in the library, b...
CVE-2025-20916
CVE-2025-20916 describes an out-of-bounds read in Samsung Notes’ SPen string reading path. The vulnerability affects Samsung Notes versions prior to 4.4.26.71, enabling an attacker to read out-of-bounds memory. The issue is due to improper bounds checks when reading the SPen string, leading to po...
CVE-2025-20918
CVE-2025-20918 affects Samsung Notes. The vulnerability is an out-of-bounds read when applying extra data of the base content, allowing reading of memory prior to 4.4.26.71. Affected product: Samsung Notes (Android/iOS variants not explicitly stated in provided docs). Root cause: out-of-bounds re...
CVE-2025-20950
CVE-2025-20950 affects Samsung Notes prior to version 4.4.26.45. The root cause is the use of implicit intents for sensitive communications, enabling local attackers to access sensitive information. Documents specify affected software and a remediation path: upgrade to 4.4.26.45 or later. No expl...
CVE-2024-34657
Samsung Notes is affected by a stack-based out-of-bounds write vulnerability disclosed as CVE-2024-34657. The issue exists in Samsung Notes versions prior to 4.4.21.62 and can allow remote attackers to execute arbitrary code. The root cause is an out-of-bounds write in the app’s handling of input...
CVE-2025-20917
Samsung Notes contains an out-of-bounds read vulnerability (CVE-2025-20917) in the way it applies binary of PDF content. Affected versions are prior to 4.4.26.71. By exploiting this issue, an attacker could read out-of-bounds memory from the PDF processing path. The issue is confirmed by multiple...
CVE-2025-20921
CVE-2025-20921 affects Samsung Notes. Summary from connected docs: an out-of-bounds read occurs in the binary of text content when processing notes, enabling reading of out-of-bounds memory. Affected versions are prior to 4.4.26.71. The issue can be mitigated by upgrading Samsung Notes to version...
CVE-2025-20913
Samsung Notes vulnerable to an out-of-bounds read when applying binary drawing content prior to version 4.4.26.71. The issue affects the Notes binary’s drawing-content handling and can allow memory reads beyond bounds. PT-2025-9884 confirms affected versions up to 4.4.26.71; Samsung’s advisory in...
CVE-2025-20919
CVE-2025-20919 relates to Samsung Notes, affected versions prior to 4.4.26.71. The vulnerability is an out-of-bounds read when applying binary of video content, allowing reading of memory outside bounds. The issue is documented across multiple sources (e.g., Red Hat/RedHat-adapted CVE, PT-2025-98...
CVE-2025-20927
CVE-2025-20927 affects Samsung Notes. Description: an out-of-bounds read in parsing image data can allow a local attacker to access memory. Affected versions are Samsung Notes prior to 4.4.26.71. Remediation: update to 4.4.26.71 or later. This summary pulls from Samsung/Red Hat/NVD entries; explo...
CVE-2025-20933
Samsung Notes contains a BMP image parsing vulnerability (CVE-2025-20933): an out-of-bounds read is possible due to inadequate validation when parsing BMP data. Affected versions are prior to 4.4.26.71, with local attackers able to read memory outside bounds. The issue is detailed in multiple sou...
CVE-2024-34658
CVE-2024-34658 involves an out-of-bounds read in Samsung Notes that enables local attackers to bypass ASLR. Affected software: Samsung Notes (mobile devices). Root cause: out-of-bounds read vulnerability in the app. Impact: local escalation potential with high confidentiality/availability concern...
CVE-2025-20977
Samsung Notes is affected by CVE-2025-20977 due to use of implicit intent for sensitive translation communication. The vulnerability affects versions prior to 4.4.29.23, enabling local attackers to obtain sensitive information with user interaction required to trigger. The issue is tied to the tr...
CVE-2021-25494
A buffer overflow in Samsung Notes libSPenBase (prior to version 4.3.02.61) can lead to arbitrary code execution. Root cause per sources: lack of buffer bounds checking in libSPenBase. Exploitation details vary across sources; some describe remote/undefined vectors, while others cite local condit...
CVE-2024-34660
Samsung Notes contains a heap-based out-of-bounds write vulnerability in versions prior to 4.4.21.62, enabling a local attacker with low privileges to potentially execute arbitrary code on the affected device. The issue is confirmed across multiple sources; the impact is described as arbitrary co...
CVE-2025-20931
Samsung Notes contains an out-of-bounds write vulnerability in the parsing of BMP images that can allow a local attacker to execute arbitrary code. Affected software: Samsung Notes, prior to version 4.4.26.71 . Root cause: improper handling of BMP parsing leading to memory write outside expected ...
CVE-2021-25402
CVE-2021-25402 is an information-disclosure vulnerability affecting Samsung Notes before version 4.2.04.27, allowing an attacker to access s pen latency information. The connected documents consistently describe this as an information exposure issue in Samsung Notes; no explicit root cause, affec...
CVE-2024-34656
CVE-2024-34656 describes a path traversal vulnerability in Samsung Notes on affected Samsung devices, present in versions prior to 4.4.21.62 . The issue allows local arbitrary code execution by exploiting improper path handling in the application. Supported details indicate high impact with local...
CVE-2025-20920
CVE-2025-20920 concerns an out-of-bounds read in Samsung Notes’ action link data. Multiple sources confirm the vulnerability exists in Samsung Notes prior to version 4.4.26.71, which could allow an attacker to read out-of-bounds memory. The condition is tied to the handling of action link data wi...
CVE-2021-25496
CVE-2021-25496: A buffer overflow in maetd_dec_slice within libSPenBase used by Samsung Notes (pre-4.3.02.61) enables arbitrary code execution. Impact is local. Affected component is Samsung Notes’ libSPenBase; root cause is buffer overflow in maetd_dec_slice. Remediation: upgrade Samsung Notes t...
CVE-2021-25498
Samsung Notes contains a buffer overflow in the libSPenBase component maetd_eco_cb_mode that affects versions prior to 4.3.02.61. Successful exploitation could allow arbitrary code execution on the device with a local attack vector. The issue is caused in the affected library within Samsung Notes...
CVE-2024-34621
Samsung Notes contains an out-of-bounds read in the binary applying process for data prior to version 4.4.21.62, allowing a local attacker to potentially read memory. Affected component: Samsung Notes binary handling. Root cause: memory read beyond bounds when processing data during binary applic...
CVE-2025-20915
CVE-2025-20915 affects Samsung Notes. The vulnerability is an out-of-bounds read when applying or processing the binary of voice content, present in Samsung Notes versions prior to 4.4.26.71. The issue can allow reading out-of-bounds memory. The NVD entry lists a CVSS v3.1 base score of 7.5 (HIGH...
CVE-2024-34628
CVE-2024-34628 : Out-of-bounds read in Samsung Notes when applying binary with path, before version 4.4.21.62, allowing local attackers to potentially read memory. Affected product: Samsung Notes (Android/iOS variants referenced in sources). Root cause: improper bounds check during binary applica...
CVE-2021-25367
Samsung Notes contains a path traversal vulnerability in versions prior to 4.2.00.22 that allows an attacker to access local files without permission. The CVE-2021-25367 entries across multiple sources (NVD, Red Hat, CNVD, CVE listings, and related databases) describe the same issue. The connecte...
CVE-2021-25495
CVE-2021-25495 affects Samsung Notes’ libSPenBase. The issue is a heap buffer overflow caused by insufficient bounds checking in libSPenBase, allowing arbitrary code execution. Affected are Samsung Notes versions prior to 4.3.02.61. Some sources indicate the issue could be exploited by a remote a...
CVE-2018-10501
The CVE-2018-10501 issue affects Samsung Notes and is a local privilege-escalation vulnerability in the ZIP handling path validation. The root cause is improper validation of a user-supplied path used in file operations, enabling a local attacker to escalate privileges within the application. Aff...
CVE-2024-34635
The vulnerability is an out-of-bounds read in Samsung Notes, specifically in the parsing of the textbox object. Affected versions are prior to 4.4.21.62 , which could allow a local attacker to access unauthorized memory. The issue is confirmed across multiple feeds (Samsung Samsung Notes CVE-2024...
CVE-2024-34631
CVE-2024-34631 : Affected software is Samsung Notes prior to 4.4.21.62. The issue is an out-of-bounds read when applying a new binary, which could allow a local attacker to read memory. Affected version guidance from connected sources indicates remediation by updating to version 4.4.21.62 or late...
CVE-2021-25405
CVE-2021-25405 concerns Samsung Notes where an improper access control in the app’s ScreenOffActivity allows untrusted applications to access local files. The vulnerability affects Samsung Notes versions prior to 4.2.04.27 . The provided sources describe the issue as an incorrect access control c...
CVE-2024-34626
Samsung Notes is affected by CVE-2024-34626, with an out-of-bounds read in applying own binary prior to version 4.4.21.62. The issue allows local attackers to potentially read memory. Affected software/versions: Samsung Notes prior to 4.4.21.62. Root cause: out-of-bounds read when applying the ap...
CVE-2024-34625
Samsung Notes contains an out-of-bounds read in the logic for applying a connection point affecting versions prior to 4.4.21.62. This local vulnerability could allow an attacker with local access to read memory. The issue is confirmed across multiple sources, with PT-SECURITY (PT-2024-26042) iden...
CVE-2024-34633
CVE-2024-34633 involves an out-of-bounds read in parsing the object header of the Samsung Notes app. Affected software is Samsung Notes prior to version 4.4.21.62, where a local attacker could access unauthorized memory. Conclusions based on available sources: the vulnerability is local with no u...
CVE-2024-34623
CVE-2024-34623 describes an issue in Samsung Notes where an out‑of‑bounds write during applying connected information enables a local attacker to potentially execute arbitrary code with Samsung Notes privileges. Affected software: Samsung Notes prior to version 4.4.21.62. The vulnerability is doc...
CVE-2024-34634
Samsung Notes contains an out-of-bounds read vulnerability in the parsing of the connected object list, affecting versions prior to 4.4.21.62. This allows a local attacker to access unauthorized memory. The issue is documented across multiple sources (e.g., CVE-2024-34634 entries in NVD/CVE lists...
CVE-2024-34622
Samsung Notes contains an out-of-bounds write in the paragraph-append operation affecting versions prior to 4.4.21.62. This could allow local attackers to potentially execute arbitrary code with Samsung Notes privileges. Affected software: Samsung Notes (pre-4.4.21.62). Root cause: out-of-bounds ...