Samsung

Android

374 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.6

CVE-2025-20884

  • EPSS 0.04%
  • Published 04.02.2025 08:15:29
  • Last modified 12.02.2025 13:44:06

Improper access control in Samsung Message prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles.

6.7

CVE-2025-20885

  • EPSS 0.02%
  • Published 04.02.2025 08:15:29
  • Last modified 25.03.2025 06:15:40

Out-of-bounds write in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged attackers to cause memory corruption.

4.4

CVE-2025-20886

  • EPSS 0.02%
  • Published 04.02.2025 08:15:29
  • Last modified 25.03.2025 06:15:40

Inclusion of sensitive information in test code in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged attackers to get test key.

5.5

CVE-2025-20887

  • EPSS 0.02%
  • Published 04.02.2025 08:15:29
  • Last modified 12.02.2025 13:46:17

Out-of-bounds read in accessing table used for svp8t in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability.

7.8

CVE-2025-20888

  • EPSS 0.02%
  • Published 04.02.2025 08:15:29
  • Last modified 12.02.2025 13:46:35

Out-of-bounds write in handling the block size for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.

5.5

CVE-2025-20889

  • EPSS 0.02%
  • Published 04.02.2025 08:15:29
  • Last modified 12.02.2025 13:46:49

Out-of-bounds read in decoding malformed bitstream for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability.

7.8

CVE-2025-20881

  • EPSS 0.02%
  • Published 04.02.2025 08:15:28
  • Last modified 12.02.2025 13:42:58

Out-of-bounds write in accessing buffer storing the decoded video frames in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.

4.6

CVE-2024-49411

  • EPSS 0.06%
  • Published 03.12.2024 06:15:09
  • Last modified 10.02.2025 23:16:53

Path Traversal in ThemeCenter prior to SMR Dec-2024 Release 1 allows physical attackers to copy apk files to arbitrary path with ThemeCenter privilege.

7.8

CVE-2024-49413

  • EPSS 0.05%
  • Published 03.12.2024 06:15:09
  • Last modified 10.02.2025 22:14:08

Improper Verification of Cryptographic Signature in SmartSwitch prior to SMR Dec-2024 Release 1 allows local attackers to install malicious applications.

2.4

CVE-2024-49414

  • EPSS 0.05%
  • Published 03.12.2024 06:15:09
  • Last modified 10.02.2025 22:13:42

Authentication Bypass Using an Alternate Path in Dex Mode prior to SMR Dec-2024 Release 1 allows physical attackers to temporarily access to recent app list.