Samsung

Android

374 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2025-20934

  • EPSS 0.01%
  • Published 08.04.2025 04:39:47
  • Last modified 30.04.2025 19:04:28

Improper access control in Sticker Center prior to SMR Apr-2025 Release 1 allows local attackers to access image files with system privilege.

6.7

CVE-2025-20904

  • EPSS 0.03%
  • Published 04.02.2025 08:15:32
  • Last modified 12.02.2025 13:48:47

Out-of-bounds write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to cause memory corruption.

6.7

CVE-2025-20905

  • EPSS 0.03%
  • Published 04.02.2025 08:15:32
  • Last modified 12.02.2025 13:49:26

Out-of-bounds read and write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to read and write out-of-bounds memory.

4.4

CVE-2025-20907

  • EPSS 0.03%
  • Published 04.02.2025 08:15:32
  • Last modified 12.02.2025 13:49:49

Improper privilege management in Samsung Find prior to SMR Feb-2025 Release 1 allows local privileged attackers to disable Samsung Find.

7.8

CVE-2025-20890

  • EPSS 0.02%
  • Published 04.02.2025 08:15:30
  • Last modified 12.02.2025 13:47:05

Out-of-bounds write in decoding frame buffer in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.

5.5

CVE-2025-20891

  • EPSS 0.02%
  • Published 04.02.2025 08:15:30
  • Last modified 12.02.2025 13:47:21

Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability.

5.9

CVE-2025-20892

  • EPSS 0.03%
  • Published 04.02.2025 08:15:30
  • Last modified 12.02.2025 13:47:40

Protection Mechanism Failure in bootloader prior to SMR Jan-2025 Release 1 allows physical attackers to allow to execute fastboot command. User interaction is required for triggering this vulnerability.

5.1

CVE-2025-20893

  • EPSS 0.03%
  • Published 04.02.2025 08:15:30
  • Last modified 12.02.2025 13:48:39

Improper access control in NotificationManager prior to SMR Jan-2025 Release 1 allows local attackers to change the configuration of notifications.

7.8

CVE-2025-20882

  • EPSS 0.02%
  • Published 04.02.2025 08:15:29
  • Last modified 12.02.2025 13:43:13

Out-of-bounds write in accessing uninitialized memory for svc1td in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.

4.6

CVE-2025-20883

  • EPSS 0.04%
  • Published 04.02.2025 08:15:29
  • Last modified 12.02.2025 13:43:37

Improper access control in SoundPicker prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles.