Filtered by vendor Samsung
Subscribe
Total
1089 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25492 | 1 Samsung | 1 Notes | 2024-11-21 | 3.6 LOW | 7.3 HIGH |
| Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read. | |||||
| CVE-2021-25491 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 2.1 LOW | 2.3 LOW |
| A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference. | |||||
| CVE-2021-25489 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 4.9 MEDIUM | 3.3 LOW |
| Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic. | |||||
| CVE-2021-25488 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Lack of boundary checking of a buffer in recv_data() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read. | |||||
| CVE-2021-25487 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 4.6 MEDIUM | 7.3 HIGH |
| Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer. | |||||
| CVE-2021-25481 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 4.6 MEDIUM | 6.4 MEDIUM |
| An improper error handling in Exynos CP booting driver prior to SMR Oct-2021 Release 1 allows local attackers to bypass a Secure Memory Protector of Exynos CP Memory. | |||||
| CVE-2021-25479 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25478 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25476 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 2.1 LOW | 4.1 MEDIUM |
| An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE. | |||||
| CVE-2021-25475 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 7.2 HIGH | 3.9 LOW |
| A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25471 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 5.0 MEDIUM | 3.7 LOW |
| A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion. | |||||
| CVE-2021-25470 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 3.6 LOW | 7.9 HIGH |
| An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE. | |||||
| CVE-2021-25469 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 4.6 MEDIUM | 6.0 MEDIUM |
| A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution. | |||||
| CVE-2021-25468 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address. | |||||
| CVE-2021-25467 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 7.2 HIGH | 5.3 MEDIUM |
| Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library. | |||||
| CVE-2021-25466 | 1 Samsung | 1 Internet | 2024-11-21 | 5.0 MEDIUM | 6.5 MEDIUM |
| Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and obtain Samsung Account token. | |||||
| CVE-2021-25465 | 1 Samsung | 1 Themes | 2024-11-21 | 4.4 MEDIUM | 3.3 LOW |
| An improper scheme check vulnerability in Samsung Themes prior to version 5.2.01 allows attackers to perform Man-in-the-middle attack. | |||||
| CVE-2021-25464 | 1 Samsung | 1 Capture | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| An improper file management vulnerability in SamsungCapture prior to version 4.8.02 allows sensitive information leak. | |||||
| CVE-2021-25463 | 1 Samsung | 1 Penup | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Improper access control vulnerability in PENUP prior to version 3.8.00.18 allows arbitrary webpage loading in webview. | |||||
| CVE-2021-25457 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 2.1 LOW | 5.9 MEDIUM |
| An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows local attackers to get a limited kernel memory information. | |||||