Samsung Security Vulnerabilities (CVEs)

This CVE describes an intent redirection vulnerability in Samsung's SecSettings application that allows attackers to access arbitrary files with syste...

This vulnerability allows a local attacker to write data beyond allocated memory boundaries in Samsung's libaudiosaplus_sec.so library, potentially le...

This vulnerability allows local attackers on Samsung devices to access location information without proper authorization. It affects Samsung devices r...

This vulnerability in Samsung's SemClipboard service allows attackers to bypass access controls and read arbitrary files with system-level permissions...

This vulnerability allows a physical attacker with USB access to execute arbitrary code in the bootloader of Samsung Exynos devices due to improper in...

This vulnerability allows a physical attacker with USB access to execute arbitrary code in the bootloader of Samsung devices with Exynos chipsets. It ...

This vulnerability in Samsung Exynos baseband chips allows incorrect handling of unencrypted messages due to a 3GPP specification implementation error...

This vulnerability allows attackers to bypass access controls in Samsung's Telephony framework, potentially accessing sensitive files with elevated pe...

This vulnerability allows local attackers on Samsung devices to access location information through improper access control in the SLocation service. ...

This CVE describes a PendingIntent hijacking vulnerability in Samsung's CertificatePolicy framework component that allows local attackers to bypass co...

This vulnerability allows attackers to gain SYSTEM privileges on Windows systems by exploiting insecure file deletion during Samsung Magician updates....

A buffer overflow vulnerability in Samsung Exynos processors allows attackers to execute arbitrary code or cause denial of service via specially craft...

This vulnerability allows local privileged attackers to perform out-of-bounds memory writes in the detaching crypto box component of Blockchain Keysto...

CVE-2025-21018 is an out-of-bounds read vulnerability in Blockchain Keystore that allows local privileged attackers to read memory beyond allocated bo...

An improper authorization vulnerability in Samsung Health allows local attackers to access sensitive health data stored in the application. This affec...

This vulnerability allows local privileged attackers to write out-of-bounds memory when creating bitmap images in Blockchain Keystore. It affects syst...

This vulnerability allows local privileged attackers to write out-of-bounds memory in the drawing pinpad component of Blockchain Keystore. Attackers w...

A path traversal vulnerability in Samsung's Document scanner allows local attackers to delete arbitrary files with the application's elevated privileg...

This vulnerability allows local attackers to bypass access controls and read device identifiers on Samsung mobile devices. It affects Samsung devices ...

A privilege management vulnerability in SamsungAccount allows local attackers with elevated privileges to deactivate Samsung accounts on affected devi...

This vulnerability in Samsung's Emergency SoS feature allows local attackers to access sensitive information due to improper export of an Android appl...

This vulnerability in Samsung Exynos mobile processors allows attackers to write data beyond allocated memory boundaries when processing JPEG images. ...

CVE-2025-53082 is an arbitrary file deletion vulnerability in Samsung DMS that allows attackers to delete files from unintended filesystem locations. ...

This path traversal vulnerability in Samsung DMS allows authenticated attackers to write arbitrary files to unintended filesystem locations. Attackers...

An execution after redirect vulnerability in Samsung DMS allows attackers to execute limited functions without proper permissions, potentially comprom...

This vulnerability in Samsung DMS allows attackers to execute arbitrary code by exploiting insecure deserialization of untrusted data. Attackers can w...

This path traversal vulnerability in Samsung MagicINFO 9 Server allows attackers to escape restricted directories and inject malicious code. It affect...

This path traversal vulnerability in Samsung MagicINFO 9 Server allows attackers to access files outside the intended directory, potentially leading t...

An improper access control vulnerability in the isemtelephony component on Android devices allows local attackers to access sensitive information. Thi...

This vulnerability allows local attackers to write out-of-bounds memory in the MPEG4 codec handling within libsavsvc.so on Android devices. It affects...

This vulnerability allows local attackers to cause memory corruption via an out-of-bounds read in the libsavsvc.so library when decoding frame headers...

This vulnerability allows local attackers to reset certain configuration settings on Galaxy Watch devices due to incorrect default permissions. It aff...

This vulnerability allows secondary users on Samsung Galaxy Tablets to access the primary owner's saved Wi-Fi passwords due to improper authorization ...

This vulnerability allows local attackers to stop Auracast broadcasting on Samsung devices due to improper access control in LeAudioService. It affect...

This vulnerability allows local attackers to access sensitive information stored insecurely in the Emergency SOS feature on Samsung devices. It affect...

This vulnerability allows local privileged attackers to write out-of-bounds memory in the KnoxVault trustlet, potentially leading to memory corruption...

A missing length check in Samsung Exynos 2400 and Modem 5400 chips allows attackers to cause denial of service via malformed PDCP packets. This affect...

A use-after-free vulnerability in Samsung Exynos 2200, 1480, and 2400 mobile processors allows local attackers to escalate privileges. This affects de...

A double free vulnerability in Samsung Exynos mobile processors allows local attackers to escalate privileges on affected devices. This affects smartp...