Samsung Security Vulnerabilities (CVEs)

This vulnerability allows local attackers to read out-of-bounds memory in Samsung's camera library on affected devices. It affects Samsung devices run...

This vulnerability in Samsung Internet browser allows local attackers to read and write arbitrary files on non-Samsung devices due to improper permiss...

This vulnerability allows local attackers with physical or remote access to a device to read data with Smart Switch privileges when the user interacts...

An improper access control vulnerability in Samsung's AudioService allows local attackers to access sensitive information on affected devices. This af...

This vulnerability in Samsung's ThemeManager allows local privileged attackers to bypass trial restrictions and reuse premium theme items without paym...

This vulnerability allows local privileged attackers to obtain authentication tokens from the fingerprint trustlet component on Samsung devices. Attac...

This vulnerability in Samsung's fingerprint trustlet allows local privileged attackers to obtain HMAC keys through improper logging. It affects Samsun...

A NULL pointer dereference vulnerability in Samsung Exynos mobile processors allows attackers to cause a denial of service by triggering a system cras...

A double free vulnerability in Samsung Exynos mobile processors allows local attackers to escalate privileges by exploiting memory corruption. This af...

This vulnerability in Samsung Exynos 1480 and 2400 mobile processors allows attackers to write data beyond allocated memory boundaries due to missing ...

A memory corruption vulnerability in Samsung Exynos 1480 and 2400 mobile processors allows attackers to write data beyond allocated buffer boundaries....

This vulnerability in Samsung Exynos Wi-Fi chips allows out-of-bounds memory access due to missing boundary checks in the STOP_KEEP_ALIVE_OFFLOAD func...

A heap-based out-of-bounds write vulnerability in Samsung Exynos processors' GPRS protocol implementation allows attackers to write data beyond alloca...

This vulnerability allows attackers within Bluetooth range to crash Harman Becker MGU21 infotainment systems by sending malformed Bluetooth frames. No...

Samsung Internet for Galaxy Watch version 5.0.9 has a TLS certificate validation vulnerability that allows attackers to impersonate any website via ma...

This vulnerability in Samsung Exynos processors allows attackers to trigger out-of-bounds memory access by sending malformed RRC (Radio Resource Contr...

A vulnerability in Samsung's RRC (Radio Resource Control) implementation across multiple Exynos processors allows incorrect handling of undefined valu...

A memory corruption vulnerability in Samsung Exynos processors allows attackers to write data beyond allocated buffer boundaries due to missing length...

A memory corruption vulnerability in Samsung Exynos processors allows attackers to write data beyond allocated buffer boundaries due to missing length...

An out-of-bounds read vulnerability in Samsung Notes allows attackers to read memory beyond intended boundaries when processing binary text content. T...

This vulnerability allows attackers to read and write arbitrary files with Samsung Gallery's privileges due to improper access control. It affects Sam...

This vulnerability allows remote attackers to bypass access controls in Samsung Gallery app, potentially accessing user data and performing unauthoriz...

This vulnerability in Samsung Flow allows local attackers to modify the application's configuration through improper intent verification in broadcast ...

This vulnerability in Samsung's sepunion service allows local privileged attackers to escalate privileges and access files with system-level permissio...

This vulnerability allows local attackers to write out-of-bounds memory in libsavsvc.so, potentially leading to memory corruption and privilege escala...

This vulnerability in Samsung's Bixby wakeup feature allows local attackers to bypass permission checks and access sensitive data. It affects Samsung ...

A path traversal vulnerability in Samsung Members app allows attackers to read and write arbitrary files with the app's privileges. This affects Samsu...

This vulnerability in Samsung's EnrichedCall feature allows local attackers to access sensitive information through improper use of implicit intents. ...

This vulnerability allows physical attackers to access developer settings on Galaxy Watch devices due to improper export of Android application compon...

This vulnerability allows local attackers to bypass access controls in Samsung's SmartManagerCN application, enabling them to launch arbitrary activit...

This vulnerability in Samsung's Wi-Fi P2P service allows local attackers to access sensitive information by exploiting implicit intents. It affects Sa...

This vulnerability in Mdecservice allows local attackers to bypass access controls and read arbitrary files with system-level privileges. It affects S...

This vulnerability in Samsung's ClipboardService allows local attackers to access image files across multiple user accounts on the same device. It req...

This vulnerability allows local privileged attackers to read out-of-bounds memory in Samsung's cdsp frame secfr trustlet during enrollment. It affects...

This vulnerability allows local attackers to pair with specific Bluetooth devices on Galaxy Watches without user interaction. It affects Galaxy Watch ...

This vulnerability in Galaxy Store allows local attackers to write arbitrary files with Galaxy Store's privileges due to improper intent verification ...

An improper access control vulnerability in SamsungContacts allows local attackers to bypass protection mechanisms and access sensitive contact data. ...

This vulnerability allows local attackers to read out-of-bounds memory in Samsung devices by exploiting an out-of-bounds read in the libsavsac.so libr...

This vulnerability allows local attackers to reset the OAID (Open Anonymous Device Identifier) on Samsung devices by exploiting improper intent verifi...

This vulnerability allows local privileged attackers to perform out-of-bounds writes in the secfr trustlet component, leading to memory corruption. It...

This vulnerability allows local attackers to access scancode data from specific input devices due to improper access control in InputManager. It affec...

This vulnerability allows local attackers with shell privileges to escalate to root privileges through improper access control in the HDCP trustlet co...

This vulnerability allows network-adjacent attackers to bypass authentication on Samsung SmartThings Hub devices by exploiting improper cryptographic ...

This vulnerability allows attackers to send malformed messages through the Wi-Fi driver to Samsung Exynos processors, causing out-of-bounds memory acc...

A boundary check vulnerability in Samsung's NRMM component for multiple Exynos processors allows denial of service attacks. Attackers can exploit this...

This vulnerability in Samsung Exynos processors allows attackers to execute arbitrary code by sending specially crafted Registration Accept messages. ...