Samsung Security Vulnerabilities (CVEs)

This vulnerability allows local attackers to bypass access controls in Samsung's SystemUI component, enabling them to launch privileged activities wit...

This vulnerability allows local attackers to write arbitrary files to Samsung Health's sandbox through improper input validation. It requires user int...

This vulnerability in Samsung Flow allows local attackers to copy image files to external storage without proper authorization. It affects Samsung Flo...

This vulnerability allows remote attackers to cause temporary denial of service through improper input validation when parsing RTCP Receiver Report pa...

This vulnerability allows remote attackers to cause temporary denial of service through improper input validation when parsing RTCP SDES packet data i...

This vulnerability allows remote attackers to execute arbitrary code with system privileges on affected Samsung devices by sending specially crafted R...

This vulnerability allows local attackers to bypass access controls in Samsung's SystemUI component, enabling them to launch privileged activities wit...

This vulnerability allows remote attackers to execute arbitrary code with system privileges by sending specially crafted RTCP packets to affected Sams...

This vulnerability in Samsung's IMS service allows local attackers to access sensitive information through improper use of implicit intents in FCM fun...

This vulnerability in Samsung's IMS service allows local attackers to access sensitive information through improper use of implicit intents in RCS fun...

This vulnerability in libsaped allows local attackers to write out-of-bounds memory due to improper input validation when copying data to buffer cache...

This vulnerability allows local attackers to bypass access controls in Samsung's SystemUI component, enabling them to launch privileged activities wit...

This vulnerability allows local attackers to trigger memory corruption through improper input validation in Samsung's libmediaextractorservice.so libr...

This vulnerability allows local attackers to bypass access restrictions in Samsung's Dar service, enabling unauthorized calls to SDP features. It affe...

This vulnerability in Samsung's OneUIHome launcher allows local attackers to launch privileged activities without proper authorization. User interacti...

This vulnerability in Samsung devices' Bluetooth Low Energy (BLE) stack allows nearby attackers to send malformed BLE packets that trigger abnormal be...

This vulnerability in Samsung Exynos processors allows attackers to write data beyond allocated memory boundaries due to insufficient buffer length ch...

This vulnerability in Samsung Exynos processors allows attackers to execute arbitrary code by exploiting improper validation of native handles. It aff...

A Use-After-Free vulnerability in Samsung Exynos mobile and wearable processors allows attackers to potentially execute arbitrary code or cause system...

A heap over-read vulnerability exists in Samsung Exynos mobile processors due to missing input validation in the slsi_send_action_frame_cert() functio...

This vulnerability in Samsung Exynos mobile processors allows attackers to read heap memory beyond allocated boundaries through a missing input valida...

This vulnerability in Samsung Exynos mobile processors allows attackers to read heap memory beyond allocated boundaries due to missing input validatio...

This vulnerability in Samsung Exynos mobile processors allows attackers to perform heap overwrite attacks by exploiting insufficient input validation ...

This vulnerability in Samsung Exynos mobile processors allows attackers to perform heap overwrite attacks by exploiting missing input validation in th...

This vulnerability in Samsung Exynos mobile processors allows attackers to overwrite heap memory by sending unvalidated input to the slsi_nan_config_g...

This vulnerability in Samsung Exynos mobile processors allows attackers to perform heap overwrite attacks by exploiting lack of input validation in th...

A vulnerability in Samsung Exynos baseband software allows improper format type checking in RRC (Radio Resource Control) messages, potentially leading...

This vulnerability in Samsung Exynos baseband software allows improper state checking in RRC (Radio Resource Control) protocols, potentially leading t...

A vulnerability in Samsung Exynos baseband software allows improper state checking of RRC Reconfiguration messages, potentially leading to sensitive i...

This vulnerability in GalaxyBudsManager PC software allows attackers to create arbitrary directories on the system. It affects users running GalaxyBud...

This vulnerability allows local attackers to misuse a privileged API in Samsung's BatteryStatsService. It affects Samsung devices running Android vers...

This vulnerability in Samsung Dialer allows local attackers to bypass permission checks and make phone calls without proper authorization. It affects ...

This vulnerability allows local attackers to write out-of-bounds memory in libsavscmn.so due to improper input validation. It affects Samsung mobile d...

This vulnerability allows local privileged attackers to execute arbitrary code on affected Samsung devices due to improper input validation in the chn...

This vulnerability in Samsung's libsheifdecadapter.so library allows local attackers to trigger memory corruption through improper input validation. I...

This vulnerability allows local attackers to execute arbitrary code on affected Samsung devices by exploiting a heap out-of-bounds write in the libsav...

This vulnerability allows local attackers to bypass access controls in Samsung's SmartManagerCN application, enabling them to perform privileged activ...

This vulnerability allows local attackers with existing user privileges to escalate to administrator privileges through arbitrary code execution durin...

This vulnerability in Samsung Notes allows local attackers to delete files with Samsung Notes application privileges under certain conditions. It affe...

This vulnerability in Galaxy Store allows local attackers to write arbitrary files with Galaxy Store's privileges due to improper intent verification ...

This vulnerability allows local attackers with insufficient privileges to modify TalkbackSE settings on Samsung Android devices. It affects Samsung de...

This vulnerability is an out-of-bounds write in SveService on Samsung devices that allows local privileged attackers to execute arbitrary code. It aff...

This vulnerability allows local attackers to monitor system resources through improper access control in DarManagerService on Samsung devices. It affe...

This CVE describes an authentication bypass vulnerability in Samsung's Setupwizard that allows physical attackers to skip the device activation step d...

This vulnerability allows physical attackers to bypass authentication and access Samsung Secure Folder in specific scenarios. It affects Samsung devic...

This vulnerability allows local attackers to bypass access controls in Samsung's CocktailBarService, enabling unauthorized access to information about...

This vulnerability in Samsung's TelephonyUI component allows local attackers to reboot Android devices without proper permissions. It affects Samsung ...

This CVE describes an out-of-bounds write vulnerability in the chunk parsing implementation of libsdffextractor library on Samsung devices. It allows ...

This is an out-of-bounds write vulnerability in Samsung's libsavsac.so library that allows a local attacker to execute arbitrary code with elevated pr...

This vulnerability is an out-of-bounds write in the padmd_vld_htbl function of libpadm.so on Samsung devices, allowing a local attacker to execute arb...