Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Samsung Subscribe
Total 656 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-21424 1 Samsung 1 Android 2023-02-21 N/A 3.3 LOW
Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper prior to SMR Jan-2023 Release 1 allows attacker to modify network related values, network code, carrier id and operator brand.
CVE-2023-21423 1 Samsung 1 Android 2023-02-21 N/A 5.5 MEDIUM
Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action.
CVE-2023-21422 1 Samsung 1 Android 2023-02-21 N/A 5.5 MEDIUM
Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService.
CVE-2023-21421 1 Samsung 1 Android 2023-02-21 N/A 7.8 HIGH
Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN.
CVE-2023-21442 1 Samsung 1 Android 2023-02-21 N/A 5.5 MEDIUM
Improper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R(11) and 3.2.01.007 in Android S(12) allows local attackers to get device location information.
CVE-2023-21432 1 Samsung 1 Smart Things 2023-02-21 N/A 7.8 HIGH
Improper access control vulnerabilities in Smart Things prior to 1.7.93 allows to attacker to invite others without authorization of the owner.
CVE-2023-21445 1 Samsung 1 Android 2023-02-17 N/A 7.8 HIGH
Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13) allows local attacker to write file with MyFiles privilege via implicit intent.
CVE-2023-21446 1 Samsung 1 Android 2023-02-17 N/A 5.5 MEDIUM
Improper input validation in MyFiles prior to version 12.2.09 in Android R(11), 13.1.03.501 in Android S( 12) and 14.1.00.422 in Android T(13) allows local attacker to access data of MyFiles.
CVE-2023-21420 1 Samsung 1 Android 2023-02-17 N/A 7.8 HIGH
Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution.
CVE-2023-21451 1 Samsung 1 Android 2023-02-17 N/A 7.8 HIGH
A Stack-based overflow vulnerability in IpcRxEmbmsSessionList in SECRIL prior to Android S(12) allows attacker to cause memory corruptions.
CVE-2023-21450 1 Samsung 1 One Hand Operation \+ 2023-02-17 N/A 2.1 LOW
Missing Authorization vulnerability in One Hand Operation + prior to version 6.1.21 allows multi-users to access owner's widget without authorization via gesture setting.
CVE-2023-21448 1 Samsung 1 Cloud 2023-02-17 N/A 3.3 LOW
Path traversal vulnerability in Samsung Cloud prior to version 5.3.0.32 allows attacker to access specific png file.
CVE-2023-21447 1 Samsung 1 Cloud 2023-02-17 N/A 3.3 LOW
Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information with Samsung Cloud's privilege via implicit intent.
CVE-2023-21444 1 Samsung 1 Flow 2023-02-17 N/A 8.8 HIGH
Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers to decrypt encrypted messages or inject commands.
CVE-2023-21443 1 Samsung 1 Flow 2023-02-17 N/A 8.8 HIGH
Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands.
CVE-2023-21433 1 Samsung 1 Galaxy Store 2023-02-17 N/A 7.8 HIGH
Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store.
CVE-2023-21431 1 Samsung 1 Bixby Vision 2023-02-17 N/A 3.3 LOW
Improper input validation in Bixby Vision prior to version 3.7.70.17 allows attacker to access data of Bixby Vision.
CVE-2023-21434 1 Samsung 1 Galaxy Store 2023-02-17 N/A 6.1 MEDIUM
Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page.
CVE-2018-3912 1 Samsung 2 Sth-eth-250, Sth-eth-250 Firmware 2023-02-16 6.9 MEDIUM 7.8 HIGH
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from the "shard" table of its SQLite database, leading to a buffer overflow on the stack. The strcpy call overflows the destination buffer, which has a size of 128 bytes. An attacker can send an arbitrarily long "secretKey" value in order to exploit this vulnerability.
CVE-2018-21054 5 Google, Mediatek, Qualcomm and 2 more 14 Android, M6737t, Msm8909 and 11 more 2023-02-11 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a resultant buffer overflow in eCryptFS. The Samsung ID is SVE-2017-11857 (September 2018).