Vulnerabilities in Samsung Mobile
1,316 resultsCVE-2023-42532MEDIUMImproper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote attacker to intercept the network traffic includinEPSS 0.4%CVE-2023-42533MEDIUMImproper Input Validation with USB Gadget Interface prior to SMR Nov-2023 Release 1 allows a physical attacker to execute arbitrary code in EPSS 0.4%CVE-2022-30739MEDIUMImproper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get an user email or phone number withEPSS 0.4%CVE-2022-28541MEDIUMUncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows attackers to execute arbitrary code as SamEPSS 0.4%CVE-2023-30727MEDIUMImproper access control vulnerability in SecSettings prior to SMR Oct-2023 Release 1 allows attackers to enable Wi-Fi and connect arbitrary EPSS 0.4%CVE-2022-27574MEDIUMImproper input validation vulnerability in parser_iloc and sheifd_find_itemIndexin fuctions of libsimba library prior to SMR Apr-2022 ReleasEPSS 0.4%CVE-2024-20816HIGHImproper authentication vulnerability in onCharacteristicWriteRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackEPSS 0.4%CVE-2021-25440—Improper access control vulnerability in FactoryCameraFB prior to version 3.4.74 allows untrusted applications to access arbitrary files witEPSS 0.4%CVE-2022-36859MEDIUMImproper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows privileged attackers to trigger a XSS on a victimEPSS 0.4%CVE-2023-30723MEDIUMImproper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows attackers to write arbitrary file with Samsung EPSS 0.4%CVE-2023-42561HIGHHeap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical attacker to execute arbitrary code.EPSS 0.4%CVE-2025-21079HIGHImproper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to connect arbitrary URL and launch arbitraryEPSS 0.4%CVE-2025-58488MEDIUMImproper verification of source of a communication channel in SmartTouchCall prior to version 1.0.1.1 allows remote attackers to access sensEPSS 0.4%CVE-2023-21479MEDIUMImproper authorization in Smart suggestions prior to SMR Apr-2023 Release 1 in Android 13 and 4.1.01.0 in Android 12 allows remote attackersEPSS 0.3%CVE-2024-20829MEDIUMMissing proper interaction for opening deeplink in Samsung Internet prior to version v24.0.0.0 allows remote attackers to open an applicatioEPSS 0.3%CVE-2024-49421MEDIUMPath traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adEPSS 0.3%CVE-2022-39871MEDIUMImproper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensEPSS 0.3%CVE-2022-39870MEDIUMImproper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensEPSS 0.3%CVE-2022-39867MEDIUMImproper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensEPSS 0.3%CVE-2022-39866MEDIUMImproper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitiEPSS 0.3%