Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.0

    MEDIUM
    CVE-2021-25524

    Insecure storage of device information in Contacts prior to version 12.7.05.24 allows attacker to get Samsung Account ID.... Read more

    Affected Products : contacts
    • EPSS Score: %0.06
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2021-25523

    Insecure storage of device information in Samsung Dialer prior to version 12.7.05.24 allows attacker to get Samsung Account ID.... Read more

    Affected Products : dialer
    • EPSS Score: %0.06
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-25522

    Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02.10 allows attacker to access victim's captured images without permission.... Read more

    Affected Products : smart_capture
    • EPSS Score: %0.06
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2021-25521

    Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in Samsung Internet.... Read more

    Affected Products : internet
    • EPSS Score: %0.06
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-25520

    Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to execute script codes in Samsung Internet.... Read more

    Affected Products : internet
    • EPSS Score: %0.45
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2021-25519

    An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2021-25518

    An improper boundary check in secure_log of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-25517

    An improper input validation vulnerability in LDFW prior to SMR Dec-2021 Release 1 allows attackers to perform arbitrary code execution.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-25516

    An improper check or handling of exceptional conditions in Exynos baseband prior to SMR Dec-2021 Release 1 allows attackers to track locations.... Read more

    Affected Products : android dex
    • EPSS Score: %0.12
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 4.0

    MEDIUM
    CVE-2021-25515

    An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-25514

    An improper intent redirection handling in Tags prior to SMR Dec-2021 Release 1 allows attackers to access sensitive information.... Read more

    Affected Products : android dex
    • EPSS Score: %0.07
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 2.4

    LOW
    CVE-2021-25513

    An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-25512

    An improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-25511

    An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows attackers to write arbitrary files via a path traversal vulnerability.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-25510

    An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows local arbitrary code execution.... Read more

    Affected Products : android dex
    • EPSS Score: %0.02
    • Published: Dec. 08, 2021
    • Modified: Nov. 21, 2024

  • 7.1

    HIGH
    CVE-2021-25509

    A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the Windows known folders.... Read more

    Affected Products : samsung_flow flow
    • EPSS Score: %0.06
    • Published: Nov. 05, 2021
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2021-25508

    Improper privilege management vulnerability in API Key used in SmartThings prior to 1.7.73.22 allows an attacker to abuse the API key without limitation.... Read more

    Affected Products : smartthings
    • EPSS Score: %0.27
    • Published: Nov. 05, 2021
    • Modified: Nov. 21, 2024

  • 5.7

    MEDIUM
    CVE-2021-25507

    Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Samsung Flow PC application connected with user device to access part of notification data in Secure Folder without authorization.... Read more

    Affected Products : samsung_flow flow
    • EPSS Score: %0.08
    • Published: Nov. 05, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-25506

    Non-existent provider in Samsung Health prior to 6.19.1.0001 allows attacker to access it via malicious content provider or lead to denial of service.... Read more

    Affected Products : health
    • EPSS Score: %0.06
    • Published: Nov. 05, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-25505

    Improper authentication in Samsung Pass prior to 3.0.02.4 allows to use app without authentication when lockscreen is unlocked.... Read more

    Affected Products : samsung_pass pass
    • EPSS Score: %0.15
    • Published: Nov. 05, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 291312 Results