Latest CVE Feed
-
7.1
HIGHCVE-2025-21067
Out-of-bounds read in the allocation of image buffer in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.... Read more
Affected Products : notes- Published: Oct. 10, 2025
- Modified: Oct. 16, 2025
- Vuln Type: Memory Corruption
-
7.1
HIGHCVE-2025-21066
Out-of-bounds read in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.... Read more
Affected Products : notes- Published: Oct. 10, 2025
- Modified: Oct. 16, 2025
- Vuln Type: Memory Corruption
-
6.6
MEDIUMCVE-2025-21065
Improper input validation in Retail Mode prior to version 5.59.11 allows self attackers to execute privileged commands on their own devices.... Read more
Affected Products :- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Authorization
-
8.8
HIGHCVE-2025-21064
Improper authentication in Smart Switch prior to version 3.7.66.6 allows adjacent attackers to access transferring data.... Read more
Affected Products :- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Authentication
-
4.6
MEDIUMCVE-2025-21063
Improper access control in Samsung Voice Recorder prior to version 21.5.73.12 in Android 15 and 21.5.81.40 in Android 16 allows physical attackers to access recording files on the lock screen.... Read more
Affected Products : voice_recorder- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Authorization
-
7.8
HIGHCVE-2025-21062
Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.67.2 allows local attackers to replace the restoring application. User interaction is required for triggering this vulnerability.... Read more
Affected Products :- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Cryptography
-
7.1
HIGHCVE-2025-21061
Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access sensitive data. User interaction is required for triggering this vulnerability.... Read more
Affected Products :- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Information Disclosure
-
5.5
MEDIUMCVE-2025-21060
Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access backup data from applications. User interaction is required for triggering this vulnerability.... Read more
Affected Products :- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Information Disclosure
-
6.2
MEDIUMCVE-2025-21059
Improper authorization in Samsung Health prior to version 6.30.5.105 allows local attackers to access data in Samsung Health.... Read more
Affected Products : health- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Authorization
-
7.3
HIGHCVE-2025-21058
Improper access control in Routines prior to version 4.8.7.1 in Android 15 and 4.9.6.0 in Android 16 allows local attackers to potentially execute arbitrary code with SystemUI privilege.... Read more
Affected Products :- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Authorization
-
4.0
MEDIUMCVE-2025-21057
Use of implicit intent for sensitive communication in Samsung Notes prior to version 4.4.30.63 allows local attackers to access shared notes.... Read more
Affected Products : notes- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Authorization
-
4.3
MEDIUMCVE-2025-21055
Out-of-bounds read and write in libimagecodec.quram.so prior to SMR Oct-2025 Release 1 allows remote attackers to access out-of-bounds memory.... Read more
Affected Products :- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Memory Corruption
-
4.0
MEDIUMCVE-2025-21054
Out-of-bounds read in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to potentially access out-of-bounds memory.... Read more
Affected Products :- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Memory Corruption
-
4.0
MEDIUMCVE-2025-21053
Out-of-bounds write in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption.... Read more
Affected Products :- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Memory Corruption
-
4.0
MEDIUMCVE-2025-21052
Out-of-bounds write under specific condition in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption.... Read more
Affected Products :- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Memory Corruption
-
4.0
MEDIUMCVE-2025-21051
Out-of-bounds write in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to write out-of-bounds memory.... Read more
Affected Products :- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Memory Corruption
-
7.1
HIGHCVE-2025-21050
Improper input validiation in Contacts prior to SMR Oct-2025 Release 1 allows local attackers to access data across multiple user profiles.... Read more
Affected Products :- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Authorization
-
5.5
MEDIUMCVE-2025-21049
Improper access control in SecSettings prior to SMR Oct-2025 Release 1 allows local attackers to access sensitive information. User interaction is required for triggering this vulnerability.... Read more
Affected Products :- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Authorization
-
6.7
MEDIUMCVE-2025-21048
Relative path traversal in Knox Enterprise prior to SMR Oct-2025 Release 1 allows local attackers to execute arbitrary code.... Read more
Affected Products :- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Path Traversal
-
5.2
MEDIUMCVE-2025-21047
Improper access control in KnoxGuard prior to SMR Oct-2025 Release 1 allows physical attackers to use the privileged APIs.... Read more
Affected Products :- Published: Oct. 10, 2025
- Modified: Oct. 14, 2025
- Vuln Type: Authorization