cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-20907,https://securityvulnerability.io/vulnerability/CVE-2025-20907,Improper Privilege Management in Samsung Find Affects Samsung Products,"The vulnerability involves improper privilege management in the Samsung Find feature, allowing local attackers with privileged access to disable the service. This security flaw can lead to unauthorized manipulation of the Samsung Find functionality, potentially exposing devices to further exploitation. Users are advised to update to the latest version following the SMR Feb-2025 Release 1 to mitigate risks associated with this vulnerability.",Samsung,Samsung Devices,6,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:24:52.124Z,0
CVE-2025-20906,https://securityvulnerability.io/vulnerability/CVE-2025-20906,Improper Export Vulnerability in Samsung Android Application Components,"An improper export vulnerability in Samsung Android application components allows local attackers to exploit settings prior to the SMR February 2025 Release 1. This weakness enables the activation of Android Debug Bridge (ADB), potentially leading to unauthorized access and execution of malicious actions on vulnerable devices. Users should ensure they update their systems to the latest security release to mitigate risks associated with this vulnerability.",Samsung,Samsung Devices,5.5,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:24:51.026Z,0
CVE-2025-20905,https://securityvulnerability.io/vulnerability/CVE-2025-20905,Out-of-Bounds Memory Vulnerability in mPOS TUI Trustlet by Samsung,"A security flaw exists in the mPOS TUI Trustlet prior to the SMR Feb-2025 Release 1, which allows local attackers with elevated privileges to perform out-of-bounds read and write operations. This may lead to unauthorized access to sensitive information or manipulation of memory, posing a significant risk to the integrity of the system.",Samsung,Samsung Devices,6.3,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:24:49.911Z,0
CVE-2025-20904,https://securityvulnerability.io/vulnerability/CVE-2025-20904,Out-of-Bounds Write Vulnerability in mPOS TUI Trustlet by Samsung,"The mPOS TUI trustlet has a vulnerability that allows local privileged attackers to exploit an out-of-bounds write condition, potentially leading to memory corruption. This issue affects devices running the mPOS TUI trustlet versions prior to the SMR Feb-2025 Release 1. Attackers may leverage this vulnerability to manipulate memory space, which could compromise system integrity. It is essential for users to update their systems to mitigate these risks.",Samsung,Samsung Devices,6.3,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:24:48.757Z,0
CVE-2025-20902,https://securityvulnerability.io/vulnerability/CVE-2025-20902,Improper Access Control in Samsung Media Controller Affects Local Privilege Escalation,"An improper access control vulnerability exists in the Samsung Media Controller, which can be exploited by a local attacker to gain elevated privileges. This security issue allows unauthorized activities to be launched within the Media Controller's privileged environment, making it essential for users to update to version 1.0.24.5282 or later to mitigate potential security risks.",Samsung,Media Controller,5.1,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:50.572Z,0
CVE-2025-20901,https://securityvulnerability.io/vulnerability/CVE-2025-20901,Out-of-Bounds Read Vulnerability in Blockchain Keystore by Samsung,"An out-of-bounds read vulnerability has been identified in the Blockchain Keystore prior to version 1.3.16.5, enabling local privileged attackers to access memory locations outside the intended buffer. This can lead to unauthorized information disclosure and potential exploitation of system resources. Users are urged to update to the latest version to mitigate this risk.",Samsung,Blockchain Keystore,4.4,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:49.444Z,0
CVE-2025-20900,https://securityvulnerability.io/vulnerability/CVE-2025-20900,Out-of-bounds Write Vulnerability in Blockchain Keystore by Samsung,"An out-of-bounds write vulnerability in Samsung's Blockchain Keystore versions prior to 1.3.16.5 allows local privileged attackers to manipulate memory beyond designated boundaries, potentially leading to unauthorized data access or system instability.",Samsung,Blockchain Keystore,6.3,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:48.350Z,0
CVE-2025-20899,https://securityvulnerability.io/vulnerability/CVE-2025-20899,Improper Access Control in PushNotification on Android Devices by Samsung,"The vulnerability in Samsung's PushNotification allows local attackers to exploit improper access controls, potentially gaining unapproved access to sensitive information. This issue exists in versions prior to 13.0.00.15 on Android 12, 14.0.00.7 on Android 13, and 15.1.00.5 on Android 14, which could lead to serious privacy breaches on affected devices.",Samsung,Pushnotification,4,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:47.244Z,0
CVE-2025-20898,https://securityvulnerability.io/vulnerability/CVE-2025-20898,Improper Input Validation in Samsung Members Affects User Data Privacy,"A vulnerability in Samsung Members prior to version 5.2.00.12 allows physical attackers to exploit improper input validation, granting them unauthorized access to sensitive data across multiple user profiles. This flaw raises significant privacy concerns, emphasizing the need for updated software to protect user information from potential threats.",Samsung,Samsung Members,4.6,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:46.159Z,0
CVE-2025-20897,https://securityvulnerability.io/vulnerability/CVE-2025-20897,Improper Access Control in Samsung Secure Folder on Android Devices,"An improper access control vulnerability exists in Samsung's Secure Folder across multiple Android versions. This flaw allows local attackers to gain unauthorized access to sensitive data stored within the Secure Folder, compromising user privacy and data integrity. The issue is present in versions released before specific updates for Android 12, 13, and 14, making it crucial for users to ensure they are using the latest version to mitigate potential risks.",Samsung,Secure Folder,6.8,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:45.024Z,0
CVE-2025-20896,https://securityvulnerability.io/vulnerability/CVE-2025-20896,Sensitive Information Disclosure in EasySetup by Samsung,"The vulnerability in EasySetup prior to version 11.1.18 arises from the use of implicit intents, which can be exploited by local attackers to gain unauthorized access to sensitive information. This can lead to potentially serious privacy and security risks, as attackers may retrieve data that should remain protected. It is essential for users of affected versions to apply the relevant updates to safeguard their sensitive information.",Samsung,Easysetup,4,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:43.898Z,0
CVE-2025-20895,https://securityvulnerability.io/vulnerability/CVE-2025-20895,Authentication Bypass Vulnerability in Galaxy Store by Samsung,"An authentication bypass vulnerability exists in the Galaxy Store prior to version 4.5.87.6, enabling physical attackers to exploit the Setupwizard. This flaw permits the installation of arbitrary applications, circumventing established restrictions and potentially leading to unauthorized access and installation of malicious software.",Samsung,Galaxy Store,3.2,LOW,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:42.808Z,0
CVE-2025-20894,https://securityvulnerability.io/vulnerability/CVE-2025-20894,Improper Access Control in Samsung Email by Samsung,"A vulnerability in Samsung Email prior to version 6.1.97.1 allows physical attackers to gain unauthorized access to sensitive information across multiple user profiles. This issue poses a significant risk to user data security, as it enables malicious individuals to exploit the existing access controls, leading to potential data breaches and privacy violations.",Samsung,Samsung Email,4.6,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:41.631Z,0
CVE-2025-20893,https://securityvulnerability.io/vulnerability/CVE-2025-20893,Improper Access Control in NotificationManager Affects Samsung Devices,"The NotificationManager in Samsung devices prior to the SMR January 2025 Release 1 is vulnerable to improper access control, potentially allowing local attackers to modify notification configurations. This vulnerability could lead to unauthorized changes, impacting the integrity of notifications and user awareness.",Samsung,Samsung Devices,5.1,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:40.532Z,0
CVE-2025-20892,https://securityvulnerability.io/vulnerability/CVE-2025-20892,Protection Mechanism Failure in Bootloader for Samsung Devices,"A vulnerability exists in the bootloader of Samsung devices released before the January 2025 Security Maintenance Release, allowing physical attackers to execute the fastboot command. This exploitation requires user interaction to trigger, posing a risk if an unauthorized individual gains access to the device.",Samsung,Samsung Devices,5.9,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:39.432Z,0
CVE-2025-20891,https://securityvulnerability.io/vulnerability/CVE-2025-20891,Out-of-Bounds Read Vulnerability in Samsung Video Processing Library,"An out-of-bounds read vulnerability exists in Samsung's libsthmbc.so library, specifically related to the processing of malformed video thumbnails. This flaw enables local attackers to potentially access arbitrary memory locations, which could lead to information disclosure. The exploit requires user interaction and affects versions prior to the SMR Jan-2025 Release 1.",Samsung,Samsung Devices,5.3,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:38.335Z,0
CVE-2025-20890,https://securityvulnerability.io/vulnerability/CVE-2025-20890,Out-of-Bounds Write Vulnerability in Samsung Mobile Software,"An out-of-bounds write vulnerability in the libsthmbc.so component prior to the SMR Jan-2025 Release 1 allows local attackers to exploit the system by executing arbitrary code. This flaw necessitates user interaction to trigger, posing a significant risk to systems using the affected version. Users are advised to update their software to mitigate potential exploitation.",Samsung,Samsung Devices,7,HIGH,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:37.251Z,0
CVE-2025-20889,https://securityvulnerability.io/vulnerability/CVE-2025-20889,Out-of-Bounds Read Vulnerability in libsthmbc.so Affecting Samsung Products,"This vulnerability allows local attackers to exploit an out-of-bounds read condition in the decoding of malformed bitstreams in the libsthmbc.so library. Triggering the problem requires user interaction, which can lead to unauthorized access to sensitive data stored in memory. This issue impacts various Samsung devices prior to the SMR Jan-2025 Release 1, potentially putting user information at risk.",Samsung,Samsung Devices,5.3,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:36.135Z,0
CVE-2025-20888,https://securityvulnerability.io/vulnerability/CVE-2025-20888,Out-of-Bounds Write Vulnerability in Samsung Mobile Software,"An out-of-bounds write vulnerability exists in the handling of the block size for the smp4vtd component within libsthmbc.so in Samsung Mobile Software. This flaw allows local attackers to exploit the vulnerability to execute arbitrary code with elevated privileges, contingent upon user interaction. The vulnerability must be addressed to maintain system integrity and prevent potential unauthorized actions.",Samsung,Samsung Devices,7,HIGH,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:35.006Z,0
CVE-2025-20887,https://securityvulnerability.io/vulnerability/CVE-2025-20887,Out-of-Bounds Read Vulnerability in libsthmbc.so Affects Samsung Products,"A vulnerability exists in libsthmbc.so that allows local attackers to exploit an out-of-bounds read condition. This occurs during the access of a specific table associated with svp8t, which may lead to unauthorized reading of arbitrary memory. User interaction is required to trigger this vulnerability, potentially compromising system integrity. It is crucial for users to apply the latest security updates to mitigate the risks associated with this issue.",Samsung,Samsung Devices,5.3,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:33.828Z,0
CVE-2025-20886,https://securityvulnerability.io/vulnerability/CVE-2025-20886,Sensitive Information Exposure in SoftSIM TA for Samsung Devices,"The SoftSIM Trusted Application (TA) released by Samsung prior to the January 2025 Security Maintenance Release (SMR) contains a vulnerability that allows local privileged attackers to access sensitive test keys. This situation arises from the inclusion of confidential information in test code, which could potentially compromise the integrity and security of affected devices. Users are advised to update their systems promptly to mitigate this risk.",Samsung,Samsung Devices,4.1,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:32.626Z,0
CVE-2025-20885,https://securityvulnerability.io/vulnerability/CVE-2025-20885,Out-of-Bounds Write Vulnerability in SoftSim TA by Samsung,"An out-of-bounds write vulnerability in the SoftSim Trusted Application (TA) pre-dating the SMR January 2025 Release 1 can be exploited by local privileged attackers. This weakness may lead to unintended memory corruption, potentially allowing malicious actors to manipulate application behavior or escalate privileges within the affected systems.",Samsung,Samsung Devices,6.4,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:31.385Z,0
CVE-2025-20884,https://securityvulnerability.io/vulnerability/CVE-2025-20884,Improper Access Control Vulnerability in Samsung Messaging Application,"An improper access control vulnerability exists in the Samsung Messaging application, affecting versions prior to the SMR Jan-2025 Release 1. This flaw enables physical attackers to gain unauthorized access to data across multiple user profiles, posing a significant security risk to user privacy and data integrity. Users are advised to update their messaging app to the latest version to mitigate this vulnerability.",Samsung,Samsung Devices,4.6,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:30.246Z,0
CVE-2025-20883,https://securityvulnerability.io/vulnerability/CVE-2025-20883,Improper Access Control in SoundPicker by Samsung,"The SoundPicker application from Samsung has a security flaw that enables physical attackers to improperly access sensitive data across multiple user profiles. This flaw exists in versions released before the SMR January 2025 Release 1, highlighting the importance of maintaining up-to-date software to mitigate potential risks associated with unauthorized data access.",Samsung,Samsung Devices,4.6,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:29.121Z,0
CVE-2025-20882,https://securityvulnerability.io/vulnerability/CVE-2025-20882,Out-of-bounds Write Vulnerability in Samsung Mobile's libsthmbc.so,"The vulnerability exists due to an out-of-bounds write condition that exposes uninitialized memory in libsthmbc.so prior to the SMR Jan-2025 Release 1. Local attackers can exploit this flaw to execute arbitrary code, but it requires user interaction to trigger the vulnerability. This can lead to significant security risks if exploited, highlighting the importance of keeping software up-to-date.",Samsung,Samsung Devices,7,HIGH,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:27.982Z,0