cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-20894,https://securityvulnerability.io/vulnerability/CVE-2025-20894,Improper Access Control in Samsung Email by Samsung,"A vulnerability in Samsung Email prior to version 6.1.97.1 allows physical attackers to gain unauthorized access to sensitive information across multiple user profiles. This issue poses a significant risk to user data security, as it enables malicious individuals to exploit the existing access controls, leading to potential data breaches and privacy violations.",Samsung,Samsung Email,4.6,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T07:19:41.631Z,0
CVE-2024-34636,https://securityvulnerability.io/vulnerability/CVE-2024-34636,Attackers can Steal Sensitive Information via Implicit Intent in Pre-6.1.94.2 Samsung Email,Use of implicit intent for sensitive communication in Samsung Email prior to version 6.1.94.2 allows local attackers to get sensitive information.,Samsung,Samsung Email,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-07T01:30:34.088Z,0
CVE-2024-20867,https://securityvulnerability.io/vulnerability/CVE-2024-20867,Samsung Email Privilege Management Vulnerability Allows Local Access to Sensitive Information,Improper privilege management vulnerability in Samsung Email prior to version 6.1.91.14 allows local attackers to access sensitive information.,Samsung,Samsung Email,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-05-07T04:28:55.132Z,0
CVE-2024-20807,https://securityvulnerability.io/vulnerability/CVE-2024-20807,Implicit Intent Hijacking Vulnerability in Samsung Email Products,"An implicit intent hijacking vulnerability exists in Samsung Email versions prior to 6.1.90.16, which allows local attackers to potentially access sensitive information without authorization. This flaw could be exploited by manipulating the implicit intents within the application, leading to unauthorized data exposure. Users of affected versions are advised to update to the latest release to mitigate the risks associated with this vulnerability.",Samsung,Samsung Email,3.3,LOW,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-01-04T01:15:00.000Z,0
CVE-2023-42553,https://securityvulnerability.io/vulnerability/CVE-2023-42553,Improper Authorization in Samsung Email Affects User Data Security,"A vulnerability exists in Samsung Email that allows unauthorized attackers to access sandbox data, compromising user information and privacy. This flaw, present in versions prior to 6.1.90.4, can lead to potential data breaches, posing a significant risk to users who rely on this email client for secure communication. It is crucial for users to update their applications to the latest version to mitigate this threat and protect their sensitive information.",Samsung,Samsung Email,5.3,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2023-11-07T08:15:00.000Z,0
CVE-2023-30729,https://securityvulnerability.io/vulnerability/CVE-2023-30729,Improper Certificate Validation in Samsung Email,"Vulnerability in Samsung Email prior to version 6.1.82.0 allows remote attackers to perform man-in-the-middle attacks by exploiting improper certificate validation. This flaw can result in the interception of network traffic, potentially exposing sensitive user information. Users are advised to update their software to the latest version to mitigate this risk.",Samsung,Samsung Email,8.1,HIGH,0.001129999989643693,false,,false,false,false,,,false,false,,2023-09-06T04:15:00.000Z,0
CVE-2022-36864,https://securityvulnerability.io/vulnerability/CVE-2022-36864,Improper Access Control in Samsung Email App,"The Samsung Email application version prior to 6.1.70.20 suffers from an improper access control issue. This vulnerability allows attackers to gain unauthorized access to specific formatted files and perform actions with elevated privileges, potentially compromising user security and data integrity. Users are advised to update their application to mitigate the risk of exploitation.",Samsung,Samsung Email,4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-09-09T14:40:05.000Z,0
CVE-2022-36837,https://securityvulnerability.io/vulnerability/CVE-2022-36837,Intent Redirection Vulnerability in Samsung Email App by Samsung,"An intent redirection vulnerability exists in the Samsung Email application prior to version 6.1.70.20. This flaw allows attackers to exploit implicit intents to redirect users, potentially accessing sensitive information without proper authorization. Users are advised to update their applications to the latest version to mitigate any risks associated with this vulnerability. For further information, visit the official Samsung Mobile security portal.",Samsung,Samsung Email,6.2,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-08-05T15:15:52.000Z,0
CVE-2022-22287,https://securityvulnerability.io/vulnerability/CVE-2022-22287,Arbitrary File Access Vulnerability in Samsung Email Software,"An arbitrary file access vulnerability exists in Samsung Email versions prior to 6.1.60.16. This flaw enables attackers to gain unauthorized access to isolated data within the application’s sandbox, potentially compromising sensitive user information. Ensuring your software is up-to-date is critical to mitigate risks associated with this vulnerability.",Samsung,Samsung Email,3.9,LOW,0.0006600000197067857,false,,false,false,false,,,false,false,,2022-01-10T14:12:00.000Z,0
CVE-2021-25376,https://securityvulnerability.io/vulnerability/CVE-2021-25376,,An improper synchronization logic in Samsung Email prior to version 6.1.41.0 can leak messages in certain mailbox in plain text when STARTTLS negotiation is failed.,Samsung,Samsung Email,3.1,LOW,0.0006900000153109431,false,,false,false,false,,,false,false,,2021-04-09T17:39:06.000Z,0
CVE-2021-25375,https://securityvulnerability.io/vulnerability/CVE-2021-25375,,Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote attackers to get attachments of another emails when users open the malicious attachment.,Samsung,Samsung Email,6.5,MEDIUM,0.0020000000949949026,false,,false,false,false,,,false,false,,2021-04-09T17:38:48.000Z,0
CVE-2018-10497,https://securityvulnerability.io/vulnerability/CVE-2018-10497,,"This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of EML files. The issue results from the lack of proper validation of user-supplied data, which can allow arbitrary JavaScript to execute. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the application. Was ZDI-CAN-5328.",Samsung,Samsung Email,7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2018-09-24T23:29:00.000Z,0
CVE-2018-10498,https://securityvulnerability.io/vulnerability/CVE-2018-10498,,"This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of file:/// URIs. The issue lies in the lack of proper validation of user-supplied data, which can allow for reading arbitrary files. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges. Was ZDI-CAN-5329.",Samsung,Samsung Email,5.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2018-09-24T23:29:00.000Z,0