Vulnerabilites related to Samsung Mobile - Samsung notes
CVE-2025-21036 (GCVE-0-2025-21036)
Vulnerability from cvelistv5
Published
2025-09-03 06:05
Modified
2025-09-03 16:00
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Improper access control in Samsung Notes prior to version 4.4.30.63 allows local privileged attackers to access exported note files. User interaction is required for triggering this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-21036",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-03T15:54:34.192379Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T16:00:28.873Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.30.63"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in Samsung Notes prior to version 4.4.30.63 allows local privileged attackers to access exported note files. User interaction is required for triggering this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-927: Use of Implicit Intent for Sensitive Communication",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T06:05:41.363Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-21036",
"datePublished": "2025-09-03T06:05:41.363Z",
"dateReserved": "2024-11-06T02:30:14.886Z",
"dateUpdated": "2025-09-03T16:00:28.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20914 (GCVE-0-2025-20914)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 14:46
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying binary of hand writing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20914",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T14:46:16.394044Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T14:46:37.931Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying binary of hand writing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:16.935Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20914",
"datePublished": "2025-03-06T05:04:16.935Z",
"dateReserved": "2024-11-06T02:30:14.846Z",
"dateUpdated": "2025-03-06T14:46:37.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34658 (GCVE-0-2024-34658)
Vulnerability from cvelistv5
Published
2024-09-04 05:32
Modified
2024-09-04 12:49
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in Samsung Notes allows local attackers to bypass ASLR.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:samsung:notes:4.4.21.62:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "notes",
"vendor": "samsung",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34658",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T12:48:50.334813Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T12:49:18.969Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in Samsung Notes allows local attackers to bypass ASLR."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T05:32:44.085Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34658",
"datePublished": "2024-09-04T05:32:44.085Z",
"dateReserved": "2024-05-07T04:43:27.845Z",
"dateUpdated": "2024-09-04T12:49:18.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34631 (GCVE-0-2024-34631)
Vulnerability from cvelistv5
Published
2024-08-07 01:30
Modified
2024-08-07 13:25
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying new binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34631",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T13:25:19.640596Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T13:25:32.006Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying new binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T01:30:28.070Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=08"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34631",
"datePublished": "2024-08-07T01:30:28.070Z",
"dateReserved": "2024-05-07T04:43:27.837Z",
"dateUpdated": "2024-08-07T13:25:32.006Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34621 (GCVE-0-2024-34621)
Vulnerability from cvelistv5
Published
2024-08-07 01:30
Modified
2024-08-08 15:44
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying binary with data in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34621",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T15:28:47.383160Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T15:44:48.504Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying binary with data in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T01:30:15.341Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=08"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34621",
"datePublished": "2024-08-07T01:30:15.341Z",
"dateReserved": "2024-05-07T04:43:27.835Z",
"dateUpdated": "2024-08-08T15:44:48.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20917 (GCVE-0-2025-20917)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 15:04
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying binary of pdf content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20917",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:04:27.383618Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T15:04:46.444Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying binary of pdf content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:20.348Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20917",
"datePublished": "2025-03-06T05:04:20.348Z",
"dateReserved": "2024-11-06T02:30:14.846Z",
"dateUpdated": "2025-03-06T15:04:46.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25405 (GCVE-0-2021-25405)
Vulnerability from cvelistv5
Published
2021-06-11 14:45
Modified
2024-08-03 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=5 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
Version: unspecified < 4.2.04.27 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:03:05.573Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Samsung Notes ",
"vendor": "Samsung Mobile",
"versions": [
{
"lessThan": "4.2.04.27",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files."
}
],
"metrics": [
{
"other": {
"content": {
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-11T14:45:23",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "mobile.security@samsung.com",
"ID": "CVE-2021-25405",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Samsung Notes ",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "4.2.04.27"
}
]
}
}
]
},
"vendor_name": "Samsung Mobile"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files."
}
]
},
"impact": {
"cvss": {
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=5",
"refsource": "MISC",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=5"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2021-25405",
"datePublished": "2021-06-11T14:45:23",
"dateReserved": "2021-01-19T00:00:00",
"dateUpdated": "2024-08-03T20:03:05.573Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20913 (GCVE-0-2025-20913)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 15:02
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying binary of drawing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20913",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:02:25.253620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T15:02:38.785Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying binary of drawing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:15.822Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20913",
"datePublished": "2025-03-06T05:04:15.822Z",
"dateReserved": "2024-11-06T02:30:14.845Z",
"dateUpdated": "2025-03-06T15:02:38.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20929 (GCVE-0-2025-20929)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-07 04:55
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20929",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-07T04:55:41.412Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:37.663Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20929",
"datePublished": "2025-03-06T05:04:37.663Z",
"dateReserved": "2024-11-06T02:30:14.854Z",
"dateUpdated": "2025-03-07T04:55:41.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20932 (GCVE-0-2025-20932)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 14:51
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to혻read out-of-bounds memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20932",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T14:51:30.519398Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T14:51:38.702Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to\ud63bread out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:41.077Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20932",
"datePublished": "2025-03-06T05:04:41.077Z",
"dateReserved": "2024-11-06T02:30:14.855Z",
"dateUpdated": "2025-03-06T14:51:38.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34628 (GCVE-0-2024-34628)
Vulnerability from cvelistv5
Published
2024-08-07 01:30
Modified
2024-08-08 15:43
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying binary with path in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34628",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-08T15:28:36.284320Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-08T15:43:39.088Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying binary with path in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T01:30:24.472Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=08"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34628",
"datePublished": "2024-08-07T01:30:24.472Z",
"dateReserved": "2024-05-07T04:43:27.836Z",
"dateUpdated": "2024-08-08T15:43:39.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25493 (GCVE-0-2021-25493)
Vulnerability from cvelistv5
Published
2021-10-06 17:11
Modified
2024-08-03 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=10 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
Version: - < 4.3.02.61 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:03:05.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"lessThan": "4.3.02.61",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T17:11:03",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "mobile.security@samsung.com",
"ID": "CVE-2021-25493",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Samsung Notes",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "-",
"version_value": "4.3.02.61"
}
]
}
}
]
},
"vendor_name": "Samsung Mobile"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10",
"refsource": "MISC",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2021-25493",
"datePublished": "2021-10-06T17:11:03",
"dateReserved": "2021-01-19T00:00:00",
"dateUpdated": "2024-08-03T20:03:05.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36831 (GCVE-0-2022-36831)
Vulnerability from cvelistv5
Published
2022-08-05 15:14
Modified
2024-08-03 10:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=08 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung notes |
Version: unspecified < 4.3.14.39 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:14:28.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=08"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Samsung notes",
"vendor": "Samsung Mobile",
"versions": [
{
"lessThan": "4.3.14.39",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0026#39;Path Traversal\u0026#39;)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-16T16:50:23",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=08"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "mobile.security@samsung.com",
"ID": "CVE-2022-36831",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Samsung notes",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "",
"version_value": "4.3.14.39"
}
]
}
}
]
},
"vendor_name": "Samsung Mobile"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0026#39;Path Traversal\u0026#39;)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=08",
"refsource": "MISC",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=08"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2022-36831",
"datePublished": "2022-08-05T15:14:38",
"dateReserved": "2022-07-27T00:00:00",
"dateUpdated": "2024-08-03T10:14:28.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25496 (GCVE-0-2021-25496)
Vulnerability from cvelistv5
Published
2021-10-06 17:11
Modified
2024-08-03 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input
Summary
A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=10 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
Version: - < 4.3.02.61 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:03:05.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"lessThan": "4.3.02.61",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T17:11:26",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "mobile.security@samsung.com",
"ID": "CVE-2021-25496",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Samsung Notes",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "-",
"version_value": "4.3.02.61"
}
]
}
}
]
},
"vendor_name": "Samsung Mobile"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10",
"refsource": "MISC",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2021-25496",
"datePublished": "2021-10-06T17:11:26",
"dateReserved": "2021-01-19T00:00:00",
"dateUpdated": "2024-08-03T20:03:05.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20925 (GCVE-0-2025-20925)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 15:48
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying binary of text data in Samsung Notes prior to version 4.4.26.71 allows local attackers to potentially read memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20925",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:48:02.378415Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T15:48:10.870Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying binary of text data in Samsung Notes prior to version 4.4.26.71 allows local attackers to potentially read memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:33.122Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20925",
"datePublished": "2025-03-06T05:04:33.122Z",
"dateReserved": "2024-11-06T02:30:14.852Z",
"dateUpdated": "2025-03-06T15:48:10.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34622 (GCVE-0-2024-34622)
Vulnerability from cvelistv5
Published
2024-08-07 01:30
Modified
2024-08-07 13:18
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds write in appending paragraph in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:samsung:notes:*:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "notes",
"vendor": "samsung",
"versions": [
{
"lessThan": "4.4.21.62",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34622",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T13:11:35.906309Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T13:18:24.709Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write in appending paragraph in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-787: Out-of-bounds Write",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T01:30:17.202Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=08"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34622",
"datePublished": "2024-08-07T01:30:17.202Z",
"dateReserved": "2024-05-07T04:43:27.835Z",
"dateUpdated": "2024-08-07T13:18:24.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25402 (GCVE-0-2021-25402)
Vulnerability from cvelistv5
Published
2021-06-11 14:45
Modified
2024-08-03 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-922 - Insecure Storage of Sensitive Information
Summary
Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=5 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
Version: unspecified < 4.2.04.27 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:03:05.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"lessThan": "4.2.04.27",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information."
}
],
"metrics": [
{
"other": {
"content": {
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-922",
"description": "CWE-922: Insecure Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-11T14:45:23",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "mobile.security@samsung.com",
"ID": "CVE-2021-25402",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Samsung Notes",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "4.2.04.27"
}
]
}
}
]
},
"vendor_name": "Samsung Mobile"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information."
}
]
},
"impact": {
"cvss": {
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-922: Insecure Storage of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=5",
"refsource": "MISC",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=5"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2021-25402",
"datePublished": "2021-06-11T14:45:23",
"dateReserved": "2021-01-19T00:00:00",
"dateUpdated": "2024-08-03T20:03:05.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25355 (GCVE-0-2021-25355)
Vulnerability from cvelistv5
Published
2021-03-25 16:13
Modified
2024-08-03 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-285 - Improper Authorization
Summary
Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.samsungmobile.com/ | x_refsource_MISC | |
| https://security.samsungmobile.com/serviceWeb.smsb | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
Version: unspecified < 4.2.00.22 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:03:05.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.samsungmobile.com/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"lessThan": "4.2.00.22",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285 Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-25T16:13:55",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.samsungmobile.com/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "mobile.security@samsung.com",
"ID": "CVE-2021-25355",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Samsung Notes",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "4.2.00.22"
}
]
}
}
]
},
"vendor_name": "Samsung Mobile"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285 Improper Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.samsungmobile.com/",
"refsource": "MISC",
"url": "https://security.samsungmobile.com/"
},
{
"name": "https://security.samsungmobile.com/serviceWeb.smsb",
"refsource": "CONFIRM",
"url": "https://security.samsungmobile.com/serviceWeb.smsb"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2021-25355",
"datePublished": "2021-03-25T16:13:55",
"dateReserved": "2021-01-19T00:00:00",
"dateUpdated": "2024-08-03T20:03:05.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34634 (GCVE-0-2024-34634)
Vulnerability from cvelistv5
Published
2024-08-07 01:30
Modified
2024-08-07 13:18
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34634",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T13:17:48.537040Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T13:18:59.837Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T01:30:31.743Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=08"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34634",
"datePublished": "2024-08-07T01:30:31.743Z",
"dateReserved": "2024-05-07T04:43:27.837Z",
"dateUpdated": "2024-08-07T13:18:59.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34624 (GCVE-0-2024-34624)
Vulnerability from cvelistv5
Published
2024-08-07 01:30
Modified
2024-08-07 13:28
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying paragraphs in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34624",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T13:27:42.586918Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T13:28:00.696Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying paragraphs in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T01:30:19.607Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=08"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34624",
"datePublished": "2024-08-07T01:30:19.607Z",
"dateReserved": "2024-05-07T04:43:27.836Z",
"dateUpdated": "2024-08-07T13:28:00.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20920 (GCVE-0-2025-20920)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 15:00
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in action link data in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20920",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:00:04.738730Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T15:00:14.300Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in action link data in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:23.836Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20920",
"datePublished": "2025-03-06T05:04:23.836Z",
"dateReserved": "2024-11-06T02:30:14.848Z",
"dateUpdated": "2025-03-06T15:00:14.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20927 (GCVE-0-2025-20927)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 15:40
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in parsing image data in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20927",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:40:26.236330Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T15:40:35.147Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in parsing image data in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:35.371Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20927",
"datePublished": "2025-03-06T05:04:35.371Z",
"dateReserved": "2024-11-06T02:30:14.854Z",
"dateUpdated": "2025-03-06T15:40:35.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34623 (GCVE-0-2024-34623)
Vulnerability from cvelistv5
Published
2024-08-07 01:30
Modified
2024-08-07 15:31
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds write in applying connected information in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:samsung_mobile:samsung_notes:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "samsung_notes",
"vendor": "samsung_mobile",
"versions": [
{
"lessThan": "4.4.21.62",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34623",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T15:23:44.971808Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T15:31:05.852Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write in applying connected information in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-787: Out-of-bounds Write",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T01:30:18.397Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=08"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34623",
"datePublished": "2024-08-07T01:30:18.397Z",
"dateReserved": "2024-05-07T04:43:27.835Z",
"dateUpdated": "2024-08-07T15:31:05.852Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34660 (GCVE-0-2024-34660)
Vulnerability from cvelistv5
Published
2024-09-04 05:32
Modified
2024-09-04 12:48
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Heap-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:samsung:notes:4.4.21.62:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "notes",
"vendor": "samsung",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34660",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T12:45:11.984604Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T12:48:35.863Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T05:32:46.359Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34660",
"datePublished": "2024-09-04T05:32:46.359Z",
"dateReserved": "2024-05-07T04:43:27.845Z",
"dateUpdated": "2024-09-04T12:48:35.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20918 (GCVE-0-2025-20918)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 15:05
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying extra data of base content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20918",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:05:13.888952Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T15:05:47.774Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying extra data of base content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:21.562Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20918",
"datePublished": "2025-03-06T05:04:21.562Z",
"dateReserved": "2024-11-06T02:30:14.847Z",
"dateUpdated": "2025-03-06T15:05:47.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20922 (GCVE-0-2025-20922)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 15:55
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in appending text paragraph in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20922",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:55:28.991961Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T15:55:37.809Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in appending text paragraph in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:26.063Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20922",
"datePublished": "2025-03-06T05:04:26.063Z",
"dateReserved": "2024-11-06T02:30:14.851Z",
"dateUpdated": "2025-03-06T15:55:37.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20924 (GCVE-0-2025-20924)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 15:50
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Improper access control in Samsung Notes prior to version 4.4.26.71 allows physical attackers to access data across multiple user profiles.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20924",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:48:26.933327Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T15:50:38.838Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in Samsung Notes prior to version 4.4.26.71 allows physical attackers to access data across multiple user profiles."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-284: Improper Access Control",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:32.027Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20924",
"datePublished": "2025-03-06T05:04:32.027Z",
"dateReserved": "2024-11-06T02:30:14.852Z",
"dateUpdated": "2025-03-06T15:50:38.838Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34626 (GCVE-0-2024-34626)
Vulnerability from cvelistv5
Published
2024-08-07 01:30
Modified
2024-08-07 14:08
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying own binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34626",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T14:08:44.568729Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T14:08:58.100Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying own binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T01:30:22.050Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=08"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34626",
"datePublished": "2024-08-07T01:30:22.050Z",
"dateReserved": "2024-05-07T04:43:27.836Z",
"dateUpdated": "2024-08-07T14:08:58.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25497 (GCVE-0-2021-25497)
Vulnerability from cvelistv5
Published
2021-10-06 17:11
Modified
2024-08-03 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input
Summary
A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=10 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
Version: - < 4.3.02.61 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:03:05.753Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"lessThan": "4.3.02.61",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T17:11:32",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "mobile.security@samsung.com",
"ID": "CVE-2021-25497",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Samsung Notes",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "-",
"version_value": "4.3.02.61"
}
]
}
}
]
},
"vendor_name": "Samsung Mobile"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10",
"refsource": "MISC",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2021-25497",
"datePublished": "2021-10-06T17:11:32",
"dateReserved": "2021-01-19T00:00:00",
"dateUpdated": "2024-08-03T20:03:05.753Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34657 (GCVE-0-2024-34657)
Vulnerability from cvelistv5
Published
2024-09-04 05:32
Modified
2024-09-04 12:50
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote attackers to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:samsung:notes:4.4.21.62:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "notes",
"vendor": "samsung",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34657",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T12:49:35.523919Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T12:50:54.141Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote attackers to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T05:32:42.971Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34657",
"datePublished": "2024-09-04T05:32:42.971Z",
"dateReserved": "2024-05-07T04:43:27.845Z",
"dateUpdated": "2024-09-04T12:50:54.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34625 (GCVE-0-2024-34625)
Vulnerability from cvelistv5
Published
2024-08-07 01:30
Modified
2024-08-07 14:09
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying connection point in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34625",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T13:56:47.687291Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T14:09:20.229Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying connection point in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T01:30:20.848Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=08"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34625",
"datePublished": "2024-08-07T01:30:20.848Z",
"dateReserved": "2024-05-07T04:43:27.836Z",
"dateUpdated": "2024-08-07T14:09:20.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25495 (GCVE-0-2021-25495)
Vulnerability from cvelistv5
Published
2021-10-06 17:11
Modified
2024-08-03 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=10 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
Version: - < 4.3.02.61 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:03:05.855Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"lessThan": "4.3.02.61",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T17:11:19",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "mobile.security@samsung.com",
"ID": "CVE-2021-25495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Samsung Notes",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "-",
"version_value": "4.3.02.61"
}
]
}
}
]
},
"vendor_name": "Samsung Mobile"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10",
"refsource": "MISC",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2021-25495",
"datePublished": "2021-10-06T17:11:19",
"dateReserved": "2021-01-19T00:00:00",
"dateUpdated": "2024-08-03T20:03:05.855Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20928 (GCVE-0-2025-20928)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 14:54
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in parsing wbmp image in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20928",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T14:54:16.811059Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T14:54:25.516Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in parsing wbmp image in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:36.523Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20928",
"datePublished": "2025-03-06T05:04:36.523Z",
"dateReserved": "2024-11-06T02:30:14.854Z",
"dateUpdated": "2025-03-06T14:54:25.516Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34630 (GCVE-0-2024-34630)
Vulnerability from cvelistv5
Published
2024-08-07 01:30
Modified
2024-08-07 15:21
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying own binary with textbox in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34630",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T15:20:45.808701Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T15:21:11.262Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying own binary with textbox in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T01:30:26.850Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=08"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34630",
"datePublished": "2024-08-07T01:30:26.850Z",
"dateReserved": "2024-05-07T04:43:27.837Z",
"dateUpdated": "2024-08-07T15:21:11.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34635 (GCVE-0-2024-34635)
Vulnerability from cvelistv5
Published
2024-08-07 01:30
Modified
2024-08-07 17:33
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34635",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T17:28:18.109750Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T17:33:43.726Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T01:30:32.915Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=08"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34635",
"datePublished": "2024-08-07T01:30:32.915Z",
"dateReserved": "2024-05-07T04:43:27.837Z",
"dateUpdated": "2024-08-07T17:33:43.726Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20933 (GCVE-0-2025-20933)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 14:51
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20933",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T14:50:41.055214Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T14:51:09.021Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:42.188Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20933",
"datePublished": "2025-03-06T05:04:42.188Z",
"dateReserved": "2024-11-06T02:30:14.855Z",
"dateUpdated": "2025-03-06T14:51:09.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20931 (GCVE-0-2025-20931)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-07 04:55
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20931",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-07T04:55:39.665Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:39.891Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20931",
"datePublished": "2025-03-06T05:04:39.891Z",
"dateReserved": "2024-11-06T02:30:14.855Z",
"dateUpdated": "2025-03-07T04:55:39.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20915 (GCVE-0-2025-20915)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 15:03
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20915",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:02:46.343017Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T15:03:29.595Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:18.091Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20915",
"datePublished": "2025-03-06T05:04:18.091Z",
"dateReserved": "2024-11-06T02:30:14.846Z",
"dateUpdated": "2025-03-06T15:03:29.595Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20977 (GCVE-0-2025-20977)
Vulnerability from cvelistv5
Published
2025-05-07 08:24
Modified
2025-05-07 14:06
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20977",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T14:03:42.790012Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T14:06:03.881Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.29.23"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-927: Use of Implicit Intent for Sensitive Communication",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T08:24:34.627Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=05"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20977",
"datePublished": "2025-05-07T08:24:34.627Z",
"dateReserved": "2024-11-06T02:30:14.870Z",
"dateUpdated": "2025-05-07T14:06:03.881Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25492 (GCVE-0-2021-25492)
Vulnerability from cvelistv5
Published
2021-10-06 17:10
Modified
2024-08-03 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=10 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
Version: - < 4.3.02.61 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:03:05.753Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"lessThan": "4.3.02.61",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T17:10:57",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "mobile.security@samsung.com",
"ID": "CVE-2021-25492",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Samsung Notes",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "-",
"version_value": "4.3.02.61"
}
]
}
}
]
},
"vendor_name": "Samsung Mobile"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10",
"refsource": "MISC",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2021-25492",
"datePublished": "2021-10-06T17:10:57",
"dateReserved": "2021-01-19T00:00:00",
"dateUpdated": "2024-08-03T20:03:05.753Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20868 (GCVE-0-2024-20868)
Vulnerability from cvelistv5
Published
2024-05-07 04:28
Modified
2024-08-01 22:06
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Improper input validation in Samsung Notes prior to version 4.4.15 allows local attackers to delete files with Samsung Notes privilege under certain conditions.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:samsung:samsung_notes:4.4.15:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "samsung_notes",
"vendor": "samsung",
"versions": [
{
"status": "unknown",
"version": "4.4.15"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20868",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-07T17:48:48.471474Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:40:20.131Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:06:36.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in Samsung Notes prior to version 4.4.15 allows local attackers to delete files with Samsung Notes privilege under certain conditions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-20: Improper Input Validation",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-07T04:28:56.248Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=05"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-20868",
"datePublished": "2024-05-07T04:28:56.248Z",
"dateReserved": "2023-12-05T04:57:52.542Z",
"dateUpdated": "2024-08-01T22:06:36.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34633 (GCVE-0-2024-34633)
Vulnerability from cvelistv5
Published
2024-08-07 01:30
Modified
2024-08-07 14:08
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in parsing object header in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34633",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T14:08:16.978553Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T14:08:27.897Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in parsing object header in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T01:30:30.500Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=08"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34633",
"datePublished": "2024-08-07T01:30:30.500Z",
"dateReserved": "2024-05-07T04:43:27.837Z",
"dateUpdated": "2024-08-07T14:08:27.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34627 (GCVE-0-2024-34627)
Vulnerability from cvelistv5
Published
2024-08-07 01:30
Modified
2024-08-07 13:20
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in parsing implemention in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34627",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T13:19:44.420466Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T13:20:31.414Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in parsing implemention in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T01:30:23.231Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=08"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34627",
"datePublished": "2024-08-07T01:30:23.231Z",
"dateReserved": "2024-05-07T04:43:27.836Z",
"dateUpdated": "2024-08-07T13:20:31.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20919 (GCVE-0-2025-20919)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 15:01
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20919",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:01:20.241971Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T15:01:28.285Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:22.709Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20919",
"datePublished": "2025-03-06T05:04:22.709Z",
"dateReserved": "2024-11-06T02:30:14.848Z",
"dateUpdated": "2025-03-06T15:01:28.285Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25367 (GCVE-0-2021-25367)
Vulnerability from cvelistv5
Published
2021-03-25 16:14
Modified
2024-08-03 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.samsungmobile.com/ | x_refsource_MISC | |
| https://security.samsungmobile.com/serviceWeb.smsb | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
Version: unspecified < 4.2.00.22 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:03:05.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.samsungmobile.com/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"lessThan": "4.2.00.22",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-25T16:14:52",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.samsungmobile.com/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "mobile.security@samsung.com",
"ID": "CVE-2021-25367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Samsung Notes",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "4.2.00.22"
}
]
}
}
]
},
"vendor_name": "Samsung Mobile"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.samsungmobile.com/",
"refsource": "MISC",
"url": "https://security.samsungmobile.com/"
},
{
"name": "https://security.samsungmobile.com/serviceWeb.smsb",
"refsource": "CONFIRM",
"url": "https://security.samsungmobile.com/serviceWeb.smsb"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2021-25367",
"datePublished": "2021-03-25T16:14:52",
"dateReserved": "2021-01-19T00:00:00",
"dateUpdated": "2024-08-03T20:03:05.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25498 (GCVE-0-2021-25498)
Vulnerability from cvelistv5
Published
2021-10-06 17:11
Modified
2024-08-03 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input
Summary
A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=10 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
Version: - < 4.3.02.61 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:03:05.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"lessThan": "4.3.02.61",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T17:11:39",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "mobile.security@samsung.com",
"ID": "CVE-2021-25498",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Samsung Notes",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "-",
"version_value": "4.3.02.61"
}
]
}
}
]
},
"vendor_name": "Samsung Mobile"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120: Buffer Copy without Checking Size of Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10",
"refsource": "MISC",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2021-25498",
"datePublished": "2021-10-06T17:11:39",
"dateReserved": "2021-01-19T00:00:00",
"dateUpdated": "2024-08-03T20:03:05.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34632 (GCVE-0-2024-34632)
Vulnerability from cvelistv5
Published
2024-08-07 01:30
Modified
2024-08-07 14:08
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in uuid parsing in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34632",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T13:56:26.024014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T14:08:57.831Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in uuid parsing in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T01:30:29.271Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=08"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34632",
"datePublished": "2024-08-07T01:30:29.271Z",
"dateReserved": "2024-05-07T04:43:27.837Z",
"dateUpdated": "2024-08-07T14:08:57.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20930 (GCVE-0-2025-20930)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 14:52
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20930",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T14:52:36.963260Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T14:52:51.171Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:38.786Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20930",
"datePublished": "2025-03-06T05:04:38.786Z",
"dateReserved": "2024-11-06T02:30:14.854Z",
"dateUpdated": "2025-03-06T14:52:51.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34629 (GCVE-0-2024-34629)
Vulnerability from cvelistv5
Published
2024-08-07 01:30
Modified
2024-08-07 13:11
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying binary with text common object in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34629",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T13:10:54.980820Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T13:11:05.704Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying binary with text common object in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T01:30:25.673Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=08"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34629",
"datePublished": "2024-08-07T01:30:25.673Z",
"dateReserved": "2024-05-07T04:43:27.836Z",
"dateUpdated": "2024-08-07T13:11:05.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20921 (GCVE-0-2025-20921)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 15:56
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20921",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:56:07.647249Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T15:56:41.572Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:24.923Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20921",
"datePublished": "2025-03-06T05:04:24.923Z",
"dateReserved": "2024-11-06T02:30:14.850Z",
"dateUpdated": "2025-03-06T15:56:41.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-34656 (GCVE-0-2024-34656)
Vulnerability from cvelistv5
Published
2024-09-04 05:32
Modified
2024-09-04 12:51
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Path traversal in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:samsung:notes:4.4.21.62:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "notes",
"vendor": "samsung",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34656",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T12:51:18.633030Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T12:51:22.776Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.21.62"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Path traversal in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-35: Path Traversal",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T05:32:41.804Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2024\u0026month=09"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2024-34656",
"datePublished": "2024-09-04T05:32:41.804Z",
"dateReserved": "2024-05-07T04:43:27.845Z",
"dateUpdated": "2024-09-04T12:51:22.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20976 (GCVE-0-2025-20976)
Vulnerability from cvelistv5
Published
2025-05-07 08:24
Modified
2025-05-07 14:19
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20976",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T14:18:13.022915Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T14:19:03.533Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.29.23"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T08:24:33.432Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=05"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20976",
"datePublished": "2025-05-07T08:24:33.432Z",
"dateReserved": "2024-11-06T02:30:14.868Z",
"dateUpdated": "2025-05-07T14:19:03.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20916 (GCVE-0-2025-20916)
Vulnerability from cvelistv5
Published
2025-03-06 05:04
Modified
2025-03-06 15:04
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20916",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:03:46.198403Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T15:04:02.054Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"status": "unaffected",
"version": "4.4.26.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-125: Out-of-bounds Read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T05:04:19.208Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "SamsungMobile"
},
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2025\u0026month=03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "SamsungMobile",
"cveId": "CVE-2025-20916",
"datePublished": "2025-03-06T05:04:19.208Z",
"dateReserved": "2024-11-06T02:30:14.846Z",
"dateUpdated": "2025-03-06T15:04:02.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25494 (GCVE-0-2021-25494)
Vulnerability from cvelistv5
Published
2021-10-06 17:11
Modified
2024-08-03 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=10 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Samsung Mobile | Samsung Notes |
Version: - < 4.3.02.61 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:03:05.764Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Samsung Notes",
"vendor": "Samsung Mobile",
"versions": [
{
"lessThan": "4.3.02.61",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-06T17:11:12",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "mobile.security@samsung.com",
"ID": "CVE-2021-25494",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Samsung Notes",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "-",
"version_value": "4.3.02.61"
}
]
}
}
]
},
"vendor_name": "Samsung Mobile"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10",
"refsource": "MISC",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2021\u0026month=10"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2021-25494",
"datePublished": "2021-10-06T17:11:12",
"dateReserved": "2021-01-19T00:00:00",
"dateUpdated": "2024-08-03T20:03:05.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}