CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Android : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1251 CVE-2019-20619 200 +Info 2020-03-24 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered on Samsung mobile devices with P(9.0) software. Secure Startup leaks keyboard suggested words. The Samsung ID is SVE-2019-13773 (March 2019).
1252 CVE-2019-20618 287 2020-03-24 2020-03-26
5.0
None Remote Low Not required None Partial None
An issue was discovered on Samsung mobile devices with P(9.0) software. The Pin Window feature allows unauthenticated unpinning of an app. The Samsung ID is SVE-2018-13765 (March 2019).
1253 CVE-2019-20617 200 +Info 2020-03-24 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered on Samsung mobile devices with P(9.0) software. Secure Folder leaks preview data of recent apps. The Samsung ID is SVE-2018-13764 (March 2019).
1254 CVE-2019-20616 200 +Info 2020-03-24 2020-03-27
5.0
None Remote Low Not required Partial None None
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Gallery leaks a thumbnail of Private Mode content. The Samsung ID is SVE-2018-13563 (March 2019).
1255 CVE-2019-20615 20 Bypass 2020-03-24 2021-07-21
2.1
None Local Low Not required None Partial None
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Attackers can bypass Factory Reset Protection (FRP) via SVoice T&C. The Samsung ID is SVE-2018-13547 (March 2019).
1256 CVE-2019-20614 200 +Info 2020-03-24 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Allshare allows attackers to access sensitive information. The Samsung ID is SVE-2018-13453 (March 2019).
1257 CVE-2019-20613 89 Sql 2020-03-24 2020-03-30
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. There is time-based SQL injection in Contacts. The Samsung ID is SVE-2018-13452 (March 2019).
1258 CVE-2019-20612 DoS 2020-03-24 2020-08-24
5.0
None Remote Low Not required None None Partial
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Broadcom Wi-Fi, and SEC Wi-Fi chipsets) software. Wi-Fi allows a denial of service via TCP SYN packets. The Samsung ID is SVE-2018-13162 (March 2019).
1259 CVE-2019-20611 787 Exec Code Overflow 2020-03-24 2020-03-30
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), Go(8.1), P(9.0), and Go(9.0) (Exynos chipsets) software. A baseband stack overflow leads to arbitrary code execution. The Samsung ID is SVE-2019-13963 (April 2019).
1260 CVE-2019-20609 200 +Info 2020-03-24 2021-07-21
3.3
None Local Network Low Not required Partial None None
An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can use Smartwatch to view Secure Folder notification content. The Samsung ID is SVE-2019-13899 (April 2019).
1261 CVE-2019-20608 2020-03-24 2020-08-24
5.0
None Remote Low Not required None Partial None
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. An attacker can use Emergency mode to disable features. The Samsung IDs are SVE-2018-13164, SVE-2018-13165 (April 2019).
1262 CVE-2019-20606 20 2020-03-24 2021-07-21
5.8
None Remote Medium Not required None Partial Partial
An issue was discovered on Samsung mobile devices with any (before May 2019) software. A phishing attack against OMACP can change the network and internet settings. The Samsung ID is SVE-2019-14073 (May 2019).
1263 CVE-2019-20605 787 Overflow 2020-03-24 2020-03-30
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A heap overflow occurs for baseband in the Shannon modem. The Samsung ID is SVE-2019-14071 (May 2019).
1264 CVE-2019-20604 2020-03-24 2020-03-30
5.0
None Remote Low Not required None None Partial
An issue was discovered on Samsung mobile devices with O(8.x) software. Attackers can disable Gallery permanently. The Samsung ID is SVE-2019-14031 (May 2019).
1265 CVE-2019-20603 476 2020-03-24 2020-03-26
5.0
None Remote Low Not required None None Partial
An issue was discovered on Samsung mobile devices with N(7.x), O(8.0), and P(9.0) (Qualcomm chipsets) software. The ESECOMM Trustlet has a NULL pointer dereference. The Samsung ID is SVE-2019-13950 (May 2019).
1266 CVE-2019-20602 476 2020-03-24 2020-03-26
5.0
None Remote Low Not required None None Partial
An issue was discovered on Samsung mobile devices with N(7.x), O(8.0), and P(9.0) (Qualcomm chipsets) software. The Authnr Trustlet has a NULL pointer dereference. The Samsung ID is SVE-2019-13949 (May 2019).
1267 CVE-2019-20599 20 2020-03-24 2021-07-21
5.0
None Remote Low Not required None Partial None
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Voice Assistant mishandles the notification audibility of a secured app. The Samsung ID is SVE-2018-13326 (May 2019).
1268 CVE-2019-20598 200 +Info 2020-03-24 2021-07-21
2.1
None Local Low Not required Partial None None
An issue was discovered on Samsung mobile devices with O(8.x) software. Bixby leaks the keyboard's learned words, and the clipboard contents, via the lock screen. The Samsung IDs are SVE-2018-12896, SVE-2018-12897 (May 2019).
1269 CVE-2019-20597 200 +Info 2020-03-24 2021-07-21
6.4
None Remote Low Not required Partial Partial None
An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), and P(9.0) software. SPENgesture allows arbitrary applications to read or modify user-input logs. The Samsung ID is SVE-2019-14170 (June 2019).
1270 CVE-2019-20595 306 2020-03-24 2020-08-24
2.1
None Local Low Not required None Partial None
An issue was discovered on Samsung mobile devices with P(9.0) software. Quick Panel allows enabling or disabling the Bluetooth stack without authentication. The Samsung ID is SVE-2019-14545 (July 2019).
1271 CVE-2019-20594 787 Overflow 2020-03-24 2020-03-26
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (Exynos chipsets) software. A heap overflow exists in the bootloader. The Samsung ID is SVE-2019-14371 (July 2019).
1272 CVE-2019-20593 200 +Info 2020-03-24 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Gallery leaks Private Mode thumbnails. The Samsung ID is SVE-2019-14208 (July 2019).
1273 CVE-2019-20592 89 Sql 2020-03-24 2020-03-30
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is local SQL injection in the Story Video Editor Content Provider. The Samsung ID is SVE-2019-14062 (July 2019).
1274 CVE-2019-20591 89 Sql 2020-03-24 2020-03-30
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is local SQL injection in the Gear VR Service Content Provider. The Samsung ID is SVE-2019-14058 (July 2019).
1275 CVE-2019-20589 843 Exec Code 2020-03-24 2020-03-30
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the SKPM Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14892 (August 2019).
1276 CVE-2019-20588 843 Exec Code 2020-03-24 2020-03-30
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the SEM Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14891 (August 2019).
1277 CVE-2019-20587 843 Exec Code 2020-03-24 2020-03-27
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (with TEEGRIS) software. There is type confusion in the MLDAP Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14867 (August 2019).
1278 CVE-2019-20586 843 Exec Code 2020-03-24 2020-03-27
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (with TEEGRIS) software. There is type confusion in the FINGERPRINT Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14864 (August 2019).
1279 CVE-2019-20585 843 Exec Code 2020-03-24 2020-03-27
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the SEC_FR Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14851 (August 2019).
1280 CVE-2019-20584 843 Exec Code 2020-03-24 2020-03-27
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the HDCP Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14850 (August 2019).
1281 CVE-2019-20583 843 Exec Code 2020-03-24 2020-03-27
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the EXT_FR Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14847 (August 2019).
1282 CVE-2019-20581 787 Exec Code Overflow 2020-03-24 2020-03-27
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A stack overflow in the HDCP Trustlet causes arbitrary code execution. The Samsung ID is SVE-2019-14665 (August 2019).
1283 CVE-2019-20580 200 Bypass +Info 2020-03-24 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered on Samsung mobile devices with P(9.0) software. The Motion photo player allows attackers to bypass the Secure Folder feature to view images. The Samsung ID is SVE-2019-14653 (August 2019).
1284 CVE-2019-20579 200 +Info 2020-03-24 2021-07-21
2.1
None Local Low Not required Partial None None
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Gallery allows attackers to enable Location information sharing from the lock screen. The Samsung ID is SVE-2019-14462 (August 2019).
1285 CVE-2019-20577 2020-03-24 2020-08-24
7.8
None Remote Low Not required None None Complete
An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. The MALI GPU Driver allows a kernel panic. The Samsung ID is SVE-2019-14372 (August 2019).
1286 CVE-2019-20576 89 Sql 2020-03-24 2020-03-30
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with P(9.0) software. The MemorySaver Content Provider allows SQL injection. The Samsung ID is SVE-2019-14365 (August 2019).
1287 CVE-2019-20575 916 2020-03-24 2020-03-27
4.8
None Local Network Low Not required Partial Partial None
An issue was discovered on Samsung mobile devices with P(9.0) software. The WPA3 handshake feature allows a downgrade or dictionary attack. The Samsung ID is SVE-2019-14204 (August 2019).
1288 CVE-2019-20574 89 Sql 2020-03-24 2020-03-27
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is local SQL injection in the Wi-Fi history Content Provider. The Samsung ID is SVE-2019-14061 (August 2019).
1289 CVE-2019-20573 89 Sql 2020-03-24 2020-03-27
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is local SQL injection in the RCS Content Provider. The Samsung IDs are SVE-2019-14059, SVE-2019-14685 (August 2019).
1290 CVE-2019-20571 843 Exec Code 2020-03-24 2020-03-27
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with O(8.x) (with TEEGRIS) software. There is type confusion in the WVDRM Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14885 (September 2019).
1291 CVE-2019-20570 20 Bypass 2020-03-24 2021-07-21
5.0
None Remote Low Not required None Partial None
An issue was discovered on Samsung mobile devices with P(9.0), O(8.0), and N(7.1) software. Attackers can bypass Factory Reset Protection (FRP) via Smart Switch. The Samsung ID is SVE-2019-15138 (September 2019).
1292 CVE-2019-20569 20 Bypass 2020-03-24 2021-07-21
2.1
None Local Low Not required None Partial None
An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can bypass Factory Reset Protection (FRP) via the status bar. The Samsung ID is SVE-2019-15089 (September 2019).
1293 CVE-2019-20568 416 2020-03-24 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) devices (Exynos and Qualcomm chipsets) software. A race condition causes a Use-After-Free. The Samsung ID is SVE-2019-15067 (September 2019).
1294 CVE-2019-20567 787 Exec Code Overflow 2020-03-24 2020-03-30
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A up_parm heap overflow leads to code execution in the bootloader. The Samsung ID is SVE-2019-14993 (September 2019).
1295 CVE-2019-20565 287 2020-03-24 2020-03-27
5.0
None Remote Low Not required None Partial None
An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) software. Attackers can change the USB configuration without authentication. The Samsung ID is SVE-2018-13300 (September 2019).
1296 CVE-2019-20563 787 2020-03-24 2020-03-27
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. The SEC_FR trustlet has an out of bounds write. The Samsung ID is SVE-2019-15272 (October 2019).
1297 CVE-2019-20562 120 Overflow 2020-03-24 2020-03-27
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with P(9.0) (with TEEGRIS) software. There is a buffer overflow in the BIOSUB Trustlet. The Samsung ID is SVE-2019-15264 (October 2019).
1298 CVE-2019-20561 190 2020-03-24 2020-03-27
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. The bootloader has an integer signedness error. The Samsung ID is SVE-2019-15230 (October 2019).
1299 CVE-2019-20560 787 2020-03-24 2020-03-27
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. The BIOSUB Trustlet has an out of bounds write. The Samsung ID is SVE-2019-15261 (October 2019).
1300 CVE-2019-20559 200 +Info 2020-03-24 2021-07-21
2.1
None Local Low Not required Partial None None
An issue was discovered on Samsung mobile devices with P(9.0) software. Gallery allows viewing of photos on the lock screen. The Samsung ID is SVE-2019-15055 (October 2019).
Total number of vulnerabilities : 3865   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 (This Page)27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.