CVE Tracker

CVE ID	Severity	EPSS	Vendor	Description	Date	Status
CVE-2024-7399	High	—	SamsungMagicINFO 9 Server	Samsung MagicINFO 9 Server contains a path traversal vulnerability that could allow an attacker to write arbitrary files as system authority.	Apr 24, 2026	KEV
CVE-2025-21042	High	1.8%	SamsungMobile Devices	Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so. This vulnerability could allow remote attackers to execute arbitrary code.	Nov 10, 2025	KEV
CVE-2025-21043	High	4.9%	SamsungMobile Devices	Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so which allows remote attackers to execute arbitrary code.	Oct 2, 2025	KEV
CVE-2025-4632	High	49.2%	SamsungMagicINFO 9 Server	Samsung MagicINFO 9 Server contains a path traversal vulnerability that allows an attacker to write arbitrary file as system authority.	May 22, 2025	KEV
CVE-2022-22265	High	0.2%	SamsungMobile Devices	Samsung devices with selected Exynos chipsets contain a use-after-free vulnerability that allows malicious memory write and code execution.	Sep 18, 2023	KEV
CVE-2021-25371	High	0.9%	SamsungMobile Devices	Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF libraries inside DSP.	Jun 29, 2023	KEV
CVE-2021-25372	High	1.0%	SamsungMobile Devices	Samsung mobile devices contain an improper boundary check vulnerability within DSP driver that allows for out-of-bounds memory access.	Jun 29, 2023	KEV
CVE-2021-25487	High	2.4%	SamsungMobile Devices	Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer.	Jun 29, 2023	KEV
CVE-2021-25395	High	0.2%	SamsungMobile Devices	Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised.	Jun 29, 2023	KEV
CVE-2021-25394	High	0.6%	SamsungMobile Devices	Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised.	Jun 29, 2023	KEV
CVE-2021-25489	High	0.4%	SamsungMobile Devices	Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that results in a format string bug leading to kernel panic.	Jun 29, 2023	KEV
CVE-2023-21492	High	0.4%	SamsungMobile Devices	Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulnerability that allows a privileged, local attacker to conduct an address space layout randomization (ASLR) bypass.	May 19, 2023	KEV
CVE-2021-25370	High	0.2%	SamsungMobile Devices	Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leading to kernel panic. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25369.	Nov 8, 2022	KEV
CVE-2021-25337	High	1.1%	SamsungMobile Devices	Samsung mobile devices contain an improper access control vulnerability in clipboard service which allows untrusted applications to read or write arbitrary files. This vulnerability was chained with CVE-2021-25369 and CVE-2021-25370.	Nov 8, 2022	KEV
CVE-2021-25369	High	0.2%	SamsungMobile Devices	Samsung mobile devices using Mali GPU contains an improper access control vulnerability in sec_log file. Exploitation of the vulnerability exposes sensitive kernel information to the userspace. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25370.	Nov 8, 2022	KEV

CVE-2024-7399KEV

High

Samsung MagicINFO 9 Server contains a path traversal vulnerability that could allow an attacker to write arbitrary files as system authority.

Samsung

CVE-2025-21042KEV

High

Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so. This vulnerability could allow remote attackers to execute arbitrary code.

SamsungEPSS 1.8%

CVE-2025-21043KEV

High

Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so which allows remote attackers to execute arbitrary code.

SamsungEPSS 4.9%

CVE-2025-4632KEV

High

Samsung MagicINFO 9 Server contains a path traversal vulnerability that allows an attacker to write arbitrary file as system authority.

SamsungEPSS 49.2%

CVE-2022-22265KEV

High

Samsung devices with selected Exynos chipsets contain a use-after-free vulnerability that allows malicious memory write and code execution.

SamsungEPSS 0.2%

CVE-2021-25371KEV

High

Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF libraries inside DSP.

SamsungEPSS 0.9%

CVE-2021-25372KEV

High

Samsung mobile devices contain an improper boundary check vulnerability within DSP driver that allows for out-of-bounds memory access.

SamsungEPSS 1.0%

CVE-2021-25487KEV

High

Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer.

SamsungEPSS 2.4%

CVE-2021-25395KEV

High

Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised.

SamsungEPSS 0.2%

CVE-2021-25394KEV

High

Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised.

SamsungEPSS 0.6%

CVE-2021-25489KEV

High

Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that results in a format string bug leading to kernel panic.

SamsungEPSS 0.4%

CVE-2023-21492KEV

High

Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulnerability that allows a privileged, local attacker to conduct an address space layout randomization (ASLR) bypass.

SamsungEPSS 0.4%

CVE-2021-25370KEV

High

Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leading to kernel panic. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25369.

SamsungEPSS 0.2%

CVE-2021-25337KEV

High

Samsung mobile devices contain an improper access control vulnerability in clipboard service which allows untrusted applications to read or write arbitrary files. This vulnerability was chained with CVE-2021-25369 and CVE-2021-25370.

SamsungEPSS 1.1%

CVE-2021-25369KEV

High

Samsung mobile devices using Mali GPU contains an improper access control vulnerability in sec_log file. Exploitation of the vulnerability exposes sensitive kernel information to the userspace. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25370.

SamsungEPSS 0.2%