CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4632
https://notcve.org/view.php?id=CVE-2025-4632
13 May 2025 — Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority. • https://security.samsungtv.com/securityUpdates#SVP-MAY-2025 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20977
https://notcve.org/view.php?id=CVE-2025-20977
07 May 2025 — Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability. • https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=05 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20976
https://notcve.org/view.php?id=CVE-2025-20976
07 May 2025 — Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds memory. • https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=05 •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20964
https://notcve.org/view.php?id=CVE-2025-20964
07 May 2025 — Out-of-bounds write in parsing media files in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=05 •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20963
https://notcve.org/view.php?id=CVE-2025-20963
07 May 2025 — Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=05 •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20962
https://notcve.org/view.php?id=CVE-2025-20962
07 May 2025 — Improper handling of insufficient permission in SpenGesture service prior to SMR May-2025 Release 1 allows local attackers to track the S Pen position. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=05 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20961
https://notcve.org/view.php?id=CVE-2025-20961
07 May 2025 — Improper handling of insufficient permission or privileges in sepunion service prior to SMR May-2025 Release 1 allows local privileged attackers to access files with system privilege. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=05 •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20960
https://notcve.org/view.php?id=CVE-2025-20960
07 May 2025 — Improper handling of insufficient permission in CocktailBarService prior to SMR May-2025 Release 1 allows local attackers to use the privileged api. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=05 •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20959
https://notcve.org/view.php?id=CVE-2025-20959
07 May 2025 — Use of implicit intent for sensitive communication in Wi-Fi P2P service prior to SMR May-2025 Release 1 allows local attackers to access sensitive information. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=05 •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20958
https://notcve.org/view.php?id=CVE-2025-20958
07 May 2025 — Improper verification of intent by broadcast receiver in UnifiedWFC prior to SMR May-2025 Release 1 allows local attackers to manipulate VoWiFi related behaviors. • https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=05 •