Samsung Calendar vulnerabilities

5 known vulnerabilities affecting samsung/calendar.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM3LOW2

Vulnerabilities

Page 1 of 1
CVE-2025-21035MEDIUMCVSS 4.6fixed in 12.5.06.5fixed in 12.6.01.122025-09-03
CVE-2025-21035 [MEDIUM] CVE-2025-21035: Improper access control in Samsung Calendar prior to version 12.5.06.5 in Android 14 and 12.6.01.12 Improper access control in Samsung Calendar prior to version 12.5.06.5 in Android 14 and 12.6.01.12 in Android 15 allows physical attackers to access data across multiple user profiles.
nvd
CVE-2023-30678MEDIUMCVSS 5.5fixed in 12.4.07.152023-07-06
CVE-2023-30678 [MEDIUM] CWE-22 CVE-2023-30678: Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in An Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file.
nvd
CVE-2023-21464LOWCVSS 3.3fixed in 12.4.02.9000fixed in 12.3.08.20002023-03-16
CVE-2023-21464 [MEDIUM] CWE-281 CVE-2023-21464: Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08 Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08.2000 in Android 12 allows local attacker to configure improper status.
nvd
CVE-2022-39915MEDIUMCVSS 5.5fixed in 11.6.08.0fixed in 12.2.11.3000+2 more2022-12-08
CVE-2022-39915 [LOW] CWE-284 CVE-2022-39915: Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q(10), 12.2 Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q(10), 12.2.11.3000 in Android R(11), 12.3.07.2000 in Android S(12), and 12.4.02.0 in Android T(13) allows attackers to access sensitive information via implicit intent.
nvd
CVE-2022-33705LOWCVSS 3.3fixed in 12.3.05.100002022-07-12
CVE-2022-33705 [LOW] CWE-285 CVE-2022-33705: Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access calendar s Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access calendar schedule without READ_CALENDAR permission.
nvd