Samsung Notes vulnerabilities

CVE-2025-21068 [MEDIUM] CWE-125 CVE-2025-21068: Out-of-bounds read in the reading of image data in Samsung Notes prior to version 4.4.30.63 allows l Out-of-bounds read in the reading of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.

CVE-2025-21066 [MEDIUM] CWE-125 CVE-2025-21066: Out-of-bounds read in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attac Out-of-bounds read in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.

CVE-2025-21069 [MEDIUM] CWE-125 CVE-2025-21069: Out-of-bounds read in the parsing of image data in Samsung Notes prior to version 4.4.30.63 allows l Out-of-bounds read in the parsing of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.

CVE-2025-21067 [MEDIUM] CWE-125 CVE-2025-21067: Out-of-bounds read in the allocation of image buffer in Samsung Notes prior to version 4.4.30.63 all Out-of-bounds read in the allocation of image buffer in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.

CVE-2025-21070 [MEDIUM] CWE-787 CVE-2025-21070: Out-of-bounds write in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local atta Out-of-bounds write in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to write out-of-bounds memory.

CVE-2025-21057 [MEDIUM] CVE-2025-21057: Use of implicit intent for sensitive communication in Samsung Notes prior to version 4.4.30.63 allow Use of implicit intent for sensitive communication in Samsung Notes prior to version 4.4.30.63 allows local attackers to access shared notes.

CVE-2025-21036 [MEDIUM] CVE-2025-21036: Improper access control in Samsung Notes prior to version 4.4.30.63 allows local privileged attacker Improper access control in Samsung Notes prior to version 4.4.30.63 allows local privileged attackers to access exported note files. User interaction is required for triggering this vulnerability.

CVE-2025-21037 [MEDIUM] CVE-2025-21037: Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to acc Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to access data across multiple user profiles. User interaction is required for triggering this vulnerability.

CVE-2025-20976 [MEDIUM] CWE-125 CVE-2025-20976: Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 al Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds memory.

CVE-2025-20977 [LOW] CVE-2025-20977: Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.

CVE-2025-20950 [MEDIUM] CVE-2025-20950: Use of implicit intent for sensitive communication in SamsungNotes prior to version 4.4.26.45 allows Use of implicit intent for sensitive communication in SamsungNotes prior to version 4.4.26.45 allows local attackers to access sensitive information.

CVE-2025-20922 [MEDIUM] CWE-125 CVE-2025-20922: Out-of-bounds read in appending text paragraph in Samsung Notes prior to version 4.4.26.71 allows at Out-of-bounds read in appending text paragraph in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CVE-2025-20915 [MEDIUM] CWE-125 CVE-2025-20915: Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 a Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CVE-2025-20918 [MEDIUM] CWE-125 CVE-2025-20918: Out-of-bounds read in applying extra data of base content in Samsung Notes prior to version 4.4.26.7 Out-of-bounds read in applying extra data of base content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CVE-2025-20931 [HIGH] CWE-787 CVE-2025-20931: Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local at Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code.

CVE-2025-20916 [MEDIUM] CWE-125 CVE-2025-20916: Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows atta Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CVE-2025-20929 [HIGH] CWE-787 CVE-2025-20929: Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local a Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code.

CVE-2025-20919 [MEDIUM] CWE-125 CVE-2025-20919: Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26.71 a Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CVE-2025-20914 [MEDIUM] CWE-125 CVE-2025-20914: Out-of-bounds read in applying binary of hand writing content in Samsung Notes prior to version 4.4. Out-of-bounds read in applying binary of hand writing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.

CVE-2025-20921 [MEDIUM] CWE-125 CVE-2025-20921: Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.26.71 al Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.