Every CVE whose affected-product data names Samsung Notes, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (63)
CVE-2024-34657 — CVSS 8.6 (high): Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote attackers to execute arbitrary code.
CVE-2024-34623 — CVSS 7.8 (high): Out-of-bounds write in applying connected information in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially…
CVE-2024-34622 — CVSS 7.8 (high): Out-of-bounds write in appending paragraph in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute…
CVE-2021-25492 — CVSS 7.3 (high): Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read.
CVE-2024-34660 — CVSS 7.3 (high): Heap-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code.
CVE-2021-25495 — CVSS 7.3 (high): A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows…
CVE-2021-25496 — CVSS 7.3 (high): A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version…
CVE-2021-25497 — CVSS 7.3 (high): A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version…
CVE-2021-25498 — CVSS 7.3 (high): A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version…
CVE-2024-34656 — CVSS 7.3 (high): Path traversal in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code.
CVE-2025-20929 — CVSS 7.3 (high): Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code.
CVE-2025-20931 — CVSS 7.3 (high): Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code.
CVE-2018-10501 — CVSS 7.0 (high): This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31…
CVE-2022-36831 — CVSS 6.2 (medium): Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung…
CVE-2024-34621 — CVSS 5.5 (medium): Out-of-bounds read in applying binary with data in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read…
CVE-2021-25355 — CVSS 5.5 (medium): Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via…
CVE-2021-25405 — CVSS 5.5 (medium): An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to…
CVE-2024-34624 — CVSS 5.5 (medium): Out-of-bounds read in applying paragraphs in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.
CVE-2024-34625 — CVSS 5.5 (medium): Out-of-bounds read in applying connection point in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read…
CVE-2024-34626 — CVSS 5.5 (medium): Out-of-bounds read in applying own binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.
CVE-2024-34627 — CVSS 5.5 (medium): Out-of-bounds read in parsing implemention in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.
CVE-2024-34628 — CVSS 5.5 (medium): Out-of-bounds read in applying binary with path in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read…
CVE-2024-34629 — CVSS 5.5 (medium): Out-of-bounds read in applying binary with text common object in Samsung Notes prior to version 4.4.21.62 allows local attackers to…
CVE-2024-34630 — CVSS 5.5 (medium): Out-of-bounds read in applying own binary with textbox in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially…
CVE-2024-34631 — CVSS 5.5 (medium): Out-of-bounds read in applying new binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.
CVE-2025-20913 — CVSS 5.5 (medium): Out-of-bounds read in applying binary of drawing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds…
CVE-2025-20914 — CVSS 5.5 (medium): Out-of-bounds read in applying binary of hand writing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read…
CVE-2025-20915 — CVSS 5.5 (medium): Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds…
CVE-2025-20916 — CVSS 5.5 (medium): Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVE-2025-20917 — CVSS 5.5 (medium): Out-of-bounds read in applying binary of pdf content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds…
CVE-2025-20918 — CVSS 5.5 (medium): Out-of-bounds read in applying extra data of base content in Samsung Notes prior to version 4.4.26.71 allows attackers to read…
CVE-2025-20919 — CVSS 5.5 (medium): Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds…
CVE-2025-20920 — CVSS 5.5 (medium): Out-of-bounds read in action link data in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVE-2025-20921 — CVSS 5.5 (medium): Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds…
CVE-2025-20922 — CVSS 5.5 (medium): Out-of-bounds read in appending text paragraph in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVE-2025-20925 — CVSS 5.5 (medium): Out-of-bounds read in applying binary of text data in Samsung Notes prior to version 4.4.26.71 allows local attackers to potentially read…
CVE-2025-20927 — CVSS 5.5 (medium): Out-of-bounds read in parsing image data in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory.
CVE-2025-20928 — CVSS 5.5 (medium): Out-of-bounds read in parsing wbmp image in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory.
CVE-2025-20930 — CVSS 5.5 (medium): Out-of-bounds read in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory.
CVE-2025-20932 — CVSS 5.5 (medium): Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to혻read out-of-bounds…
CVE-2025-20933 — CVSS 5.5 (medium): Out-of-bounds read in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory.
CVE-2025-20976 — CVSS 5.5 (medium): Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds…
CVE-2025-21036 — CVSS 5.0 (medium): Improper access control in Samsung Notes prior to version 4.4.30.63 allows local privileged attackers to access exported note files. User…
CVE-2025-20924 — CVSS 4.6 (medium): Improper access control in Samsung Notes prior to version 4.4.26.71 allows physical attackers to access data across multiple user profiles.
CVE-2024-20868 — CVSS 4.4 (medium): Improper input validation in Samsung Notes prior to version 4.4.15 allows local attackers to delete files with Samsung Notes privilege…
CVE-2025-21037 — CVSS 4.1 (medium): Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to access data across multiple user profiles…
CVE-2024-34634 — CVSS 4.0 (medium): Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access…
CVE-2024-34635 — CVSS 4.0 (medium): Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized…
CVE-2021-25494 — CVSS 4.0 (medium): A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary…
CVE-2021-25493 — CVSS 4.0 (medium): Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read
CVE-2025-21066 — CVSS 4.0 (medium): Out-of-bounds read in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.
CVE-2025-21057 — CVSS 4.0 (medium): Use of implicit intent for sensitive communication in Samsung Notes prior to version 4.4.30.63 allows local attackers to access shared…
CVE-2024-34632 — CVSS 4.0 (medium): Out-of-bounds read in uuid parsing in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.
CVE-2024-34633 — CVSS 4.0 (medium): Out-of-bounds read in parsing object header in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.
CVE-2025-21069 — CVSS 4.0 (medium): Out-of-bounds read in the parsing of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds…
CVE-2025-20950 — CVSS 4.0 (medium): Use of implicit intent for sensitive communication in SamsungNotes prior to version 4.4.26.45 allows local attackers to access sensitive…
CVE-2025-21070 — CVSS 4.0 (medium): Out-of-bounds write in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to write out-of-bounds memory.
CVE-2025-21067 — CVSS 4.0 (medium): Out-of-bounds read in the allocation of image buffer in Samsung Notes prior to version 4.4.30.63 allows local attackers to access…
CVE-2025-21068 — CVSS 4.0 (medium): Out-of-bounds read in the reading of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds…
CVE-2021-25367 — CVSS 3.7 (low): Path Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission.
CVE-2021-25402 — CVSS 3.3 (low): Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information.
CVE-2025-20977 — CVSS 3.3 (low): Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get…