This page lists publicly disclosed CVE vulnerabilities affecting linux tizen (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-25437 | Improper access control vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows attackers to arbitrary code execution by replacing FOTA update file. | [email protected] | 9.8 | 2.35% | 2021-07-08 | 2026-06-16 |
| CVE-2021-25436 | Improper input validation vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows arbitrary code execution via Samsung Accessory Protocol. | [email protected] | 9.8 | 1.64% | 2021-07-08 | 2026-06-16 |
| CVE-2021-25435 | Improper input validation vulnerability in Tizen bootloader prior to Firmware update JUL-2021 Release allows arbitrary code execution using recovery partition in wireless firmware download mode. | [email protected] | 9.8 | 1.68% | 2021-07-08 | 2026-06-16 |
| CVE-2021-25434 | Improper input validation vulnerability in Tizen bootloader prior to Firmware update JUL-2021 Release allows arbitrary code execution using param partition in wireless firmware download mode. | [email protected] | 9.8 | 1.68% | 2021-07-08 | 2026-06-16 |
| CVE-2021-25433 | Improper authorization vulnerability in Tizen factory reset policy prior to Firmware update JUL-2021 Release allows untrusted applications to perform factory reset using dbus signal. | [email protected] | 5.5 | 0.22% | 2021-07-08 | 2026-06-16 |
| CVE-2018-16268 | The SoundServer/FocusServer system services in Tizen allow an unprivileged process to perform media-related system actions, due to improper D-Bus security policy configurations. Such actions include playing an arbitrary sound file or DTMF tones. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | [email protected] | 4.3 | 0.52% | 2020-01-22 | 2026-06-16 |
| CVE-2018-16267 | The system-popup system service in Tizen allows an unprivileged process to perform popup-related system actions, due to improper D-Bus security policy configurations. Such actions include the triggering system poweroff menu, and prompting a popup with arbitrary strings. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | [email protected] | 8.1 | 0.68% | 2020-01-22 | 2026-06-16 |
| CVE-2018-16266 | The Enlightenment system service in Tizen allows an unprivileged process to fully control or capture windows, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | [email protected] | 8.1 | 0.70% | 2020-01-22 | 2026-06-16 |
| CVE-2018-16265 | The bt/bt_core system service in Tizen allows an unprivileged process to create a system user interface and control the Bluetooth pairing process, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | [email protected] | 6.5 | 0.59% | 2020-01-22 | 2026-06-16 |
| CVE-2018-16264 | The BlueZ system service in Tizen allows an unprivileged process to partially control Bluetooth or acquire sensitive information, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | [email protected] | 6.5 | 0.58% | 2020-01-22 | 2026-06-16 |
| CVE-2018-16263 | The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | [email protected] | 8.8 | 0.78% | 2020-01-22 | 2026-06-16 |
| CVE-2018-16262 | The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations. Such actions include installing, decrypting, and killing other packages. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | [email protected] | 8.8 | 0.78% | 2020-01-22 | 2026-06-16 |