Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Samsung Subscribe
Filtered by product Members
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-25438 2 Google, Samsung 2 Android, Members 2022-07-25 4.6 MEDIUM 7.8 HIGH
Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause local file inclusion in webview.
CVE-2021-25439 2 Google, Samsung 2 Android, Members 2022-07-25 2.1 LOW 3.3 LOW
Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbitrary webpage loading in webview.
CVE-2021-25374 2 Google, Samsung 2 Android, Members 2022-07-14 5.0 MEDIUM 7.5 HIGH
An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account.
CVE-2022-30748 1 Samsung 1 Members 2022-06-14 2.1 LOW 5.5 MEDIUM
Unprotected dynamic receiver in Samsung Members prior to version 4.2.005 allows attacker to launch arbitrary activity.
CVE-2022-28777 1 Samsung 1 Members 2022-04-19 2.1 LOW 3.3 LOW
Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local attacker to execute call function without CALL_PHONE permission.
CVE-2021-25342 2 Google, Samsung 2 Android, Members 2021-03-11 2.1 LOW 3.3 LOW
Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions including denial of service attack by hijacking the provider.
CVE-2021-25343 2 Google, Samsung 2 Android, Members 2021-03-11 2.1 LOW 3.3 LOW
Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1) and below) and 3.8.00.13 (in Android P(9.0) and above) allows unauthorized actions including denial of service attack by hijacking the provider.