Filtered by vendor Samsung
Subscribe
Total
656 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36832 | 1 Samsung | 1 Cameralyzer | 2022-10-27 | N/A | 3.3 LOW |
| Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22, 3.4.22 and 3.5.51 allows attackers to access external storage as Cameralyzer privilege. | |||||
| CVE-2022-36831 | 1 Samsung | 1 Notes | 2022-10-27 | N/A | 5.5 MEDIUM |
| Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission. | |||||
| CVE-2022-36830 | 1 Samsung | 2 Charm, Charm Firmware | 2022-10-27 | N/A | 5.5 MEDIUM |
| PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. | |||||
| CVE-2022-36829 | 1 Samsung | 2 Charm, Charm Firmware | 2022-10-27 | N/A | 5.5 MEDIUM |
| PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. | |||||
| CVE-2021-25399 | 1 Samsung | 1 Smart Manager | 2022-10-25 | 3.6 LOW | 7.1 HIGH |
| Improper configuration in Smart Manager prior to version 11.0.05.0 allows attacker to access the file with system privilege. | |||||
| CVE-2021-25338 | 2 Google, Samsung | 2 Android, Exynos 9830 | 2022-10-25 | 3.6 LOW | 5.2 MEDIUM |
| Improper memory access control in RKP in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to write certain part of RKP EL2 memory region. | |||||
| CVE-2019-6741 | 1 Samsung | 2 Galaxy S9, Galaxy S9 Firmware | 2022-10-12 | 5.8 MEDIUM | 9.3 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to January 2019 Security Update (SMR-JAN-2019 - SVE-2018-13467). User interaction is required to exploit this vulnerability in that the target must connect to a wireless network. The specific flaw exists within the captive portal. By manipulating HTML, an attacker can force a page redirection. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7476. | |||||
| CVE-2022-39862 | 2 Google, Samsung | 2 Android, Dynamic Lockscreen | 2022-10-11 | N/A | 9.8 CRITICAL |
| Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and 3.3.03.66 in Android S(12) allows unauthorized use of javascript interface api. | |||||
| CVE-2022-39861 | 1 Samsung | 1 Factorycamera | 2022-10-11 | N/A | 3.3 LOW |
| Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to record video without camera privilege. | |||||
| CVE-2022-39860 | 1 Samsung | 1 Quick Share | 2022-10-11 | N/A | 3.5 LOW |
| Improper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to access sensitive information via implicit broadcast. | |||||
| CVE-2022-39863 | 1 Samsung | 1 Account | 2022-10-11 | N/A | 4.7 MEDIUM |
| Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to access content providers without permission. | |||||
| CVE-2022-39864 | 1 Samsung | 1 Smartthings | 2022-10-11 | N/A | 7.5 HIGH |
| Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitive information via implicit intent. | |||||
| CVE-2022-39865 | 1 Samsung | 1 Smartthings | 2022-10-11 | N/A | 7.5 HIGH |
| Improper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast. | |||||
| CVE-2022-39866 | 1 Samsung | 1 Smartthings | 2022-10-11 | N/A | 7.5 HIGH |
| Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast. | |||||
| CVE-2022-39867 | 1 Samsung | 1 Smartthings | 2022-10-11 | N/A | 7.5 HIGH |
| Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast. | |||||
| CVE-2022-39868 | 1 Samsung | 1 Smartthings | 2022-10-11 | N/A | 7.5 HIGH |
| Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast. | |||||
| CVE-2022-39869 | 1 Samsung | 1 Smartthings | 2022-10-11 | N/A | 7.5 HIGH |
| Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVE_PERSISTENT_BANNER broadcast. | |||||
| CVE-2022-39870 | 1 Samsung | 1 Smartthings | 2022-10-11 | N/A | 7.5 HIGH |
| Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast. | |||||
| CVE-2022-39871 | 1 Samsung | 1 Smartthings | 2022-10-11 | N/A | 7.5 HIGH |
| Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts. | |||||
| CVE-2022-39878 | 1 Samsung | 1 Checkout | 2022-10-11 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in Samsung Checkout prior to version 5.0.55.3 allows attackers to access sensitive information via implicit intent broadcast. | |||||