Filtered by vendor Samsung
Subscriptions
Total
969 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-30730 | 1 Samsung | 1 Samsung Pass | 2023-06-28 | 4.6 Medium |
| Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess account list without authentication. | ||||
| CVE-2022-30731 | 1 Samsung | 1 My Files | 2023-06-28 | 5.5 Medium |
| Improper access control vulnerability in My Files prior to version 13.1.00.193 allows attackers to access arbitrary private files in My Files application. | ||||
| CVE-2022-30745 | 1 Samsung | 1 Quick Share | 2023-06-28 | 5.5 Medium |
| Improper access control vulnerability in Quick Share prior to version 13.1.2.4 allows attacker to access internal files in Quick Share. | ||||
| CVE-2022-28778 | 1 Samsung | 1 Samsung Security Supporter | 2023-06-28 | 3.3 Low |
| Improper access control vulnerability in Samsung Security Supporter prior to version 1.2.40.0 allows attacker to set the arbitrary folder as Secret Folder without Samsung Security Supporter permission | ||||
| CVE-2022-28777 | 1 Samsung | 1 Members | 2023-06-28 | 3.3 Low |
| Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local attacker to execute call function without CALL_PHONE permission. | ||||
| CVE-2022-28776 | 1 Samsung | 1 Galaxy Store | 2023-06-28 | 7.8 High |
| Improper access control vulnerability in Galaxy Store prior to version 4.5.36.4 allows attacker to install applications from Galaxy Store without user interactions. | ||||
| CVE-2022-28775 | 1 Samsung | 1 Samsung Flow | 2023-06-28 | 3.3 Low |
| Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker to write the file without Samsung Flow permission. | ||||
| CVE-2022-27838 | 1 Samsung | 1 Factorycamera | 2023-06-28 | 7.8 High |
| Improper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to access the file with system privilege. | ||||
| CVE-2022-22265 | 2 Google, Samsung | 2 Android, Exynos | 2023-06-27 | 7.8 High |
| An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution. | ||||
| CVE-2022-22288 | 1 Samsung | 1 Galaxy Store | 2023-06-27 | 7.5 High |
| Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the allowlist. | ||||
| CVE-2022-23433 | 2 Google, Samsung | 2 Android, Reminder | 2023-06-27 | 5.3 Medium |
| Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08.6000 in Andoid Q(10) allows attackers to register reminders or execute exporeted activities remotely. | ||||
| CVE-2022-24932 | 2 Google, Samsung | 2 Android, Cloud | 2023-06-27 | 4.6 Medium |
| Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard. | ||||
| CVE-2022-36876 | 1 Samsung | 1 Samsung Pass | 2023-06-27 | 2.4 Low |
| Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication. | ||||
| CVE-2022-36859 | 1 Samsung | 1 Smarttagplugin | 2023-06-27 | 4.8 Medium |
| Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows privileged attackers to trigger a XSS on a victim's devices. | ||||
| CVE-2022-36857 | 2 Google, Samsung | 2 Android, Photo Editor | 2023-06-27 | 2.4 Low |
| Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data. | ||||
| CVE-2022-36832 | 1 Samsung | 1 Cameralyzer | 2023-06-27 | 3.3 Low |
| Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22, 3.4.22 and 3.5.51 allows attackers to access external storage as Cameralyzer privilege. | ||||
| CVE-2022-39902 | 1 Samsung | 2 Exynos, Exynos Firmware | 2023-06-27 | 7.5 High |
| Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency call. | ||||
| CVE-2022-39877 | 2 Google, Samsung | 2 Android, Group Sharing | 2023-06-27 | 5.3 Medium |
| Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device. | ||||
| CVE-2022-39868 | 1 Samsung | 1 Smartthings | 2023-06-27 | 7.5 High |
| Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast. | ||||
| CVE-2022-39867 | 1 Samsung | 1 Smartthings | 2023-06-27 | 7.5 High |
| Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast. | ||||