Filtered by vendor Samsung
Subscriptions
Total
969 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-39861 | 1 Samsung | 1 Factorycamera | 2022-10-12 | 3.3 Low |
| Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to record video without camera privilege. | ||||
| CVE-2022-39863 | 1 Samsung | 1 Account | 2022-10-11 | 4.7 Medium |
| Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to access content providers without permission. | ||||
| CVE-2022-39869 | 1 Samsung | 1 Smartthings | 2022-10-11 | 7.5 High |
| Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVE_PERSISTENT_BANNER broadcast. | ||||
| CVE-2022-39870 | 1 Samsung | 1 Smartthings | 2022-10-11 | 7.5 High |
| Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast. | ||||
| CVE-2022-39871 | 1 Samsung | 1 Smartthings | 2022-10-11 | 7.5 High |
| Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts. | ||||
| CVE-2022-39876 | 1 Samsung | 1 Reminder | 2022-10-11 | 3.3 Low |
| Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 8.2.01.13 allows attacker to access device IMEI. | ||||
| CVE-2022-39875 | 1 Samsung | 1 Account | 2022-10-11 | 4.4 Medium |
| Improper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout. | ||||
| CVE-2022-39874 | 1 Samsung | 1 Account | 2022-10-11 | 5.5 Medium |
| Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout. | ||||
| CVE-2022-39872 | 1 Samsung | 1 Sharelive | 2022-10-11 | 3.3 Low |
| Improper restriction of broadcasting Intent in ShareLive prior to version 13.2.03.5 leaks MAC address of the connected Bluetooth device. | ||||
| CVE-2022-39854 | 2 Google, Samsung | 2 Android, Exynos | 2022-10-08 | 7.8 High |
| Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory. | ||||
| CVE-2022-39859 | 1 Samsung | 1 Uphelper Library | 2022-10-07 | 3.3 Low |
| Implicit intent hijacking vulnerability in UPHelper library prior to version 3.0.12 allows attackers to access sensitive information via implicit intent. | ||||
| CVE-2022-39858 | 1 Samsung | 1 Factorycamera | 2022-10-07 | 7.8 High |
| Path traversal vulnerability in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to write arbitrary file as FactoryCamera privilege. | ||||
| CVE-2017-7978 | 1 Samsung | 1 Samsung Mobile | 2022-10-03 | N/A |
| Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290. | ||||
| CVE-2018-17969 | 1 Samsung | 2 Scx-6545x, Scx-6545x Firmware | 2022-10-03 | N/A |
| Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote attackers to discover cleartext credentials via iso.3.6.1.4.1.236.11.5.11.81.10.1.5.0 and iso.3.6.1.4.1.236.11.5.11.81.10.1.6.0 SNMP requests. | ||||
| CVE-2010-4284 | 1 Samsung | 1 Data Management Server | 2022-10-03 | N/A |
| SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2012-2980 | 5 Att, Htc, Samsung and 2 more | 9 Status, Chacha, Desire and 6 more | 2022-10-03 | N/A |
| The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages. | ||||
| CVE-2012-2990 | 1 Samsung | 1 Kies | 2022-10-03 | N/A |
| The MASetupCaller ActiveX control before 1.4.2012.508 in MASetupCaller.dll in MarkAny ContentSAFER, as distributed in Samsung KIES before 2.3.2.12074_13_13, does not properly implement unspecified methods, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a crafted HTML document. | ||||
| CVE-2012-4964 | 1 Samsung | 1 Printer Firmware | 2022-10-03 | N/A |
| The Samsung printer firmware before 20121031 has a hardcoded read-write SNMP community, which makes it easier for remote attackers to obtain administrative access via an SNMP request. | ||||
| CVE-2012-6422 | 2 Meizu, Samsung | 3 Mx, Galaxy Note 2, Galaxy S2 | 2022-10-03 | N/A |
| The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted application, as demonstrated by ExynosAbuse. | ||||
| CVE-2012-6337 | 1 Samsung | 4 Galaxy Note 2, Galaxy S, Galaxy S2 and 1 more | 2022-10-03 | N/A |
| The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices shows the activation of remote tracking, which might allow physically proximate attackers to defeat a product-recovery effort by tampering with this feature or its location data. | ||||