Filtered by vendor Samsung
Subscribe
Total
1324 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-39868 | 1 Samsung | 1 Smartthings | 2023-06-27 | N/A | 7.5 HIGH |
| Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast. | |||||
| CVE-2022-39867 | 1 Samsung | 1 Smartthings | 2023-06-27 | N/A | 7.5 HIGH |
| Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast. | |||||
| CVE-2022-39866 | 1 Samsung | 1 Smartthings | 2023-06-27 | N/A | 7.5 HIGH |
| Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast. | |||||
| CVE-2022-39865 | 1 Samsung | 1 Smartthings | 2023-06-27 | N/A | 7.5 HIGH |
| Improper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast. | |||||
| CVE-2022-39860 | 1 Samsung | 1 Quick Share | 2023-06-27 | N/A | 3.5 LOW |
| Improper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to access sensitive information via implicit broadcast. | |||||
| CVE-2022-39857 | 1 Samsung | 1 Factorycamerafb | 2023-06-27 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in CameraTestActivity in FactoryCameraFB prior to version 3.5.51 allows attackers to access broadcasting Intent as system uid privilege. | |||||
| CVE-2022-39862 | 2 Google, Samsung | 2 Android, Dynamic Lockscreen | 2023-06-27 | N/A | 9.8 CRITICAL |
| Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and 3.3.03.66 in Android S(12) allows unauthorized use of javascript interface api. | |||||
| CVE-2022-39864 | 1 Samsung | 1 Smartthings | 2023-06-27 | N/A | 7.5 HIGH |
| Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitive information via implicit intent. | |||||
| CVE-2021-25380 | 1 Samsung | 1 Bixby | 2023-06-26 | 7.5 HIGH | 7.3 HIGH |
| Improper handling of exceptional conditions in Bixby prior to version 3.0.53.02 allows attacker to execute the actions registered by the user. | |||||
| CVE-2021-25527 | 1 Samsung | 1 Pay | 2023-06-26 | 2.1 LOW | 3.3 LOW |
| Improper export of Android application components vulnerability in Samsung Pay (India only) prior to version 4.1.77 allows attacker to access Bill Pay and Recharge menu without authentication. | |||||
| CVE-2022-24923 | 1 Samsung | 1 Searchwidget | 2023-06-23 | 2.1 LOW | 3.3 LOW |
| Improper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China models allows untrusted applications to load arbitrary URL and local files in webview. | |||||
| CVE-2022-24002 | 1 Samsung | 1 Link Sharing | 2023-06-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper Authorization vulnerability in Link Sharing prior to version 12.4.00.3 allows attackers to open protected activity via PreconditionActivity. | |||||
| CVE-2022-24924 | 1 Samsung | 1 Livewallpaperservice | 2023-06-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a specific named system directory without a proper permission. | |||||
| CVE-2022-23994 | 1 Samsung | 1 Wear Os | 2023-06-23 | 4.3 MEDIUM | 3.3 LOW |
| An Improper access control vulnerability in StBedtimeModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to change bedtime mode without a proper permission. | |||||
| CVE-2022-24926 | 1 Samsung | 1 Smarttagplugin | 2023-06-23 | 3.5 LOW | 5.4 MEDIUM |
| Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.15-6 allows privileged attackers to trigger a XSS on a victim's devices. | |||||
| CVE-2022-24930 | 1 Samsung | 1 Wear Os | 2023-06-23 | 4.3 MEDIUM | 3.3 LOW |
| An Improper access control vulnerability in StRetailModeReceiver in Wear OS 3.0 prior to Firmware update MAR-2022 Release allows untrusted applications to reset default app settings without a proper permission | |||||
| CVE-2022-25824 | 1 Samsung | 1 Bixby Touch | 2023-06-23 | 2.1 LOW | 3.3 LOW |
| Improper access control vulnerability in BixbyTouch prior to version 2.2.00.6 in China models allows untrusted applications to load arbitrary URL and local files in webview. | |||||
| CVE-2023-21514 | 1 Samsung | 1 Galaxy Store | 2023-06-21 | N/A | 8.8 HIGH |
| Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store. | |||||
| CVE-2023-21516 | 1 Samsung | 1 Galaxy Store | 2023-06-03 | N/A | 9.6 CRITICAL |
| XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store. | |||||
| CVE-2023-21515 | 1 Samsung | 1 Galaxy Store | 2023-06-03 | N/A | 8.8 HIGH |
| InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store. | |||||