Filtered by vendor Samsung Subscriptions
Total 1110 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-36859 1 Samsung 1 Smarttagplugin 2024-11-21 5.7 Medium
Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows privileged attackers to trigger a XSS on a victim's devices.
CVE-2022-36857 2 Google, Samsung 2 Android, Photo Editor 2024-11-21 1.9 Low
Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data.
CVE-2022-36851 1 Samsung 1 Samsung Pass 2024-11-21 3.9 Low
Improper access control vulnerability in Samsung pass prior to version 4.0.03.1 allow physical attackers to access data of Samsung pass on a certain state of an unlocked device.
CVE-2022-36840 1 Samsung 1 Update 2024-11-21 4.5 Medium
DLL hijacking vulnerability in Samsung Update Setup prior to version 2.2.9.50 allows attackers to execute arbitrary code.
CVE-2022-36839 1 Samsung 1 Checkout 2024-11-21 5.9 Medium
SQL injection vulnerability via IAPService in Samsung Checkout prior to version 5.0.53.1 allows attackers to access IAP information.
CVE-2022-36838 1 Samsung 1 Galaxy Wearable 2024-11-21 4 Medium
Implicit Intent hijacking vulnerability in Galaxy Wearable prior to version 2.2.50 allows attacker to get sensitive information.
CVE-2022-36837 1 Samsung 1 Samsung Email 2024-11-21 6.2 Medium
Intent redirection vulnerability using implicit intent in Samsung email prior to version 6.1.70.20 allows attacker to get sensitive information.
CVE-2022-36836 1 Samsung 2 Charm, Charm Firmware 2024-11-21 6.2 Medium
Unprotected provider vulnerability in Charm by Samsung prior to version 1.2.3 allows attackers to read connection state without permission.
CVE-2022-36835 1 Samsung 1 Samsung Internet Browser 2024-11-21 3.3 Low
Implicit Intent hijacking vulnerability in Samsung Internet Browser prior to version 17.0.7.34 allows attackers to access arbitrary files.
CVE-2022-36834 1 Samsung 1 Game Launcher 2024-11-21 3.3 Low
Exposure of Sensitive Information vulnerability in Game Launcher prior to version 6.0.07 allows local attacker to access app data with user interaction.
CVE-2022-36833 2 Google, Samsung 2 Android, Gameoptimizingservice 2024-11-21 7.3 High
Improper Privilege Management vulnerability in Game Optimizing Service prior to versions 3.3.04.0 in Android 10, and 3.5.04.8 in Android 11 and above allows local attacker to execute hidden function for developer by changing package name.
CVE-2022-36832 1 Samsung 1 Cameralyzer 2024-11-21 4 Medium
Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22, 3.4.22 and 3.5.51 allows attackers to access external storage as Cameralyzer privilege.
CVE-2022-36831 1 Samsung 1 Notes 2024-11-21 6.2 Medium
Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission.
CVE-2022-36830 1 Samsung 2 Charm, Charm Firmware 2024-11-21 6.2 Medium
PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent.
CVE-2022-36829 1 Samsung 2 Charm, Charm Firmware 2024-11-21 6.2 Medium
PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent.
CVE-2022-36622 1 Samsung 1 Mtower 2024-11-21 7.5 High
Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_GetObjectInfo1.
CVE-2022-36621 1 Samsung 1 Mtower 2024-11-21 7.5 High
Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_AllocateTransientObject.
CVE-2022-35858 1 Samsung 1 Mtower 2024-11-21 7.8 High
The TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount.
CVE-2022-33734 1 Samsung 1 Charm 2024-11-21 6.2 Medium
Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission.
CVE-2022-33733 1 Samsung 1 Charm 2024-11-21 6.2 Medium
Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission.