Filtered by vendor Samsung
Subscriptions
Total
1083 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-36621 | 1 Samsung | 1 Mtower | 2024-08-03 | 7.5 High |
Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_AllocateTransientObject. | ||||
CVE-2022-36622 | 1 Samsung | 1 Mtower | 2024-08-03 | 7.5 High |
Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_GetObjectInfo1. | ||||
CVE-2022-35858 | 1 Samsung | 1 Mtower | 2024-08-03 | 7.8 High |
The TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount. | ||||
CVE-2022-33734 | 1 Samsung | 1 Charm | 2024-08-03 | 6.2 Medium |
Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. | ||||
CVE-2022-33710 | 1 Samsung | 1 Galaxy Store | 2024-08-03 | 7.8 High |
Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | ||||
CVE-2022-33706 | 1 Samsung | 1 Samsung Gallery | 2024-08-03 | 2.4 Low |
Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical attackers to access the pictures using S Pen air gesture. | ||||
CVE-2022-33733 | 1 Samsung | 1 Charm | 2024-08-03 | 6.2 Medium |
Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. | ||||
CVE-2022-33711 | 1 Samsung | 1 Android Usb Driver | 2024-08-03 | 5.5 Medium |
Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for Mobile Phones prior to version 1.7.56.0 allows local attackers to delete arbitrary directory using directory junction. | ||||
CVE-2022-33708 | 1 Samsung | 1 Galaxy Store | 2024-08-03 | 7.8 High |
Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | ||||
CVE-2022-33713 | 1 Samsung | 1 Cloud | 2024-08-03 | 7.5 High |
Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to get sensitive information. | ||||
CVE-2022-33691 | 2 Google, Samsung | 2 Android, Exynos 9820 | 2024-08-03 | 6.2 Medium |
A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations. | ||||
CVE-2022-33707 | 1 Samsung | 1 Find My Mobile | 2024-08-03 | 5.3 Medium |
Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device. | ||||
CVE-2022-33712 | 2 Google, Samsung | 2 Android, Camera | 2024-08-03 | 5.3 Medium |
Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information. | ||||
CVE-2022-33709 | 1 Samsung | 1 Galaxy Store | 2024-08-03 | 7.8 High |
Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | ||||
CVE-2022-33705 | 1 Samsung | 1 Calendar | 2024-08-03 | 3.3 Low |
Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access calendar schedule without READ_CALENDAR permission. | ||||
CVE-2022-30740 | 1 Samsung | 1 Internet | 2024-08-03 | 4.1 Medium |
Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical attackers to guess stored credit card numbers. | ||||
CVE-2022-30737 | 1 Samsung | 1 Account | 2024-08-03 | 4 Medium |
Implicit Intent hijacking vulnerability in Samsung Account prior to version 13.2.00.6 allows attackers to get email ID. | ||||
CVE-2022-30749 | 1 Samsung | 1 Smartthings | 2024-08-03 | 3.3 Low |
Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to add arbitrary smart devices by bypassing login activity. | ||||
CVE-2022-30730 | 1 Samsung | 1 Samsung Pass | 2024-08-03 | 4.6 Medium |
Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess account list without authentication. | ||||
CVE-2022-30748 | 1 Samsung | 1 Members | 2024-08-03 | 4 Medium |
Unprotected dynamic receiver in Samsung Members prior to version 4.2.005 allows attacker to launch arbitrary activity. |