Filtered by vendor Samsung
Subscriptions
Total
1083 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-23996 | 1 Samsung | 1 Wear Os | 2024-08-03 | 4 Medium |
Unprotected component vulnerability in StTheaterModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to enable bedtime mode without a proper permission. | ||||
CVE-2022-23433 | 2 Google, Samsung | 2 Android, Reminder | 2024-08-03 | 4.3 Medium |
Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08.6000 in Andoid Q(10) allows attackers to register reminders or execute exporeted activities remotely. | ||||
CVE-2022-23432 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 6.4 Medium |
An improper input validation in SMC_SRPMB_WSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | ||||
CVE-2022-23434 | 2 Google, Samsung | 2 Android, Bixby | 2024-08-03 | 4.4 Medium |
A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S(12), 3.7.50.6 in Andorid R(11) and below allows attackers to execute privileged action by hijacking and modifying the intent. | ||||
CVE-2022-23431 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 6.4 Medium |
An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | ||||
CVE-2022-23425 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 8.6 High |
Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station. | ||||
CVE-2022-23428 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 8.4 High |
An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | ||||
CVE-2022-22285 | 2 Google, Samsung | 2 Android, Reminder | 2024-08-03 | 4.4 Medium |
A vulnerability using PendingIntent in Reminder prior to version 12.2.05.0 in Android R(11.0) and 12.3.02.1000 in Android S(12.0) allows attackers to execute privileged action by hijacking and modifying the intent. | ||||
CVE-2022-22284 | 1 Samsung | 1 Internet | 2024-08-03 | 5.7 Medium |
Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication | ||||
CVE-2022-22288 | 1 Samsung | 1 Galaxy Store | 2024-08-03 | 7.5 High |
Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the allowlist. | ||||
CVE-2022-22289 | 1 Samsung | 1 S Assistant | 2024-08-03 | 5.3 Medium |
Improper access control vulnerability in S Assistant prior to version 7.5 allows attacker to remotely get senstive information. | ||||
CVE-2022-22287 | 1 Samsung | 1 Samsung Email | 2024-08-03 | 3.9 Low |
Abitrary file access vulnerability in Samsung Email prior to 6.1.60.16 allows attacker to read isolated data in sandbox. | ||||
CVE-2022-22286 | 2 Google, Samsung | 2 Android, Bixby Routines | 2024-08-03 | 4.4 Medium |
A vulnerability using PendingIntent in Bixby Routines prior to version 3.1.21.8 in Android R(11.0) and 2.6.30.5 in Android Q(10.0) allows attackers to execute privileged action by hijacking and modifying the intent. | ||||
CVE-2022-22283 | 1 Samsung | 1 Health | 2024-08-03 | 2.8 Low |
Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging out from Samsung Health App. | ||||
CVE-2022-22265 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 5 Medium |
An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution. | ||||
CVE-2022-22290 | 1 Samsung | 1 Internet | 2024-08-03 | 6.5 Medium |
Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted HTML page. | ||||
CVE-2022-4894 | 2 Hp, Samsung | 2046 1vr14a, 1vr14a Firmware, 209u7a and 2043 more | 2024-08-03 | 7.3 High |
Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element. | ||||
CVE-2022-1230 | 1 Samsung | 2 Galaxy S21, Galaxy S21 Firmware | 2024-08-02 | 3.9 Low |
This vulnerability allows local attackers to execute arbitrary code on affected installations of Samsung Galaxy S21 prior to 4.5.40.5 phones. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of redirections. An attacker can force a redirection to a site that serves malicious content. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the current user. Was ZDI-CAN-15918. | ||||
CVE-2023-50803 | 1 Samsung | 26 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 23 more | 2024-08-02 | 3.7 Low |
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay protection specified by the NAS (Non-Access-Stratum) module. This can lead to denial of service. | ||||
CVE-2023-50804 | 1 Samsung | 26 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 23 more | 2024-08-02 | 3.7 Low |
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check format types specified by the NAS (Non-Access-Stratum) module. This can lead to bypass of authentication. |