Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (1383 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-39869 1 Samsung 1 Smartthings 2024-11-21 4 Medium
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVE_PERSISTENT_BANNER broadcast.
CVE-2022-39868 1 Samsung 1 Smartthings 2024-11-21 4 Medium
Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
CVE-2022-39867 1 Samsung 1 Smartthings 2024-11-21 4 Medium
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast.
CVE-2022-39866 1 Samsung 1 Smartthings 2024-11-21 4 Medium
Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
CVE-2022-39865 1 Samsung 1 Smartthings 2024-11-21 4 Medium
Improper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
CVE-2022-39864 1 Samsung 1 Smartthings 2024-11-21 3.3 Low
Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitive information via implicit intent.
CVE-2022-39863 1 Samsung 1 Account 2024-11-21 3.6 Low
Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to access content providers without permission.
CVE-2022-39862 2 Google, Samsung 2 Android, Dynamic Lockscreen 2024-11-21 5.3 Medium
Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and 3.3.03.66 in Android S(12) allows unauthorized use of javascript interface api.
CVE-2022-39861 1 Samsung 1 Factorycamera 2024-11-21 5.9 Medium
Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to record video without camera privilege.
CVE-2022-39860 1 Samsung 1 Quick Share 2024-11-21 4.4 Medium
Improper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to access sensitive information via implicit broadcast.
CVE-2022-39859 1 Samsung 1 Uphelper Library 2024-11-21 4 Medium
Implicit intent hijacking vulnerability in UPHelper library prior to version 3.0.12 allows attackers to access sensitive information via implicit intent.
CVE-2022-39858 1 Samsung 1 Factorycamera 2024-11-21 7.3 High
Path traversal vulnerability in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to write arbitrary file as FactoryCamera privilege.
CVE-2022-39857 1 Samsung 1 Factorycamerafb 2024-11-21 7.3 High
Improper access control vulnerability in CameraTestActivity in FactoryCameraFB prior to version 3.5.51 allows attackers to access broadcasting Intent as system uid privilege.
CVE-2022-39854 2 Google, Samsung 2 Android, Exynos 2024-11-21 6.4 Medium
Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory.
CVE-2022-39846 1 Samsung 1 Smart Switch Pc 2024-11-21 6.2 Medium
DLL hijacking vulnerability in Smart Switch PC prior to version 4.3.22083_3 allows attacker to execute arbitrary code.
CVE-2022-39845 1 Samsung 1 Kies 2024-11-21 5.5 Medium
Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074 allows local attackers to delete arbitrary directory using directory junction.
CVE-2022-39844 1 Samsung 1 Smart Switch Pc 2024-11-21 5.5 Medium
Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3.22083 allows local attackers to delete arbitrary directory using directory junction.
CVE-2022-39830 1 Samsung 1 Mtower 2024-11-21 7.5 High
sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_public_key_affine_coordinates, leading to a denial of service.
CVE-2022-39829 1 Samsung 1 Mtower 2024-11-21 7.5 High
There is a NULL pointer dereference in aes256_encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVP_CIPHER_CTX_new.
CVE-2022-39828 1 Samsung 1 Mtower 2024-11-21 7.5 High
sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_private_key, leading to a denial of service.