Filtered by vendor Samsung Subscriptions
Filtered by product Smartthings Subscriptions
Total 17 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-34596 1 Samsung 1 Smartthings 2024-11-21 5.9 Medium
Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner.
CVE-2022-39871 1 Samsung 1 Smartthings 2024-11-21 4 Medium
Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts.
CVE-2022-39870 1 Samsung 1 Smartthings 2024-11-21 4 Medium
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast.
CVE-2022-39869 1 Samsung 1 Smartthings 2024-11-21 4 Medium
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVE_PERSISTENT_BANNER broadcast.
CVE-2022-39868 1 Samsung 1 Smartthings 2024-11-21 4 Medium
Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
CVE-2022-39867 1 Samsung 1 Smartthings 2024-11-21 4 Medium
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast.
CVE-2022-39866 1 Samsung 1 Smartthings 2024-11-21 4 Medium
Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
CVE-2022-39865 1 Samsung 1 Smartthings 2024-11-21 4 Medium
Improper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
CVE-2022-39864 1 Samsung 1 Smartthings 2024-11-21 3.3 Low
Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitive information via implicit intent.
CVE-2022-30749 1 Samsung 1 Smartthings 2024-11-21 3.3 Low
Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to add arbitrary smart devices by bypassing login activity.
CVE-2022-30747 1 Samsung 1 Smartthings 2024-11-21 5.5 Medium
PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to access files without permission via implicit Intent.
CVE-2022-30746 1 Samsung 1 Smartthings 2024-11-21 7.5 High
Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API.
CVE-2021-25508 1 Samsung 1 Smartthings 2024-11-21 5.3 Medium
Improper privilege management vulnerability in API Key used in SmartThings prior to 1.7.73.22 allows an attacker to abuse the API key without limitation.
CVE-2021-25447 1 Samsung 2 Smartthings, Smartthings Firmware 2024-11-21 5.3 Medium
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause local file inclusion in webview.
CVE-2021-25446 1 Samsung 2 Smartthings, Smartthings Firmware 2024-11-21 5.3 Medium
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause arbitrary webpage loading in webview.
CVE-2021-25404 1 Samsung 2 Smartthings, Smartthings Firmware 2024-11-21 3.3 Low
Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log.
CVE-2021-25378 1 Samsung 1 Smartthings 2024-11-21 4.3 Medium
Improper access control of certain port in SmartThings prior to version 1.7.63.6 allows remote temporary denial of service.