Filtered by vendor Samsung
Subscribe
Total
951 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25338 | 2 Google, Samsung | 2 Android, Exynos 9830 | 2022-10-25 | 3.6 LOW | 5.2 MEDIUM |
| Improper memory access control in RKP in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to write certain part of RKP EL2 memory region. | |||||
| CVE-2019-6741 | 1 Samsung | 2 Galaxy S9, Galaxy S9 Firmware | 2022-10-12 | 5.8 MEDIUM | 9.3 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9 prior to January 2019 Security Update (SMR-JAN-2019 - SVE-2018-13467). User interaction is required to exploit this vulnerability in that the target must connect to a wireless network. The specific flaw exists within the captive portal. By manipulating HTML, an attacker can force a page redirection. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7476. | |||||
| CVE-2022-39861 | 1 Samsung | 1 Factorycamera | 2022-10-12 | N/A | 3.3 LOW |
| Unprotected Receiver in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to record video without camera privilege. | |||||
| CVE-2022-39863 | 1 Samsung | 1 Account | 2022-10-11 | N/A | 4.7 MEDIUM |
| Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to access content providers without permission. | |||||
| CVE-2022-39869 | 1 Samsung | 1 Smartthings | 2022-10-11 | N/A | 7.5 HIGH |
| Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVE_PERSISTENT_BANNER broadcast. | |||||
| CVE-2022-39870 | 1 Samsung | 1 Smartthings | 2022-10-11 | N/A | 7.5 HIGH |
| Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast. | |||||
| CVE-2022-39871 | 1 Samsung | 1 Smartthings | 2022-10-11 | N/A | 7.5 HIGH |
| Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts. | |||||
| CVE-2022-39876 | 1 Samsung | 1 Reminder | 2022-10-11 | N/A | 3.3 LOW |
| Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 8.2.01.13 allows attacker to access device IMEI. | |||||
| CVE-2022-39875 | 1 Samsung | 1 Account | 2022-10-11 | N/A | 4.4 MEDIUM |
| Improper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout. | |||||
| CVE-2022-39874 | 1 Samsung | 1 Account | 2022-10-11 | N/A | 5.5 MEDIUM |
| Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout. | |||||
| CVE-2022-39872 | 1 Samsung | 1 Sharelive | 2022-10-11 | N/A | 3.3 LOW |
| Improper restriction of broadcasting Intent in ShareLive prior to version 13.2.03.5 leaks MAC address of the connected Bluetooth device. | |||||
| CVE-2022-39854 | 2 Google, Samsung | 2 Android, Exynos | 2022-10-08 | N/A | 7.8 HIGH |
| Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory. | |||||
| CVE-2022-39859 | 1 Samsung | 1 Uphelper Library | 2022-10-07 | N/A | 3.3 LOW |
| Implicit intent hijacking vulnerability in UPHelper library prior to version 3.0.12 allows attackers to access sensitive information via implicit intent. | |||||
| CVE-2022-39858 | 1 Samsung | 1 Factorycamera | 2022-10-07 | N/A | 7.8 HIGH |
| Path traversal vulnerability in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to write arbitrary file as FactoryCamera privilege. | |||||
| CVE-2022-36870 | 1 Samsung | 2 Samsung Pay, Samsung Pay Kr | 2022-10-01 | N/A | 6.5 MEDIUM |
| Pending Intent hijacking vulnerability in MTransferNotificationManager in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | |||||
| CVE-2022-36867 | 1 Samsung | 1 Editor Lite | 2022-10-01 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in Editor Lite prior to version 4.0.40.14 allows attackers to access sensitive information. | |||||
| CVE-2022-36869 | 1 Samsung | 1 Contacts Provider | 2022-10-01 | N/A | 6.1 MEDIUM |
| Improper access control vulnerability in ContactsDumpActivity of?Contacts Provider prior to version 12.7.59 allows attacker to access the file without permission. | |||||
| CVE-2022-36871 | 1 Samsung | 2 Samsung Pay, Samsung Pay Kr | 2022-10-01 | N/A | 6.5 MEDIUM |
| Pending Intent hijacking vulnerability in NotiCenterUtils in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | |||||
| CVE-2022-36872 | 1 Samsung | 2 Samsung Pay, Samsung Pay Kr | 2022-10-01 | N/A | 6.5 MEDIUM |
| Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | |||||
| CVE-2022-40279 | 1 Samsung | 1 Tizenrt | 2022-09-30 | N/A | 7.5 HIGH |
| An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). l2_packet_receive_timeout in wpa_supplicant/src/l2_packet/l2_packet_pcap.c has a missing check on the return value of pcap_dispatch, leading to a denial of service (malfunction). | |||||