Filtered by vendor Samsung
Subscribe
Total
1008 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-33733 | 1 Samsung | 1 Charm | 2023-07-21 | N/A | 3.3 LOW |
| Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. | |||||
| CVE-2022-33706 | 1 Samsung | 1 Samsung Gallery | 2023-07-21 | 2.1 LOW | 2.4 LOW |
| Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical attackers to access the pictures using S Pen air gesture. | |||||
| CVE-2022-33705 | 1 Samsung | 1 Calendar | 2023-07-21 | 2.1 LOW | 3.3 LOW |
| Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access calendar schedule without READ_CALENDAR permission. | |||||
| CVE-2022-39878 | 1 Samsung | 1 Checkout | 2023-07-14 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in Samsung Checkout prior to version 5.0.55.3 allows attackers to access sensitive information via implicit intent broadcast. | |||||
| CVE-2022-39873 | 1 Samsung | 1 Internet | 2023-07-14 | N/A | 4.6 MEDIUM |
| Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret mode without user authentication. | |||||
| CVE-2022-39892 | 1 Samsung | 1 Pass | 2023-07-14 | N/A | 9.8 CRITICAL |
| Improper access control in Samsung Pass prior to version 4.0.05.1 allows attackers to unauthenticated access via keep open feature. | |||||
| CVE-2022-23432 | 2 Google, Samsung | 2 Android, Exynos | 2023-07-11 | 4.6 MEDIUM | 6.7 MEDIUM |
| An improper input validation in SMC_SRPMB_WSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2022-25828 | 1 Samsung | 1 Watch Active Plugin | 2023-07-10 | 2.1 LOW | 3.3 LOW |
| Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows attacker to access password information of connected WiFiAp in the log | |||||
| CVE-2022-25827 | 1 Samsung | 1 Galaxy Watch Plugin | 2023-07-10 | 2.1 LOW | 3.3 LOW |
| Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows attacker to access password information of connected WiFiAp in the log | |||||
| CVE-2022-25826 | 1 Samsung | 1 Galaxy Watch 3 Plugin | 2023-07-10 | 2.1 LOW | 3.3 LOW |
| Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows attacker to access password information of connected WiFiAp in the log | |||||
| CVE-2022-25823 | 1 Samsung | 1 Galaxy Watch Plugin | 2023-07-10 | 2.1 LOW | 3.3 LOW |
| Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741 allows attackers to access user information in log. | |||||
| CVE-2022-25830 | 1 Samsung | 1 Galaxy Watch 3 Plugin | 2023-07-10 | 2.1 LOW | 3.3 LOW |
| Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751 allows attacker to access password information of connected WiFiAp in the log | |||||
| CVE-2022-25829 | 1 Samsung | 1 Watch Active2 Plugin | 2023-07-10 | 2.1 LOW | 3.3 LOW |
| Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751 allows attacker to access password information of connected WiFiAp in the log | |||||
| CVE-2023-21512 | 1 Samsung | 1 Android | 2023-07-07 | N/A | 3.3 LOW |
| Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission. | |||||
| CVE-2023-21517 | 1 Samsung | 1 Exynos | 2023-07-07 | N/A | 9.8 CRITICAL |
| Heap out-of-bound write vulnerability in Exynos baseband prior to SMR Jun-2023 Release 1 allows remote attacker to execute arbitrary code. | |||||
| CVE-2023-21513 | 1 Samsung | 1 Android | 2023-07-06 | N/A | 6.8 MEDIUM |
| Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition. | |||||
| CVE-2023-21518 | 1 Samsung | 1 Searchwidget | 2023-07-06 | N/A | 7.8 HIGH |
| Improper access control vulnerability in SearchWidget prior to version 3.3 in China models allows untrusted applications to start arbitrary activity. | |||||
| CVE-2021-25354 | 1 Samsung | 1 Internet | 2023-06-30 | 6.8 MEDIUM | 5.3 MEDIUM |
| Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink. | |||||
| CVE-2022-30746 | 1 Samsung | 1 Smartthings | 2023-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API. | |||||
| CVE-2022-30730 | 1 Samsung | 1 Samsung Pass | 2023-06-28 | 2.1 LOW | 4.6 MEDIUM |
| Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess account list without authentication. | |||||