Filtered by vendor Samsung
Subscribe
Total
1008 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25470 | 2 Google, Samsung | 2 Android, Exynos | 2022-08-01 | 3.6 LOW | 7.9 HIGH |
| An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE. | |||||
| CVE-2021-25476 | 2 Google, Samsung | 2 Android, Exynos | 2022-08-01 | 2.1 LOW | 4.4 MEDIUM |
| An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE. | |||||
| CVE-2021-25400 | 1 Samsung | 1 Internet | 2022-07-30 | 4.6 MEDIUM | 7.8 HIGH |
| Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged action. | |||||
| CVE-2021-25401 | 1 Samsung | 1 Health | 2022-07-30 | 4.6 MEDIUM | 7.8 HIGH |
| Intent redirection vulnerability in Samsung Health prior to version 6.16 allows attacker to execute privileged action. | |||||
| CVE-2021-25403 | 2 Google, Samsung | 2 Android, Account | 2022-07-30 | 2.1 LOW | 3.3 LOW |
| Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provider using SettingWebView component. | |||||
| CVE-2021-25411 | 2 Google, Samsung | 5 Android, Exynos 9610, Exynos 9810 and 2 more | 2022-07-30 | 2.1 LOW | 4.4 MEDIUM |
| Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root privileged local attackers to write read-only kernel memory. | |||||
| CVE-2021-25440 | 1 Samsung | 1 Factorycamerafb | 2022-07-30 | 4.6 MEDIUM | 7.8 HIGH |
| Improper access control vulnerability in FactoryCameraFB prior to version 3.4.74 allows untrusted applications to access arbitrary files with an escalated privilege. | |||||
| CVE-2021-25439 | 2 Google, Samsung | 2 Android, Members | 2022-07-25 | 2.1 LOW | 3.3 LOW |
| Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbitrary webpage loading in webview. | |||||
| CVE-2021-25438 | 2 Google, Samsung | 2 Android, Members | 2022-07-25 | 4.6 MEDIUM | 7.8 HIGH |
| Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause local file inclusion in webview. | |||||
| CVE-2021-25507 | 1 Samsung | 1 Samsung Flow | 2022-07-25 | 2.7 LOW | 5.7 MEDIUM |
| Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Samsung Flow PC application connected with user device to access part of notification data in Secure Folder without authorization. | |||||
| CVE-2022-33712 | 2 Google, Samsung | 2 Android, Camera | 2022-07-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information. | |||||
| CVE-2022-33711 | 1 Samsung | 1 Android Usb Driver | 2022-07-19 | 2.1 LOW | 5.5 MEDIUM |
| Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for Mobile Phones prior to version 1.7.56.0 allows local attackers to delete arbitrary directory using directory junction. | |||||
| CVE-2022-33713 | 1 Samsung | 1 Cloud | 2022-07-19 | 5.0 MEDIUM | 7.5 HIGH |
| Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to get sensitive information. | |||||
| CVE-2022-33691 | 2 Google, Samsung | 2 Android, Exynos 9820 | 2022-07-16 | 1.9 LOW | 4.7 MEDIUM |
| A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations. | |||||
| CVE-2022-33707 | 1 Samsung | 1 Find My Mobile | 2022-07-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device. | |||||
| CVE-2022-33708 | 1 Samsung | 1 Galaxy Store | 2022-07-16 | 7.2 HIGH | 7.8 HIGH |
| Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | |||||
| CVE-2022-33709 | 1 Samsung | 1 Galaxy Store | 2022-07-16 | 7.2 HIGH | 7.8 HIGH |
| Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | |||||
| CVE-2022-33710 | 1 Samsung | 1 Galaxy Store | 2022-07-16 | 7.2 HIGH | 7.8 HIGH |
| Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | |||||
| CVE-2021-25431 | 2 Google, Samsung | 2 Android, Cameralyzer | 2022-07-14 | 2.1 LOW | 5.5 MEDIUM |
| Improper access control vulnerability in Cameralyzer prior to versions 3.2.1041 in 3.2.x, 3.3.1040 in 3.3.x, and 3.4.4210 in 3.4.x allows untrusted applications to access some functions of Cameralyzer. | |||||
| CVE-2021-25374 | 2 Google, Samsung | 2 Android, Members | 2022-07-14 | 5.0 MEDIUM | 7.5 HIGH |
| An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account. | |||||