Filtered by vendor Samsung
Subscribe
Total
1291 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36832 | 1 Samsung | 1 Cameralyzer | 2024-11-21 | N/A | 4.0 MEDIUM |
| Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22, 3.4.22 and 3.5.51 allows attackers to access external storage as Cameralyzer privilege. | |||||
| CVE-2022-36831 | 1 Samsung | 1 Notes | 2024-11-21 | N/A | 6.2 MEDIUM |
| Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission. | |||||
| CVE-2022-36830 | 1 Samsung | 2 Charm, Charm Firmware | 2024-11-21 | N/A | 6.2 MEDIUM |
| PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. | |||||
| CVE-2022-36829 | 1 Samsung | 2 Charm, Charm Firmware | 2024-11-21 | N/A | 6.2 MEDIUM |
| PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. | |||||
| CVE-2022-36622 | 1 Samsung | 1 Mtower | 2024-11-21 | N/A | 7.5 HIGH |
| Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_GetObjectInfo1. | |||||
| CVE-2022-36621 | 1 Samsung | 1 Mtower | 2024-11-21 | N/A | 7.5 HIGH |
| Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_AllocateTransientObject. | |||||
| CVE-2022-35858 | 1 Samsung | 1 Mtower | 2024-11-21 | N/A | 7.8 HIGH |
| The TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount. | |||||
| CVE-2022-33734 | 1 Samsung | 1 Charm | 2024-11-21 | N/A | 6.2 MEDIUM |
| Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. | |||||
| CVE-2022-33733 | 1 Samsung | 1 Charm | 2024-11-21 | N/A | 6.2 MEDIUM |
| Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. | |||||
| CVE-2022-33713 | 1 Samsung | 1 Cloud | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to get sensitive information. | |||||
| CVE-2022-33712 | 2 Google, Samsung | 2 Android, Camera | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information. | |||||
| CVE-2022-33711 | 1 Samsung | 1 Android Usb Driver | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for Mobile Phones prior to version 1.7.56.0 allows local attackers to delete arbitrary directory using directory junction. | |||||
| CVE-2022-33706 | 1 Samsung | 1 Samsung Gallery | 2024-11-21 | 2.1 LOW | 2.4 LOW |
| Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical attackers to access the pictures using S Pen air gesture. | |||||
| CVE-2022-33705 | 1 Samsung | 1 Calendar | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access calendar schedule without READ_CALENDAR permission. | |||||
| CVE-2022-30749 | 1 Samsung | 1 Smartthings | 2024-11-21 | 4.6 MEDIUM | 3.3 LOW |
| Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to add arbitrary smart devices by bypassing login activity. | |||||
| CVE-2022-30748 | 1 Samsung | 1 Members | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Unprotected dynamic receiver in Samsung Members prior to version 4.2.005 allows attacker to launch arbitrary activity. | |||||
| CVE-2022-30747 | 1 Samsung | 1 Smartthings | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to access files without permission via implicit Intent. | |||||
| CVE-2022-30746 | 1 Samsung | 1 Smartthings | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API. | |||||
| CVE-2022-30745 | 1 Samsung | 1 Quick Share | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Improper access control vulnerability in Quick Share prior to version 13.1.2.4 allows attacker to access internal files in Quick Share. | |||||
| CVE-2022-30744 | 1 Samsung | 1 Kies | 2024-11-21 | 4.4 MEDIUM | 6.2 MEDIUM |
| DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows attacker to execute arbitrary code. | |||||