Vulnerabilities > Samsung

DATE CVE VULNERABILITY TITLE RISK
2022-07-12 CVE-2022-33705 Incorrect Authorization vulnerability in Samsung Calendar
Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access calendar schedule without READ_CALENDAR permission.
local
low complexity
samsung CWE-863
2.1
2022-07-12 CVE-2022-33706 Unspecified vulnerability in Samsung Gallery
Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical attackers to access the pictures using S Pen air gesture.
local
low complexity
samsung
2.1
2022-07-12 CVE-2022-33707 Use of Insufficiently Random Values vulnerability in Samsung Find MY Mobile
Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device.
network
low complexity
samsung CWE-330
5.0
2022-07-12 CVE-2022-33708 Improper Privilege Management vulnerability in Samsung Galaxy Store 4.5.32.4
Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.
local
low complexity
samsung CWE-269
7.2
2022-07-12 CVE-2022-33709 Improper Privilege Management vulnerability in Samsung Galaxy Store 4.5.32.4
Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.
local
low complexity
samsung CWE-269
7.2
2022-07-12 CVE-2022-33710 Improper Privilege Management vulnerability in Samsung Galaxy Store 4.5.32.4
Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.
local
low complexity
samsung CWE-269
7.2
2022-07-12 CVE-2022-33711 Improper Validation of Integrity Check Value vulnerability in Samsung Android USB Driver
Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for Mobile Phones prior to version 1.7.56.0 allows local attackers to delete arbitrary directory using directory junction.
local
low complexity
samsung CWE-354
2.1
2022-07-12 CVE-2022-33712 Open Redirect vulnerability in Samsung Camera 10.5.03.77/11.1.02.16/9.0.6.68
Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information.
network
low complexity
samsung CWE-601
5.0
2022-07-12 CVE-2022-33713 Unspecified vulnerability in Samsung Cloud 4.7.0.3/5.1.0.8
Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to get sensitive information.
network
low complexity
samsung
5.0
2022-06-07 CVE-2022-30730 Incorrect Authorization vulnerability in Samsung Pass
Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess account list without authentication.
local
low complexity
samsung CWE-863
2.1