Vulnerabilities > Samsung > Account
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-07 | CVE-2022-30732 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Account Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows attacker to access sensitive information via onActivityResult. | 7.5 |
| 2022-06-07 | CVE-2022-30733 | Information Exposure Through Log Files vulnerability in Samsung Account Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission. | 5.3 |
| 2022-06-07 | CVE-2022-30734 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Account Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission. | 5.3 |
| 2022-06-07 | CVE-2022-30735 | Improper Privilege Management vulnerability in Samsung Account Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the access_token without permission. | 7.5 |
| 2022-06-07 | CVE-2022-30736 | Improper Privilege Management vulnerability in Samsung Account Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery without permission. | 5.3 |
| 2022-06-07 | CVE-2022-30737 | Unspecified vulnerability in Samsung Account Implicit Intent hijacking vulnerability in Samsung Account prior to version 13.2.00.6 allows attackers to get email ID. | 5.3 |
| 2022-06-07 | CVE-2022-30739 | Improper Privilege Management vulnerability in Samsung Account Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get an user email or phone number with a normal level permission. | 4.3 |
| 2022-06-07 | CVE-2022-30743 | Improper Privilege Management vulnerability in Samsung Account Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery without permission. | 5.3 |
| 2021-06-11 | CVE-2021-25403 | Unspecified vulnerability in Samsung Account 10.7.07/12.2.0.9 Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provider using SettingWebView component. | 3.3 |
| 2021-04-09 | CVE-2021-25381 | Incorrect Default Permissions vulnerability in Samsung Account 10.8.0.4/12.1.1.3 Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | 7.8 |