Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-07 | CVE-2022-39876 | Information Exposure Through Log Files vulnerability in Samsung Reminder Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 8.2.01.13 allows attacker to access device IMEI. | 3.3 |
| 2022-10-07 | CVE-2022-39877 | Unspecified vulnerability in Samsung Group Sharing 10.8.03.2 Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device. | 5.3 |
| 2022-10-07 | CVE-2022-39878 | Unspecified vulnerability in Samsung Checkout 5.0.53.1 Improper access control vulnerability in Samsung Checkout prior to version 5.0.55.3 allows attackers to access sensitive information via implicit intent broadcast. | 5.5 |
| 2022-09-29 | CVE-2022-40278 | Use After Free vulnerability in Samsung Tizenrt An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). | 7.5 |
| 2022-09-29 | CVE-2022-40279 | Unchecked Return Value vulnerability in Samsung Tizenrt An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). | 7.5 |
| 2022-09-16 | CVE-2022-40761 | Improper Validation of Specified Quantity in Input vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0 The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc. | 7.5 |
| 2022-09-09 | CVE-2022-36857 | Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data. | 2.4 |
| 2022-09-09 | CVE-2022-36859 | Cross-site Scripting vulnerability in Samsung Smarttagplugin 1.2.156 Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows privileged attackers to trigger a XSS on a victim's devices. | 4.8 |
| 2022-09-09 | CVE-2022-36867 | Unspecified vulnerability in Samsung Editor Lite Improper access control vulnerability in Editor Lite prior to version 4.0.40.14 allows attackers to access sensitive information. | 5.5 |
| 2022-09-09 | CVE-2022-36869 | Unspecified vulnerability in Samsung Contacts Provider Improper access control vulnerability in ContactsDumpActivity of?Contacts Provider prior to version 12.7.59 allows attacker to access the file without permission. | 6.1 |