Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-09 | CVE-2022-36867 | Unspecified vulnerability in Samsung Editor Lite Improper access control vulnerability in Editor Lite prior to version 4.0.40.14 allows attackers to access sensitive information. | 5.5 |
| 2022-09-09 | CVE-2022-36869 | Unspecified vulnerability in Samsung Contacts Provider Improper access control vulnerability in ContactsDumpActivity of?Contacts Provider prior to version 12.7.59 allows attacker to access the file without permission. | 6.1 |
| 2022-09-09 | CVE-2022-36870 | Unspecified vulnerability in Samsung PAY and Samsung PAY KR Pending Intent hijacking vulnerability in MTransferNotificationManager in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | 6.5 |
| 2022-09-09 | CVE-2022-36871 | Unspecified vulnerability in Samsung PAY and Samsung PAY KR Pending Intent hijacking vulnerability in NotiCenterUtils in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | 6.5 |
| 2022-09-09 | CVE-2022-36872 | Unspecified vulnerability in Samsung PAY and Samsung PAY KR Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | 6.5 |
| 2022-09-09 | CVE-2022-36873 | Unspecified vulnerability in Samsung Galaxy Watch Plugin 2.2.05.21033151/2.2.05.220126741/2.2.05.22012751 Improper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC address of the connected Bluetooth device. low complexity samsung | 6.5 |
| 2022-09-09 | CVE-2022-36874 | Improper Handling of Exceptional Conditions vulnerability in Samsung Galaxy Watch Plugin 2.2.05.21033151/2.2.05.220126741/2.2.05.22012751 Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number. | 6.2 |
| 2022-09-09 | CVE-2022-36875 | Unspecified vulnerability in Samsung Galaxy Watch Plugin 2.2.05.21033151/2.2.05.220126741/2.2.05.22012751 Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission. | 5.5 |
| 2022-09-09 | CVE-2022-36876 | Unspecified vulnerability in Samsung Pass 3.0.02.4/3.7.07.5/4.0.03.1 Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication. low complexity samsung | 2.4 |
| 2022-09-09 | CVE-2022-36877 | Information Exposure Through Log Files vulnerability in Samsung Members Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions 4.3.00.11 in Global and 14.0.02.4 in China allows local attackers to access device identification via log. | 3.3 |