Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-01 | CVE-2022-36622 | NULL Pointer Dereference vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0 Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_GetObjectInfo1. | 7.5 |
| 2022-08-11 | CVE-2022-38155 | Allocation of Resources Without Limits or Throttling vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0 TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive Memory Allocation via a large len value, as demonstrated by a Numaker-PFM-M2351 TEE kernel crash. | 7.5 |
| 2022-08-05 | CVE-2022-33733 | Unspecified vulnerability in Samsung Charm Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. | 3.3 |
| 2022-08-05 | CVE-2022-33734 | Unspecified vulnerability in Samsung Charm Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. | 5.5 |
| 2022-08-05 | CVE-2022-36829 | Unspecified vulnerability in Samsung Charm Firmware PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. | 5.5 |
| 2022-08-05 | CVE-2022-36830 | Unspecified vulnerability in Samsung Charm Firmware PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. | 5.5 |
| 2022-08-05 | CVE-2022-36831 | Path Traversal vulnerability in Samsung Notes Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission. | 5.5 |
| 2022-08-05 | CVE-2022-36832 | Unspecified vulnerability in Samsung Cameralyzer 3.2.0/3.3.0/3.4.0 Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22, 3.4.22 and 3.5.51 allows attackers to access external storage as Cameralyzer privilege. | 3.3 |
| 2022-08-05 | CVE-2022-36833 | Improper Privilege Management vulnerability in Samsung Gameoptimizingservice Improper Privilege Management vulnerability in Game Optimizing Service prior to versions 3.3.04.0 in Android 10, and 3.5.04.8 in Android 11 and above allows local attacker to execute hidden function for developer by changing package name. | 7.8 |
| 2022-08-05 | CVE-2022-36834 | Information Exposure vulnerability in Samsung Game Launcher Exposure of Sensitive Information vulnerability in Game Launcher prior to version 6.0.07 allows local attacker to access app data with user interaction. | 5.0 |