Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-09 | CVE-2022-36870 | Unspecified vulnerability in Samsung PAY and Samsung PAY KR Pending Intent hijacking vulnerability in MTransferNotificationManager in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | 6.5 |
| 2022-09-09 | CVE-2022-36871 | Unspecified vulnerability in Samsung PAY and Samsung PAY KR Pending Intent hijacking vulnerability in NotiCenterUtils in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | 6.5 |
| 2022-09-09 | CVE-2022-36872 | Unspecified vulnerability in Samsung PAY and Samsung PAY KR Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | 6.5 |
| 2022-09-09 | CVE-2022-36873 | Unspecified vulnerability in Samsung Galaxy Watch Plugin 2.2.05.21033151/2.2.05.220126741/2.2.05.22012751 Improper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC address of the connected Bluetooth device. low complexity samsung | 6.5 |
| 2022-09-09 | CVE-2022-36874 | Improper Handling of Exceptional Conditions vulnerability in Samsung Galaxy Watch Plugin 2.2.05.21033151/2.2.05.220126741/2.2.05.22012751 Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number. | 6.2 |
| 2022-09-09 | CVE-2022-36875 | Unspecified vulnerability in Samsung Galaxy Watch Plugin 2.2.05.21033151/2.2.05.220126741/2.2.05.22012751 Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission. | 5.5 |
| 2022-09-09 | CVE-2022-36876 | Unspecified vulnerability in Samsung Pass 3.0.02.4/3.7.07.5/4.0.03.1 Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication. low complexity samsung | 2.4 |
| 2022-09-09 | CVE-2022-36877 | Information Exposure Through Log Files vulnerability in Samsung Members Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions 4.3.00.11 in Global and 14.0.02.4 in China allows local attackers to access device identification via log. | 3.3 |
| 2022-09-09 | CVE-2022-36878 | Information Exposure vulnerability in Samsung Find MY Mobile Exposure of Sensitive Information in Find My Mobile prior to version 7.2.25.14 allows local attacker to access IMEI via log. | 3.3 |
| 2022-09-09 | CVE-2022-39844 | Improper Validation of Integrity Check Value vulnerability in Samsung Smart Switch PC 4.2.220224 Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3.22083 allows local attackers to delete arbitrary directory using directory junction. | 7.1 |