Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-11 | CVE-2022-27843 | Uncontrolled Search Path Element vulnerability in Samsung Kies 2.3.2.12074/2.3.2.120741313/2.5.0.120942711 DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitrary code. | 7.8 |
| 2022-04-11 | CVE-2022-28541 | Uncontrolled Search Path Element vulnerability in Samsung Update Uncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows attackers to execute arbitrary code as Samsung Update permission. | 7.8 |
| 2022-04-11 | CVE-2022-28542 | Incorrect Authorization vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4 Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local attackers to access privileged content providers as Galaxy Store permission. | 5.5 |
| 2022-04-11 | CVE-2022-28543 | Path Traversal vulnerability in Samsung Flow 4.8.03.5/4.8.5.0 Path traversal vulnerability in Samsung Flow prior to version 4.8.07.4 allows local attackers to read arbitrary files as Samsung Flow permission. | 5.5 |
| 2022-04-11 | CVE-2022-28544 | Path Traversal vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4 Path traversal vulnerability in unzip method of InstallAgentCommonHelper in Galaxy store prior to version 4.5.40.5 allows attacker to access the file of Galaxy store. | 5.5 |
| 2022-04-11 | CVE-2022-28775 | Unspecified vulnerability in Samsung Flow 4.8.03.5/4.8.5.0 Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker to write the file without Samsung Flow permission. | 3.3 |
| 2022-04-11 | CVE-2022-28776 | Unspecified vulnerability in Samsung Galaxy Store 4.5.32.4 Improper access control vulnerability in Galaxy Store prior to version 4.5.36.4 allows attacker to install applications from Galaxy Store without user interactions. | 7.8 |
| 2022-04-11 | CVE-2022-28777 | Unspecified vulnerability in Samsung Members Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local attacker to execute call function without CALL_PHONE permission. | 3.3 |
| 2022-04-11 | CVE-2022-28778 | Unspecified vulnerability in Samsung Security Supporter Improper access control vulnerability in Samsung Security Supporter prior to version 1.2.40.0 allows attacker to set the arbitrary folder as Secret Folder without Samsung Security Supporter permission | 3.3 |
| 2022-04-11 | CVE-2022-28779 | Uncontrolled Search Path Element vulnerability in Samsung Android USB Driver Windows Installer Uncontrolled search path element vulnerability in Samsung Android USB Driver windows installer program prior to version 1.7.50 allows attacker to execute arbitrary code. | 7.8 |