Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-09 | CVE-2022-39845 | Improper Validation of Integrity Check Value vulnerability in Samsung Kies Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074 allows local attackers to delete arbitrary directory using directory junction. | 7.1 |
| 2022-09-09 | CVE-2022-39846 | Uncontrolled Search Path Element vulnerability in Samsung Smart Switch PC 4.2.220224/4.3.22083 DLL hijacking vulnerability in Smart Switch PC prior to version 4.3.22083_3 allows attacker to execute arbitrary code. | 7.8 |
| 2022-09-08 | CVE-2022-40280 | Missing Release of Resource after Effective Lifetime vulnerability in Samsung Tizenrt An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). | 7.5 |
| 2022-09-08 | CVE-2022-40281 | Memory Leak vulnerability in Samsung Tizenrt An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). | 7.5 |
| 2022-09-05 | CVE-2022-39828 | Unspecified vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0 sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_private_key, leading to a denial of service. | 7.5 |
| 2022-09-05 | CVE-2022-39829 | NULL Pointer Dereference vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0 There is a NULL pointer dereference in aes256_encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVP_CIPHER_CTX_new. | 7.5 |
| 2022-09-05 | CVE-2022-39830 | Unspecified vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0 sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_public_key_affine_coordinates, leading to a denial of service. | 7.5 |
| 2022-09-01 | CVE-2022-36621 | NULL Pointer Dereference vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0 Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_AllocateTransientObject. | 7.5 |
| 2022-09-01 | CVE-2022-36622 | NULL Pointer Dereference vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0 Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_GetObjectInfo1. | 7.5 |
| 2022-08-11 | CVE-2022-38155 | Allocation of Resources Without Limits or Throttling vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0 TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive Memory Allocation via a large len value, as demonstrated by a Numaker-PFM-M2351 TEE kernel crash. | 7.5 |