Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-11 | CVE-2022-24924 | Unspecified vulnerability in Samsung Livewallpaperservice An improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a specific named system directory without a proper permission. | 5.3 |
| 2022-02-11 | CVE-2022-24926 | Cross-site Scripting vulnerability in Samsung Smarttagplugin Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.15-6 allows privileged attackers to trigger a XSS on a victim's devices. | 5.4 |
| 2022-02-11 | CVE-2022-24927 | Improper Privilege Management vulnerability in Samsung Video Player Improper privilege management vulnerability in Samsung Video Player prior to version 7.3.15.30 allows attackers to execute video files without permission. | 9.8 |
| 2022-01-14 | CVE-2022-22290 | Improper Handling of Exceptional Conditions vulnerability in Samsung Internet Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted HTML page. | 6.5 |
| 2022-01-10 | CVE-2022-22283 | Insufficient Session Expiration vulnerability in Samsung Health 6.16/6.17/6.19.1.0001 Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging out from Samsung Health App. | 3.3 |
| 2022-01-10 | CVE-2022-22284 | Improper Authentication vulnerability in Samsung Internet Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication | 5.5 |
| 2022-01-10 | CVE-2022-22285 | Code Injection vulnerability in Samsung Reminder 11.6.08.6000/12.2.05.6000/12.3.01.3000 A vulnerability using PendingIntent in Reminder prior to version 12.2.05.0 in Android R(11.0) and 12.3.02.1000 in Android S(12.0) allows attackers to execute privileged action by hijacking and modifying the intent. | 7.1 |
| 2022-01-10 | CVE-2022-22286 | Code Injection vulnerability in Samsung Bixby Routines A vulnerability using PendingIntent in Bixby Routines prior to version 3.1.21.8 in Android R(11.0) and 2.6.30.5 in Android Q(10.0) allows attackers to execute privileged action by hijacking and modifying the intent. | 7.1 |
| 2022-01-10 | CVE-2022-22287 | Information Exposure vulnerability in Samsung Email Abitrary file access vulnerability in Samsung Email prior to 6.1.60.16 allows attacker to read isolated data in sandbox. | 4.6 |
| 2022-01-10 | CVE-2022-22288 | Unspecified vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4 Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the allowlist. | 7.5 |