Vulnerabilities > Samsung
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-10 | CVE-2022-22289 | Improper Authentication vulnerability in Samsung S Assistant Improper access control vulnerability in S Assistant prior to version 7.5 allows attacker to remotely get senstive information. | 5.3 |
| 2022-01-10 | CVE-2020-9061 | Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to the SiLabs UZB-7 version 7.00, ZooZ ZST10 version 6.04, Aeon Labs ZW090-A version 3.95, and Samsung STH-ETH-200 version 6.04, are susceptible to denial of service via malformed routing messages. | 6.5 |
| 2021-12-20 | CVE-2021-42913 | Insufficiently Protected Credentials vulnerability in Samsung Syncthru web Service The SyncThru Web Service on Samsung SCX-6x55X printers allows an attacker to gain access to a list of SMB users and cleartext passwords by reading the HTML source code. | 7.5 |
| 2021-12-08 | CVE-2021-25520 | Cross-site Scripting vulnerability in Samsung Internet Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to execute script codes in Samsung Internet. | 6.1 |
| 2021-12-08 | CVE-2021-25521 | Files or Directories Accessible to External Parties vulnerability in Samsung Internet Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in Samsung Internet. | 3.3 |
| 2021-12-08 | CVE-2021-25522 | Insecure Storage of Sensitive Information vulnerability in Samsung Smart Capture Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02.10 allows attacker to access victim's captured images without permission. | 3.3 |
| 2021-12-08 | CVE-2021-25523 | Insecure Storage of Sensitive Information vulnerability in Samsung Dialer Insecure storage of device information in Samsung Dialer prior to version 12.7.05.24 allows attacker to get Samsung Account ID. | 3.3 |
| 2021-12-08 | CVE-2021-25524 | Insecure Storage of Sensitive Information vulnerability in Samsung Contacts Insecure storage of device information in Contacts prior to version 12.7.05.24 allows attacker to get Samsung Account ID. | 3.3 |
| 2021-12-08 | CVE-2021-25525 | Improper Check for Unusual or Exceptional Conditions vulnerability in Samsung PAY Improper check or handling of exception conditions vulnerability in Samsung Pay (US only) prior to version 4.0.65 allows attacker to use NFC without user recognition. | 6.5 |
| 2021-12-08 | CVE-2021-25526 | Unspecified vulnerability in Samsung Blockchain Wallet Intent redirection vulnerability in Samsung Blockchain Wallet prior to version 1.3.02.8 allows attacker to execute privileged action. | 5.5 |