Vulnerabilities > Samsung > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-09 | CVE-2023-21443 | Inadequate Encryption Strength vulnerability in Samsung Flow Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows adjacent attackers to decrypt encrypted messages or inject commands. | 8.8 |
| 2023-02-09 | CVE-2023-21444 | Inadequate Encryption Strength vulnerability in Samsung Flow Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers to decrypt encrypted messages or inject commands. | 8.8 |
| 2023-02-09 | CVE-2023-21445 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Android 11.0/12.0 Improper access control vulnerability in MyFiles prior to versions 12.2.09 in Android R(11), 13.1.03.501 in Android S(12) and 14.1.00.422 in Android T(13) allows local attacker to write file with MyFiles privilege via implicit intent. | 7.8 |
| 2023-02-09 | CVE-2023-21451 | Out-of-bounds Write vulnerability in Samsung Android 12.0 A Stack-based overflow vulnerability in IpcRxEmbmsSessionList in SECRIL prior to Android S(12) allows attacker to cause memory corruptions. | 7.8 |
| 2022-12-08 | CVE-2022-39902 | Unspecified vulnerability in Samsung Exynos Firmware Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency call. | 7.5 |
| 2022-11-09 | CVE-2022-39890 | Unspecified vulnerability in Samsung Billing Improper Authorization in Samsung Billing prior to version 5.0.56.0 allows attacker to get sensitive information. | 7.5 |
| 2022-11-09 | CVE-2022-39891 | Out-of-bounds Write vulnerability in Samsung Editor Lite 4.0.40.14 Heap overflow vulnerability in parse_pce function in libsavsaudio.so in Editor Lite prior to version 4.0.41.3 allows attacker to get information. | 7.5 |
| 2022-10-07 | CVE-2022-39858 | Path Traversal vulnerability in Samsung Factorycamera 2.1.96 Path traversal vulnerability in AtBroadcastReceiver in FactoryCamera prior to version 3.5.51 allows attackers to write arbitrary file as FactoryCamera privilege. | 7.8 |
| 2022-10-07 | CVE-2022-39864 | Unspecified vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12 Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitive information via implicit intent. | 7.5 |
| 2022-10-07 | CVE-2022-39865 | Unspecified vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25 Improper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast. | 7.5 |