Vulnerabilities > Samsung > High

DATE CVE VULNERABILITY TITLE RISK
2022-10-07 CVE-2022-39865 Unspecified vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25
Improper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
network
low complexity
samsung
7.5
2022-10-07 CVE-2022-39866 Unspecified vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25
Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
network
low complexity
samsung
7.5
2022-10-07 CVE-2022-39867 Unspecified vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast.
network
low complexity
samsung
7.5
2022-10-07 CVE-2022-39868 Unspecified vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25
Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast.
network
low complexity
samsung
7.5
2022-10-07 CVE-2022-39869 Exposure of Resource to Wrong Sphere vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVE_PERSISTENT_BANNER broadcast.
network
low complexity
samsung CWE-668
7.5
2022-10-07 CVE-2022-39870 Exposure of Resource to Wrong Sphere vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast.
network
low complexity
samsung CWE-668
7.5
2022-10-07 CVE-2022-39871 Exposure of Resource to Wrong Sphere vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25
Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts.
network
low complexity
samsung CWE-668
7.5
2022-09-29 CVE-2022-40278 Use After Free vulnerability in Samsung Tizenrt
An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE).
network
low complexity
samsung CWE-416
7.5
2022-09-29 CVE-2022-40279 Unchecked Return Value vulnerability in Samsung Tizenrt
An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE).
network
low complexity
samsung CWE-252
7.5
2022-09-16 CVE-2022-40757 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0
A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen.
network
low complexity
samsung CWE-119
7.5