Vulnerabilities > Samsung > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-07 | CVE-2022-39866 | Unspecified vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25 Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast. | 7.5 |
| 2022-10-07 | CVE-2022-39867 | Unspecified vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25 Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via SHOW_PERSISTENT_BANNER broadcast. | 7.5 |
| 2022-10-07 | CVE-2022-39868 | Unspecified vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25 Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast. | 7.5 |
| 2022-10-07 | CVE-2022-39869 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25 Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via REMOVE_PERSISTENT_BANNER broadcast. | 7.5 |
| 2022-10-07 | CVE-2022-39870 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25 Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast. | 7.5 |
| 2022-10-07 | CVE-2022-39871 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12/1.7.85.25 Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts. | 7.5 |
| 2022-09-29 | CVE-2022-40278 | Use After Free vulnerability in Samsung Tizenrt An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). | 7.5 |
| 2022-09-29 | CVE-2022-40279 | Unchecked Return Value vulnerability in Samsung Tizenrt An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). | 7.5 |
| 2022-09-16 | CVE-2022-40757 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0 A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen. | 7.5 |
| 2022-09-16 | CVE-2022-40758 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0 A Buffer Access with Incorrect Length Value vulnerablity in the TEE_CipherUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_CipherUpdate with an excessive size value of srcLen. | 7.5 |