Vulnerabilities > Samsung > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-12 | CVE-2022-33709 | Improper Privilege Management vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4 Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | 7.8 |
| 2022-07-12 | CVE-2022-33710 | Improper Privilege Management vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4 Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | 7.8 |
| 2022-07-12 | CVE-2022-33713 | Unspecified vulnerability in Samsung Cloud 4.7.0.3/5.1.0.8 Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to get sensitive information. | 7.5 |
| 2022-06-07 | CVE-2022-30732 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Account Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows attacker to access sensitive information via onActivityResult. | 7.5 |
| 2022-06-07 | CVE-2022-30735 | Improper Privilege Management vulnerability in Samsung Account Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the access_token without permission. | 7.5 |
| 2022-06-07 | CVE-2022-30744 | Uncontrolled Search Path Element vulnerability in Samsung Kies DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows attacker to execute arbitrary code. | 7.8 |
| 2022-06-07 | CVE-2022-30746 | Missing Authorization vulnerability in Samsung Smartthings 1.7.73.22 Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API. | 7.5 |
| 2022-06-07 | CVE-2022-30749 | Improper Authentication vulnerability in Samsung Smartthings 1.7.73.22/1.7.85.12 Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to add arbitrary smart devices by bypassing login activity. | 7.8 |
| 2022-05-03 | CVE-2022-28792 | Uncontrolled Search Path Element vulnerability in Samsung Gear Iconx PC Manager DLL hijacking vulnerability in Gear IconX PC Manager prior to version 2.1.220405.51 allows attacker to execute arbitrary code. | 7.8 |
| 2022-04-11 | CVE-2022-27837 | Files or Directories Accessible to External Parties vulnerability in Samsung Accessibility 12.5.3.2 A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attacker to access the file with system privilege. | 7.8 |