Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-22 | CVE-2020-22181 | Cross-site Scripting vulnerability in Samsung Sww-3400Rw Firmware A reflected cross site scripting (XSS) vulnerability was discovered on Samsung sww-3400rw Router devices via the m2 parameter of the sess-bin/command.cgi | 6.1 |
| 2023-08-14 | CVE-2023-40291 | Unspecified vulnerability in Samsung Harman Infotainment 20190525031613 Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name. low complexity samsung | 6.8 |
| 2023-08-14 | CVE-2023-40292 | Unspecified vulnerability in Samsung Harman Infotainment 20190525031613 Harman Infotainment 20190525031613 and later discloses the IP address via CarPlay CTRL packets. low complexity samsung | 4.3 |
| 2023-08-14 | CVE-2023-40293 | Command Injection vulnerability in Samsung Harman Infotainment 20190525031613 Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object. | 6.8 |
| 2023-08-10 | CVE-2023-30654 | Unspecified vulnerability in Samsung Android 11.0/12.0 Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location. | 5.5 |
| 2023-08-10 | CVE-2023-30698 | Unspecified vulnerability in Samsung Android 13.0 Improper access control vulnerability in TelephonyUI prior to SMR Aug-2023 Release 1 allows local attacker to connect BLE without privilege. | 5.5 |
| 2023-08-10 | CVE-2023-30701 | Unspecified vulnerability in Samsung Android 11.0/12.0 PendingIntent hijacking in WifiGeofenceManager prior to SMR Aug-2023 Release 1 allows local attacker to arbitrary file access. | 5.5 |
| 2023-08-10 | CVE-2023-30703 | Unspecified vulnerability in Samsung Members Improper URL validation vulnerability in Samsung Members prior to version 14.0.07.1 allows attackers to access sensitive information. | 4.3 |
| 2023-08-10 | CVE-2023-30704 | Unspecified vulnerability in Samsung Internet Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication. low complexity samsung | 4.6 |
| 2023-08-10 | CVE-2023-30705 | Incorrect Authorization vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission. | 5.5 |