Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-06 | CVE-2023-30725 | Improper Authentication vulnerability in Samsung Gallery Improper authentication in LocalProvier of Gallery prior to version 14.5.01.2 allows attacker to access the data in content provider. | 5.5 |
| 2023-09-06 | CVE-2023-30726 | Unspecified vulnerability in Samsung Gamelauncher PendingIntent hijacking vulnerability in GameLauncher prior to version 4.2.59.5 allows local attackers to access data. | 5.5 |
| 2023-09-06 | CVE-2023-30728 | Unspecified vulnerability in Samsung Packageinstallerchn Intent redirection vulnerability in PackageInstallerCHN prior to version 13.1.03.00 allows local attacker to access arbitrary file. | 5.5 |
| 2023-09-06 | CVE-2023-30730 | Unspecified vulnerability in Samsung Camera Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file. | 5.5 |
| 2023-08-22 | CVE-2020-22181 | Cross-site Scripting vulnerability in Samsung Sww-3400Rw Firmware A reflected cross site scripting (XSS) vulnerability was discovered on Samsung sww-3400rw Router devices via the m2 parameter of the sess-bin/command.cgi | 6.1 |
| 2023-08-14 | CVE-2023-40291 | Unspecified vulnerability in Samsung Harman Infotainment 20190525031613 Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name. low complexity samsung | 6.8 |
| 2023-08-14 | CVE-2023-40292 | Unspecified vulnerability in Samsung Harman Infotainment 20190525031613 Harman Infotainment 20190525031613 and later discloses the IP address via CarPlay CTRL packets. low complexity samsung | 4.3 |
| 2023-08-14 | CVE-2023-40293 | Command Injection vulnerability in Samsung Harman Infotainment 20190525031613 Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object. | 6.8 |
| 2023-08-10 | CVE-2023-30654 | Unspecified vulnerability in Samsung Android 11.0/12.0 Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location. | 5.5 |
| 2023-08-10 | CVE-2023-30698 | Unspecified vulnerability in Samsung Android 13.0 Improper access control vulnerability in TelephonyUI prior to SMR Aug-2023 Release 1 allows local attacker to connect BLE without privilege. | 5.5 |