Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-09 | CVE-2022-36859 | Cross-site Scripting vulnerability in Samsung Smarttagplugin 1.2.156 Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows privileged attackers to trigger a XSS on a victim's devices. | 4.8 |
| 2022-09-09 | CVE-2022-36867 | Unspecified vulnerability in Samsung Editor Lite Improper access control vulnerability in Editor Lite prior to version 4.0.40.14 allows attackers to access sensitive information. | 5.5 |
| 2022-09-09 | CVE-2022-36869 | Unspecified vulnerability in Samsung Contacts Provider Improper access control vulnerability in ContactsDumpActivity of?Contacts Provider prior to version 12.7.59 allows attacker to access the file without permission. | 6.1 |
| 2022-09-09 | CVE-2022-36870 | Unspecified vulnerability in Samsung PAY and Samsung PAY KR Pending Intent hijacking vulnerability in MTransferNotificationManager in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | 6.5 |
| 2022-09-09 | CVE-2022-36871 | Unspecified vulnerability in Samsung PAY and Samsung PAY KR Pending Intent hijacking vulnerability in NotiCenterUtils in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | 6.5 |
| 2022-09-09 | CVE-2022-36872 | Unspecified vulnerability in Samsung PAY and Samsung PAY KR Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | 6.5 |
| 2022-09-09 | CVE-2022-36875 | Unspecified vulnerability in Samsung Galaxy Watch Plugin 2.2.05.21033151/2.2.05.220126741/2.2.05.22012751 Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission. | 5.5 |
| 2022-08-05 | CVE-2022-33734 | Unspecified vulnerability in Samsung Charm Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. | 5.5 |
| 2022-08-05 | CVE-2022-36829 | Unspecified vulnerability in Samsung Charm Firmware PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. | 5.5 |
| 2022-08-05 | CVE-2022-36830 | Unspecified vulnerability in Samsung Charm Firmware PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. | 5.5 |