Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-07 | CVE-2022-39877 | Unspecified vulnerability in Samsung Group Sharing 10.8.03.2 Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device. | 5.3 |
| 2022-10-07 | CVE-2022-39878 | Unspecified vulnerability in Samsung Checkout 5.0.53.1 Improper access control vulnerability in Samsung Checkout prior to version 5.0.55.3 allows attackers to access sensitive information via implicit intent broadcast. | 5.5 |
| 2022-09-09 | CVE-2022-36851 | Unspecified vulnerability in Samsung Pass 3.0.02.4/3.7.07.5 Improper access control vulnerability in Samsung pass prior to version 4.0.03.1 allow physical attackers to access data of Samsung pass on a certain state of an unlocked device. low complexity samsung | 4.6 |
| 2022-09-09 | CVE-2022-36859 | Cross-site Scripting vulnerability in Samsung Smarttagplugin 1.2.156 Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows privileged attackers to trigger a XSS on a victim's devices. | 4.8 |
| 2022-09-09 | CVE-2022-36867 | Unspecified vulnerability in Samsung Editor Lite Improper access control vulnerability in Editor Lite prior to version 4.0.40.14 allows attackers to access sensitive information. | 5.5 |
| 2022-09-09 | CVE-2022-36869 | Unspecified vulnerability in Samsung Contacts Provider Improper access control vulnerability in ContactsDumpActivity of?Contacts Provider prior to version 12.7.59 allows attacker to access the file without permission. | 6.1 |
| 2022-09-09 | CVE-2022-36870 | Unspecified vulnerability in Samsung PAY and Samsung PAY KR Pending Intent hijacking vulnerability in MTransferNotificationManager in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | 6.5 |
| 2022-09-09 | CVE-2022-36871 | Unspecified vulnerability in Samsung PAY and Samsung PAY KR Pending Intent hijacking vulnerability in NotiCenterUtils in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | 6.5 |
| 2022-09-09 | CVE-2022-36872 | Unspecified vulnerability in Samsung PAY and Samsung PAY KR Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | 6.5 |
| 2022-09-09 | CVE-2022-36873 | Unspecified vulnerability in Samsung Galaxy Watch Plugin 2.2.05.21033151/2.2.05.220126741/2.2.05.22012751 Improper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC address of the connected Bluetooth device. low complexity samsung | 6.5 |