Vulnerabilities > Samsung > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-09-09 | CVE-2022-36872 | Unspecified vulnerability in Samsung PAY and Samsung PAY KR Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | 6.5 |
2022-09-09 | CVE-2022-36873 | Unspecified vulnerability in Samsung Galaxy Watch Plugin 2.2.05.21033151/2.2.05.220126741/2.2.05.22012751 Improper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC address of the connected Bluetooth device. low complexity samsung | 6.5 |
2022-09-09 | CVE-2022-36874 | Improper Handling of Exceptional Conditions vulnerability in Samsung Galaxy Watch Plugin 2.2.05.21033151/2.2.05.220126741/2.2.05.22012751 Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number. | 6.2 |
2022-09-09 | CVE-2022-36875 | Unspecified vulnerability in Samsung Galaxy Watch Plugin 2.2.05.21033151/2.2.05.220126741/2.2.05.22012751 Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission. | 5.5 |
2022-08-05 | CVE-2022-33734 | Unspecified vulnerability in Samsung Charm Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. | 5.5 |
2022-08-05 | CVE-2022-36829 | Unspecified vulnerability in Samsung Charm Firmware PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. | 5.5 |
2022-08-05 | CVE-2022-36830 | Unspecified vulnerability in Samsung Charm Firmware PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. | 5.5 |
2022-08-05 | CVE-2022-36831 | Path Traversal vulnerability in Samsung Notes Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission. | 5.5 |
2022-08-05 | CVE-2022-36834 | Information Exposure vulnerability in Samsung Game Launcher Exposure of Sensitive Information vulnerability in Game Launcher prior to version 6.0.07 allows local attacker to access app data with user interaction. | 5.0 |
2022-08-05 | CVE-2022-36836 | Missing Authorization vulnerability in Samsung Charm Firmware Unprotected provider vulnerability in Charm by Samsung prior to version 1.2.3 allows attackers to read connection state without permission. | 5.5 |