Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2022-36839 | SQL Injection vulnerability in Samsung Checkout SQL injection vulnerability via IAPService in Samsung Checkout prior to version 5.0.53.1 allows attackers to access IAP information. | 5.5 |
| 2022-07-12 | CVE-2022-33707 | Use of Insufficiently Random Values vulnerability in Samsung Find MY Mobile Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device. | 5.3 |
| 2022-07-12 | CVE-2022-33711 | Improper Validation of Integrity Check Value vulnerability in Samsung Android USB Driver Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for Mobile Phones prior to version 1.7.56.0 allows local attackers to delete arbitrary directory using directory junction. | 5.5 |
| 2022-07-12 | CVE-2022-33712 | Open Redirect vulnerability in Samsung Camera Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information. | 5.3 |
| 2022-06-07 | CVE-2022-30730 | Unspecified vulnerability in Samsung Pass Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess account list without authentication. low complexity samsung | 4.6 |
| 2022-06-07 | CVE-2022-30731 | Unspecified vulnerability in Samsung MY Files Improper access control vulnerability in My Files prior to version 13.1.00.193 allows attackers to access arbitrary private files in My Files application. | 5.5 |
| 2022-06-07 | CVE-2022-30733 | Information Exposure Through Log Files vulnerability in Samsung Account Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission. | 5.3 |
| 2022-06-07 | CVE-2022-30734 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Account Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission. | 5.3 |
| 2022-06-07 | CVE-2022-30736 | Improper Privilege Management vulnerability in Samsung Account Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery without permission. | 5.3 |
| 2022-06-07 | CVE-2022-30737 | Unspecified vulnerability in Samsung Account Implicit Intent hijacking vulnerability in Samsung Account prior to version 13.2.00.6 allows attackers to get email ID. | 5.3 |