Vulnerabilities > Samsung > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-11 | CVE-2022-23998 | Incorrect Authorization vulnerability in Samsung Camera Improper access control vulnerability in Camera prior to versions 11.1.02.16 in Android R(11), 10.5.03.77 in Android Q(10) and 9.0.6.68 in Android P(9) allows untrusted applications to take a picture in screenlock status. | 5.5 |
| 2022-02-11 | CVE-2022-24002 | Unspecified vulnerability in Samsung Link Sharing Improper Authorization vulnerability in Link Sharing prior to version 12.4.00.3 allows attackers to open protected activity via PreconditionActivity. | 5.3 |
| 2022-02-11 | CVE-2022-24003 | Unspecified vulnerability in Samsung Bixby Vision Exposure of Sensitive Information vulnerability in Bixby Vision prior to version 3.7.50.6 allows attackers to access internal data of Bixby Vision via unprotected intent. | 5.3 |
| 2022-02-11 | CVE-2022-24924 | Unspecified vulnerability in Samsung Livewallpaperservice An improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a specific named system directory without a proper permission. | 5.3 |
| 2022-02-11 | CVE-2022-24926 | Cross-site Scripting vulnerability in Samsung Smarttagplugin Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.15-6 allows privileged attackers to trigger a XSS on a victim's devices. | 5.4 |
| 2022-01-14 | CVE-2022-22290 | Improper Handling of Exceptional Conditions vulnerability in Samsung Internet Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted HTML page. | 6.5 |
| 2022-01-10 | CVE-2022-22284 | Improper Authentication vulnerability in Samsung Internet Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication | 5.5 |
| 2022-01-10 | CVE-2022-22287 | Information Exposure vulnerability in Samsung Email Abitrary file access vulnerability in Samsung Email prior to 6.1.60.16 allows attacker to read isolated data in sandbox. | 4.6 |
| 2022-01-10 | CVE-2022-22289 | Improper Authentication vulnerability in Samsung S Assistant Improper access control vulnerability in S Assistant prior to version 7.5 allows attacker to remotely get senstive information. | 5.3 |
| 2022-01-10 | CVE-2020-9061 | Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to the SiLabs UZB-7 version 7.00, ZooZ ZST10 version 6.04, Aeon Labs ZW090-A version 3.95, and Samsung STH-ETH-200 version 6.04, are susceptible to denial of service via malformed routing messages. | 6.5 |