Filtered by vendor Samsung
Subscribe
Total
1176 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-28789 | 1 Samsung | 1 Voice Note | 2024-11-21 | 2.1 LOW | 6.2 MEDIUM |
| Unprotected activities in Voice Note prior to version 21.3.51.11 allows attackers to record voice without user interaction. The patch adds proper permission for vulnerable activities. | |||||
| CVE-2022-28779 | 1 Samsung | 1 Android Usb Driver Windows Installer | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
| Uncontrolled search path element vulnerability in Samsung Android USB Driver windows installer program prior to version 1.7.50 allows attacker to execute arbitrary code. | |||||
| CVE-2022-28778 | 1 Samsung | 1 Samsung Security Supporter | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| Improper access control vulnerability in Samsung Security Supporter prior to version 1.2.40.0 allows attacker to set the arbitrary folder as Secret Folder without Samsung Security Supporter permission | |||||
| CVE-2022-28777 | 1 Samsung | 1 Members | 2024-11-21 | 2.1 LOW | 4.3 MEDIUM |
| Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local attacker to execute call function without CALL_PHONE permission. | |||||
| CVE-2022-28776 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | 4.6 MEDIUM | 5.9 MEDIUM |
| Improper access control vulnerability in Galaxy Store prior to version 4.5.36.4 allows attacker to install applications from Galaxy Store without user interactions. | |||||
| CVE-2022-28775 | 1 Samsung | 1 Samsung Flow | 2024-11-21 | 2.1 LOW | 5.1 MEDIUM |
| Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker to write the file without Samsung Flow permission. | |||||
| CVE-2022-28544 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | 5.0 MEDIUM | 6.2 MEDIUM |
| Path traversal vulnerability in unzip method of InstallAgentCommonHelper in Galaxy store prior to version 4.5.40.5 allows attacker to access the file of Galaxy store. | |||||
| CVE-2022-28543 | 1 Samsung | 1 Samsung Flow | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Path traversal vulnerability in Samsung Flow prior to version 4.8.07.4 allows local attackers to read arbitrary files as Samsung Flow permission. | |||||
| CVE-2022-28542 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | 2.1 LOW | 6.8 MEDIUM |
| Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local attackers to access privileged content providers as Galaxy Store permission. | |||||
| CVE-2022-28541 | 1 Samsung | 1 Update | 2024-11-21 | 4.6 MEDIUM | 5.9 MEDIUM |
| Uncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows attackers to execute arbitrary code as Samsung Update permission. | |||||
| CVE-2022-27843 | 1 Samsung | 1 Kies | 2024-11-21 | 4.4 MEDIUM | 6.2 MEDIUM |
| DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitrary code. | |||||
| CVE-2022-27842 | 1 Samsung | 1 Smart Switch Pc | 2024-11-21 | 4.4 MEDIUM | 6.2 MEDIUM |
| DLL hijacking vulnerability in Smart Switch PC prior to version 4.2.22022_4 allows attacker to execute abitrary code. | |||||
| CVE-2022-27841 | 1 Samsung | 1 Samsung Pass | 2024-11-21 | 1.9 LOW | 4.3 MEDIUM |
| Improper exception handling in Samsung Pass prior to version 3.7.07.5 allows physical attacker to view the screen that is previously running without authentication | |||||
| CVE-2022-27840 | 1 Samsung | 1 Recovery | 2024-11-21 | 3.6 LOW | 4.4 MEDIUM |
| Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission. | |||||
| CVE-2022-27839 | 1 Samsung | 1 Internet | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1 allows attackers to access bookmark tab without proper credentials. | |||||
| CVE-2022-27838 | 1 Samsung | 1 Factorycamera | 2024-11-21 | 7.2 HIGH | 7.7 HIGH |
| Improper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to access the file with system privilege. | |||||
| CVE-2022-27837 | 2 Google, Samsung | 2 Android, Accessibility | 2024-11-21 | 9.3 HIGH | 4.4 MEDIUM |
| A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attacker to access the file with system privilege. | |||||
| CVE-2022-27834 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 4.4 MEDIUM | 2.9 LOW |
| Use after free vulnerability in dsp_context_unload_graph function of DSP driver prior to SMR Apr-2022 Release 1 allows attackers to perform malicious actions. | |||||
| CVE-2022-27833 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 4.6 MEDIUM | 4.4 MEDIUM |
| Improper input validation in DSP driver prior to SMR Apr-2022 Release 1 allows out-of-bounds write by integer overflow. | |||||
| CVE-2022-25830 | 1 Samsung | 1 Galaxy Watch 3 Plugin | 2024-11-21 | 2.1 LOW | 1.9 LOW |
| Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751 allows attacker to access password information of connected WiFiAp in the log | |||||