Samsung

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-36867 1Samsung 1Editor Lite Nov 21, 2024 Sep 9, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Improper access control vulnerability in Editor Lite prior to version 4.0.40.14 allows attackers to access sensitive information.
CVE-2022-36866 1Samsung 1Group Sharing Nov 21, 2024 Sep 9, 2022 N/A· v4 3.3 LOW· v3 N/A· v2 Improper access control vulnerability in Broadcaster in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device.
CVE-2022-36865 1Samsung 1Group Sharing Nov 21, 2024 Sep 9, 2022 N/A· v4 3.3 LOW· v3 N/A· v2 Improper access control in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to access device information.
CVE-2022-36864 1Samsung 1Samsung Email Nov 21, 2024 Sep 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper access control and intent redirection in Samsung Email prior to 6.1.70.20 allows attacker to access specific formatted file and execute privileged behavior.
CVE-2022-36859 1Samsung 1Smarttagplugin Nov 21, 2024 Sep 9, 2022 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows privileged attackers to trigger a XSS on a victim's devices.
CVE-2022-36857 2Google Samsung 2Android Photo Editor Nov 21, 2024 Sep 9, 2022 N/A· v4 2.4 LOW· v3 N/A· v2 Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data.
CVE-2022-36851 1Samsung 1Samsung Pass Nov 21, 2024 Sep 9, 2022 N/A· v4 4.6 MEDIUM· v3 N/A· v2 Improper access control vulnerability in Samsung pass prior to version 4.0.03.1 allow physical attackers to access data of Samsung pass on a certain state of an unlocked device.
CVE-2022-40281 1Samsung 1Tizenrt Nov 21, 2024 Sep 8, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). cyassl_connect_step2 in curl/vtls/cyassl.c has a missing X509_free after SSL_get_peer_certificate, leading to information disclosure.
CVE-2022-40280 1Samsung 1Tizenrt Nov 21, 2024 Sep 8, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_close after sqlite3_open_v2, leading to a denial of serv...Show more An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_close after sqlite3_open_v2, leading to a denial of service.Show less
CVE-2022-39830 1Samsung 1Mtower Nov 21, 2024 Sep 5, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_public_key_affine_coordinates, leading to a denial of service.
CVE-2022-39829 1Samsung 1Mtower Nov 21, 2024 Sep 5, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 There is a NULL pointer dereference in aes256_encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVP_CIPHER_CTX_new.
CVE-2022-39828 1Samsung 1Mtower Nov 21, 2024 Sep 5, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_private_key, leading to a denial of service.
CVE-2022-36622 1Samsung 1Mtower Nov 21, 2024 Sep 1, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_GetObjectInfo1.
CVE-2022-36621 1Samsung 1Mtower Nov 21, 2024 Sep 1, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_AllocateTransientObject.
CVE-2022-38155 1Samsung 1Mtower Nov 21, 2024 Aug 11, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive Memory Allocation via a large len value, as demonstrated by a Numaker-PFM-M2351 TEE kernel crash.
CVE-2022-36840 1Samsung 1Update Nov 21, 2024 Aug 5, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 DLL hijacking vulnerability in Samsung Update Setup prior to version 2.2.9.50 allows attackers to execute arbitrary code.
CVE-2022-36839 1Samsung 1Checkout Nov 21, 2024 Aug 5, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 SQL injection vulnerability via IAPService in Samsung Checkout prior to version 5.0.53.1 allows attackers to access IAP information.
CVE-2022-36838 1Samsung 1Galaxy Wearable Nov 21, 2024 Aug 5, 2022 N/A· v4 4.6 MEDIUM· v3 N/A· v2 Implicit Intent hijacking vulnerability in Galaxy Wearable prior to version 2.2.50 allows attacker to get sensitive information.
CVE-2022-36837 1Samsung 1Samsung Email Nov 21, 2024 Aug 5, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Intent redirection vulnerability using implicit intent in Samsung email prior to version 6.1.70.20 allows attacker to get sensitive information.
CVE-2022-36836 1Samsung 1Charm Firmware Nov 21, 2024 Aug 5, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Unprotected provider vulnerability in Charm by Samsung prior to version 1.2.3 allows attackers to read connection state without permission.

Previous 1...515253...76 Next