Improper access control vulnerability in Samsung pass prior to version 4.0.03.1 allow physical attackers to access data of Samsung pass on a certain state of an unlocked device.
Max CVSS
4.6
EPSS Score
0.06%
Published
2022-09-09
Updated
2022-09-21
Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows privileged attackers to trigger a XSS on a victim's devices.
Max CVSS
5.7
EPSS Score
0.04%
Published
2022-09-09
Updated
2023-06-27
Improper access control and intent redirection in Samsung Email prior to 6.1.70.20 allows attacker to access specific formatted file and execute privileged behavior.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-09-09
Updated
2022-09-21
Improper access control in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to access device information.
Max CVSS
4.0
EPSS Score
0.04%
Published
2022-09-09
Updated
2022-09-21
Improper access control vulnerability in Broadcaster in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device.
Max CVSS
4.0
EPSS Score
0.04%
Published
2022-09-09
Updated
2022-09-21
Improper access control vulnerability in Editor Lite prior to version 4.0.40.14 allows attackers to access sensitive information.
Max CVSS
5.9
EPSS Score
0.04%
Published
2022-09-09
Updated
2022-10-01
Improper access control vulnerability in ContactsDumpActivity of?Contacts Provider prior to version 12.7.59 allows attacker to access the file without permission.
Max CVSS
6.6
EPSS Score
0.04%
Published
2022-09-09
Updated
2022-10-01
Pending Intent hijacking vulnerability in MTransferNotificationManager in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.
Max CVSS
6.5
EPSS Score
0.04%
Published
2022-09-09
Updated
2022-10-01
Pending Intent hijacking vulnerability in NotiCenterUtils in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.
Max CVSS
6.5
EPSS Score
0.04%
Published
2022-09-09
Updated
2022-10-01
Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.
Max CVSS
6.5
EPSS Score
0.04%
Published
2022-09-09
Updated
2022-10-01
Improper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC address of the connected Bluetooth device.
Max CVSS
6.5
EPSS Score
0.06%
Published
2022-09-09
Updated
2022-09-21
Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number.
Max CVSS
6.2
EPSS Score
0.06%
Published
2022-09-09
Updated
2022-09-21
Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission.
Max CVSS
6.6
EPSS Score
0.04%
Published
2022-09-09
Updated
2023-07-21
Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication.
Max CVSS
2.4
EPSS Score
0.05%
Published
2022-09-09
Updated
2023-06-27
Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions 4.3.00.11 in Global and 14.0.02.4 in China allows local attackers to access device identification via log.
Max CVSS
3.3
EPSS Score
0.04%
Published
2022-09-09
Updated
2022-09-21
Exposure of Sensitive Information in Find My Mobile prior to version 7.2.25.14 allows local attacker to access IMEI via log.
Max CVSS
3.3
EPSS Score
0.04%
Published
2022-09-09
Updated
2022-09-21
Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3.22083 allows local attackers to delete arbitrary directory using directory junction.
Max CVSS
7.1
EPSS Score
0.04%
Published
2022-09-09
Updated
2022-09-21
Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074 allows local attackers to delete arbitrary directory using directory junction.
Max CVSS
7.1
EPSS Score
0.04%
Published
2022-09-09
Updated
2022-09-21
DLL hijacking vulnerability in Smart Switch PC prior to version 4.3.22083_3 allows attacker to execute arbitrary code.
Max CVSS
7.8
EPSS Score
0.06%
Published
2022-09-09
Updated
2022-09-21
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!