Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in Samsung Internet.
Max CVSS
4.0
EPSS Score
0.04%
Published
2021-12-08
Updated
2021-12-13
Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Samsung Flow PC application connected with user device to access part of notification data in Secure Folder without authorization.
Max CVSS
5.7
EPSS Score
0.04%
Published
2021-11-05
Updated
2022-07-25
Non-existent provider in Samsung Health prior to 6.19.1.0001 allows attacker to access it via malicious content provider or lead to denial of service.
Max CVSS
5.5
EPSS Score
0.04%
Published
2021-11-05
Updated
2021-11-09
Improper authentication in Samsung Pass prior to 3.0.02.4 allows to use app without authentication when lockscreen is unlocked.
Max CVSS
7.8
EPSS Score
0.06%
Published
2021-11-05
Updated
2021-11-08
Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy Store.
Max CVSS
7.1
EPSS Score
0.04%
Published
2021-10-06
Updated
2021-10-14
Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and obtain Samsung Account token.
Max CVSS
6.5
EPSS Score
0.09%
Published
2021-09-09
Updated
2021-09-23
Improper access control vulnerability in PENUP prior to version 3.8.00.18 allows arbitrary webpage loading in webview.
Max CVSS
4.0
EPSS Score
0.04%
Published
2021-09-09
Updated
2022-12-02
Improper access control vulnerability in Smart Touch Call prior to version 1.0.0.5 allows arbitrary webpage loading in webview.
Max CVSS
5.3
EPSS Score
0.09%
Published
2021-08-05
Updated
2022-09-23
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause local file inclusion in webview.
Max CVSS
5.3
EPSS Score
0.09%
Published
2021-08-05
Updated
2022-09-23
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause arbitrary webpage loading in webview.
Max CVSS
5.3
EPSS Score
0.09%
Published
2021-08-05
Updated
2022-09-23
Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in Samsung Internet.
Max CVSS
5.3
EPSS Score
0.09%
Published
2021-08-05
Updated
2021-08-12
Improper MDM policy management vulnerability in KME module prior to KCS version 1.39 allows MDM users to bypass Knox Manage authentication.
Max CVSS
7.5
EPSS Score
0.10%
Published
2021-07-08
Updated
2021-07-12
Improper access control vulnerability in FactoryCameraFB prior to version 3.4.74 allows untrusted applications to access arbitrary files with an escalated privilege.
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-07-08
Updated
2022-07-30
Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbitrary webpage loading in webview.
Max CVSS
3.3
EPSS Score
0.04%
Published
2021-07-08
Updated
2022-07-25
Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause local file inclusion in webview.
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-07-08
Updated
2022-07-25
Improper access control vulnerability in Cameralyzer prior to versions 3.2.1041 in 3.2.x, 3.3.1040 in 3.3.x, and 3.4.4210 in 3.4.x allows untrusted applications to access some functions of Cameralyzer.
Max CVSS
5.5
EPSS Score
0.04%
Published
2021-07-08
Updated
2022-07-14
Improper authentication vulnerability in Tizen bluetooth-frwk prior to Firmware update JUN-2021 Release allows bluetooth attacker to take over the user's bluetooth device without user awareness.
Max CVSS
8.8
EPSS Score
0.07%
Published
2021-06-11
Updated
2021-06-17
An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files.
Max CVSS
5.5
EPSS Score
0.04%
Published
2021-06-11
Updated
2022-07-14
Improper configuration in Smart Manager prior to version 11.0.05.0 allows attacker to access the file with system privilege.
Max CVSS
7.1
EPSS Score
0.04%
Published
2021-06-11
Updated
2022-10-25
Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-04-09
Updated
2021-04-19
Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action.
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-04-09
Updated
2021-04-21
An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account.
Max CVSS
8.6
EPSS Score
0.22%
Published
2021-04-09
Updated
2022-07-14
Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-04-09
Updated
2022-08-12
Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed.
Max CVSS
7.5
EPSS Score
0.16%
Published
2021-03-25
Updated
2021-03-30
Using unsafe PendingIntent in Samsung Notes prior to version 4.2.00.22 allows local attackers unauthorized action without permission via hijacking the PendingIntent.
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-03-25
Updated
2021-03-30
36 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!