Filtered by vendor Samsung
Subscriptions
Total
1389 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-21518 | 1 Samsung | 1 Searchwidget | 2024-11-21 | 4.4 Medium |
| Improper access control vulnerability in SearchWidget prior to version 3.3 in China models allows untrusted applications to start arbitrary activity. | ||||
| CVE-2023-21512 | 1 Samsung | 1 Android | 2024-11-21 | 2.4 Low |
| Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission. | ||||
| CVE-2023-21465 | 1 Samsung | 1 Bixbytouch | 2024-11-21 | 5.5 Medium |
| Improper access control vulnerability in BixbyTouch prior to version 3.2.02.5 in China models allows untrusted applications access local files. | ||||
| CVE-2023-21464 | 2 Google, Samsung | 2 Android, Calendar | 2024-11-21 | 4 Medium |
| Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08.2000 in Android 12 allows local attacker to configure improper status. | ||||
| CVE-2023-21463 | 2 Google, Samsung | 2 Android, Myfiles | 2024-11-21 | 4 Medium |
| Improper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.03.0 in Android 13 allows local attacker to get sensitive information of secret mode in Samsung Internet application with specific conditions. | ||||
| CVE-2023-21462 | 2 Google, Samsung | 2 Android, Quick Share | 2024-11-21 | 4.2 Medium |
| The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in Android 12 and 3.5.16.20 in Android 13 allows to local attacker to access MAC address without related permission. | ||||
| CVE-2023-21461 | 1 Samsung | 1 Android | 2024-11-21 | 4 Medium |
| Improper authorization vulnerability in AutoPowerOnOffConfirmDialog in Settings prior to SMR Mar-2023 Release 1 allows local attacker to turn device off via unprotected activity. | ||||
| CVE-2022-4894 | 2 Hp, Samsung | 2046 1vr14a, 1vr14a Firmware, 209u7a and 2043 more | 2024-11-21 | 7.3 High |
| Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element. | ||||
| CVE-2022-40762 | 1 Samsung | 1 Mtower | 2024-11-21 | 7.5 High |
| A Memory Allocation with Excessive Size Value vulnerablity in the TEE_Realloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_Realloc with an excessive number for the parameter len. | ||||
| CVE-2022-40761 | 1 Samsung | 1 Mtower | 2024-11-21 | 7.5 High |
| The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc. | ||||
| CVE-2022-40760 | 1 Samsung | 1 Mtower | 2024-11-21 | 7.5 High |
| A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACUpdate with an excessive size value of chunkSize. | ||||
| CVE-2022-40759 | 1 Samsung | 1 Mtower | 2024-11-21 | 7.5 High |
| A NULL pointer dereference issue in the TEE_MACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACCompareFinal with a NULL pointer for the parameter operation. | ||||
| CVE-2022-40758 | 1 Samsung | 1 Mtower | 2024-11-21 | 7.5 High |
| A Buffer Access with Incorrect Length Value vulnerablity in the TEE_CipherUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_CipherUpdate with an excessive size value of srcLen. | ||||
| CVE-2022-40757 | 1 Samsung | 1 Mtower | 2024-11-21 | 7.5 High |
| A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen. | ||||
| CVE-2022-40281 | 1 Samsung | 1 Tizenrt | 2024-11-21 | 7.5 High |
| An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). cyassl_connect_step2 in curl/vtls/cyassl.c has a missing X509_free after SSL_get_peer_certificate, leading to information disclosure. | ||||
| CVE-2022-40280 | 1 Samsung | 1 Tizenrt | 2024-11-21 | 7.5 High |
| An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_close after sqlite3_open_v2, leading to a denial of service. | ||||
| CVE-2022-40279 | 1 Samsung | 1 Tizenrt | 2024-11-21 | 7.5 High |
| An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). l2_packet_receive_timeout in wpa_supplicant/src/l2_packet/l2_packet_pcap.c has a missing check on the return value of pcap_dispatch, leading to a denial of service (malfunction). | ||||
| CVE-2022-40278 | 1 Samsung | 1 Tizenrt | 2024-11-21 | 7.5 High |
| An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_free after sqlite3_exec, leading to a denial of service. | ||||
| CVE-2022-39878 | 1 Samsung | 1 Checkout | 2024-11-21 | 4 Medium |
| Improper access control vulnerability in Samsung Checkout prior to version 5.0.55.3 allows attackers to access sensitive information via implicit intent broadcast. | ||||
| CVE-2022-39876 | 1 Samsung | 1 Reminder | 2024-11-21 | 5.9 Medium |
| Insertion of Sensitive Information into Log in PushRegIdUpdateClient of SReminder prior to 8.2.01.13 allows attacker to access device IMEI. | ||||