Filtered by vendor Samsung
Subscribe
Total
1089 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21421 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.9 MEDIUM |
| Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService prior to SMR Jan-2023 Release 1 allows attacker to access device SIM PIN. | |||||
| CVE-2023-21420 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 7.3 HIGH |
| Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution. | |||||
| CVE-2022-44636 | 1 Samsung | 30 T-ksu2eakuc, T-ksu2eakuc Firmware, T-ksu2edeuc and 27 more | 2024-11-21 | N/A | 4.6 MEDIUM |
| The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone access via Bluetooth spoofing when a user is activating remote control by pressing a button. This is fixed in xxx72510, E9172511 for 2021 models, xxxA1000, 4x2A0200 for 2022 models. | |||||
| CVE-2022-40762 | 1 Samsung | 1 Mtower | 2024-11-21 | N/A | 7.5 HIGH |
| A Memory Allocation with Excessive Size Value vulnerablity in the TEE_Realloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_Realloc with an excessive number for the parameter len. | |||||
| CVE-2022-40761 | 1 Samsung | 1 Mtower | 2024-11-21 | N/A | 7.5 HIGH |
| The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc. | |||||
| CVE-2022-40760 | 1 Samsung | 1 Mtower | 2024-11-21 | N/A | 7.5 HIGH |
| A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACUpdate with an excessive size value of chunkSize. | |||||
| CVE-2022-40759 | 1 Samsung | 1 Mtower | 2024-11-21 | N/A | 7.5 HIGH |
| A NULL pointer dereference issue in the TEE_MACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACCompareFinal with a NULL pointer for the parameter operation. | |||||
| CVE-2022-40758 | 1 Samsung | 1 Mtower | 2024-11-21 | N/A | 7.5 HIGH |
| A Buffer Access with Incorrect Length Value vulnerablity in the TEE_CipherUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_CipherUpdate with an excessive size value of srcLen. | |||||
| CVE-2022-40757 | 1 Samsung | 1 Mtower | 2024-11-21 | N/A | 7.5 HIGH |
| A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen. | |||||
| CVE-2022-40281 | 1 Samsung | 1 Tizenrt | 2024-11-21 | N/A | 7.5 HIGH |
| An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). cyassl_connect_step2 in curl/vtls/cyassl.c has a missing X509_free after SSL_get_peer_certificate, leading to information disclosure. | |||||
| CVE-2022-40280 | 1 Samsung | 1 Tizenrt | 2024-11-21 | N/A | 7.5 HIGH |
| An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_close after sqlite3_open_v2, leading to a denial of service. | |||||
| CVE-2022-40279 | 1 Samsung | 1 Tizenrt | 2024-11-21 | N/A | 7.5 HIGH |
| An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). l2_packet_receive_timeout in wpa_supplicant/src/l2_packet/l2_packet_pcap.c has a missing check on the return value of pcap_dispatch, leading to a denial of service (malfunction). | |||||
| CVE-2022-40278 | 1 Samsung | 1 Tizenrt | 2024-11-21 | N/A | 7.5 HIGH |
| An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_free after sqlite3_exec, leading to a denial of service. | |||||
| CVE-2022-39915 | 2 Google, Samsung | 2 Android, Calendar | 2024-11-21 | N/A | 3.3 LOW |
| Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q(10), 12.2.11.3000 in Android R(11), 12.3.07.2000 in Android S(12), and 12.4.02.0 in Android T(13) allows attackers to access sensitive information via implicit intent. | |||||
| CVE-2022-39911 | 1 Samsung | 1 Pass | 2024-11-21 | N/A | 4.8 MEDIUM |
| Improper check or handling of exceptional conditions vulnerability in Samsung Pass prior to version 4.0.06.1 allows attacker to access Samsung Pass. | |||||
| CVE-2022-39910 | 1 Samsung | 1 Pass | 2024-11-21 | N/A | 3.9 LOW |
| Improper access control vulnerability in Samsung Pass prior to version 4.0.06.7 allow physical attackers to access data of Samsung Pass on a certain state of an unlocked device using pop-up view. | |||||
| CVE-2022-39909 | 1 Samsung | 1 Gear Iconx Pc Manager | 2024-11-21 | N/A | 7.1 HIGH |
| Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager prior to version 2.1.221019.51 allows local attackers to create arbitrary file using symbolic link. | |||||
| CVE-2022-39902 | 1 Samsung | 2 Exynos, Exynos Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| Improper authorization in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to get sensitive information including IMEI via emergency call. | |||||
| CVE-2022-39901 | 1 Samsung | 2 Exynos, Exynos Firmware | 2024-11-21 | N/A | 6.5 MEDIUM |
| Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB. | |||||
| CVE-2022-39893 | 1 Samsung | 1 Galaxy Buds Pro Manage | 2024-11-21 | N/A | 3.3 LOW |
| Sensitive information exposure vulnerability in FmmBaseModel in Galaxy Buds Pro Manage prior to version 4.1.22092751 allows local attackers with log access permission to get device identifier data through device log. | |||||