Total
909 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-36871 | 1 Samsung | 2 Samsung Pay, Samsung Pay Kr | 2024-11-21 | 5 Medium |
| Pending Intent hijacking vulnerability in NotiCenterUtils in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | ||||
| CVE-2022-36870 | 1 Samsung | 2 Samsung Pay, Samsung Pay Kr | 2024-11-21 | 5 Medium |
| Pending Intent hijacking vulnerability in MTransferNotificationManager in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent. | ||||
| CVE-2022-36857 | 2 Google, Samsung | 2 Android, Photo Editor | 2024-11-21 | 1.9 Low |
| Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data. | ||||
| CVE-2022-36852 | 1 Google | 1 Android | 2024-11-21 | 1.9 Low |
| Improper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local attacker to access internal application data. | ||||
| CVE-2022-36848 | 1 Google | 1 Android | 2024-11-21 | 5.1 Medium |
| Improper Authorization vulnerability in setDualDARPolicyCmd prior to SMR Sep-2022 Release 1 allows local attackers to cause local permanent denial of service. | ||||
| CVE-2022-36838 | 1 Samsung | 1 Galaxy Wearable | 2024-11-21 | 4 Medium |
| Implicit Intent hijacking vulnerability in Galaxy Wearable prior to version 2.2.50 allows attacker to get sensitive information. | ||||
| CVE-2022-36837 | 1 Samsung | 1 Samsung Email | 2024-11-21 | 6.2 Medium |
| Intent redirection vulnerability using implicit intent in Samsung email prior to version 6.1.70.20 allows attacker to get sensitive information. | ||||
| CVE-2022-33722 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Implicit Intent hijacking vulnerability in Smart View prior to SMR Aug-2022 Release 1 allows attacker to access connected device MAC address. | ||||
| CVE-2022-33713 | 1 Samsung | 1 Cloud | 2024-11-21 | 7.5 High |
| Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to get sensitive information. | ||||
| CVE-2022-33712 | 2 Google, Samsung | 2 Android, Camera | 2024-11-21 | 5.3 Medium |
| Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information. | ||||
| CVE-2022-33705 | 1 Samsung | 1 Calendar | 2024-11-21 | 3.3 Low |
| Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access calendar schedule without READ_CALENDAR permission. | ||||
| CVE-2022-33702 | 1 Google | 1 Android | 2024-11-21 | 6.2 Medium |
| Improper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local attacker to disable keyguard and bypass Knoxguard lock by factory reset. | ||||
| CVE-2022-31609 | 1 Nvidia | 1 Virtual Gpu | 2024-11-21 | 7.8 High |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows the guest VM to allocate resources for which the guest is not authorized. This vulnerability may lead to loss of data integrity and confidentiality, denial of service, or information disclosure. | ||||
| CVE-2022-31247 | 1 Suse | 1 Rancher | 2024-11-21 | 9.1 Critical |
| An Improper Authorization vulnerability in SUSE Rancher, allows any user who has permissions to create/edit cluster role template bindings or project role template bindings (such as cluster-owner, manage cluster members, project-owner and manage project members) to gain owner permission in another project in the same cluster or in another project on a different downstream cluster. This issue affects: SUSE Rancher Rancher versions prior to 2.6.7; Rancher versions prior to 2.5.16. | ||||
| CVE-2022-30757 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Improper authorization in isemtelephony prior to SMR Jul-2022 Release 1 allows attacker to obtain CID without ACCESS_FINE_LOCATION permission. | ||||
| CVE-2022-30746 | 1 Samsung | 1 Smartthings | 2024-11-21 | 7.5 High |
| Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API. | ||||
| CVE-2022-30730 | 1 Samsung | 1 Samsung Pass | 2024-11-21 | 4.6 Medium |
| Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess account list without authentication. | ||||
| CVE-2022-30722 | 1 Google | 1 Android | 2024-11-21 | 6.2 Medium |
| Implicit Intent hijacking vulnerability in Samsung Account prior to SMR Jun-2022 Release 1 allows attackers to bypass user confirmation of Samsung Account. | ||||
| CVE-2022-30717 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allows untrusted applications to use some camera functions via deeplink. | ||||
| CVE-2022-30670 | 2 Adobe, Microsoft | 2 Robohelp Server, Windows | 2024-11-21 | 8.8 High |
| RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization vulnerability which could lead to privilege escalation. An authenticated attacker could leverage this vulnerability to achieve full administrator privileges. Exploitation of this issue does not require user interaction. | ||||