Total
8912 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36855 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A use after free vulnerability in iva_ctl driver prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
|
|||||
| CVE-2022-36854 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
|
Out of bound read in libapexjni.media.samsung.so prior to SMR Sep-2022 Release 1 allows attacker access unauthorized information.
|
|||||
| CVE-2022-36853 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
Intent redirection in Photo Editor prior to SMR Sep-2022 Release 1 allows attacker to get sensitive information.
|
|||||
| CVE-2022-36852 | 1 Google | 1 Android | 2024-11-21 | N/A | 1.9 LOW |
|
Improper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local attacker to access internal application data.
|
|||||
| CVE-2022-36850 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
|
Path traversal vulnerability in CallBGProvider prior to SMR Sep-2022 Release 1 allows attacker to overwrite arbitrary file with phone uid.
|
|||||
| CVE-2022-36849 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.9 MEDIUM |
|
Use after free vulnerability in sdp_mm_set_process_sensitive function of sdpmm driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions.
|
|||||
| CVE-2022-36848 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.1 MEDIUM |
|
Improper Authorization vulnerability in setDualDARPolicyCmd prior to SMR Sep-2022 Release 1 allows local attackers to cause local permanent denial of service.
|
|||||
| CVE-2022-36847 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.9 MEDIUM |
|
Use after free vulnerability in mtp_send_signal function of MTP driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions.
|
|||||
| CVE-2022-36846 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A heap-based overflow vulnerability in ConstructDictionary function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
|
|||||
| CVE-2022-36845 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A heap-based overflow vulnerability in MHW_RECOG_LIB_INFO function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
|
|||||
| CVE-2022-36844 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A heap-based overflow vulnerability in HWR::EngJudgeModel::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
|
|||||
| CVE-2022-36843 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A heap-based overflow vulnerability in MHW_RECOG_LIB_INFO function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
|
|||||
| CVE-2022-36842 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A heap-based overflow vulnerability in prepareRecogLibrary function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
|
|||||
| CVE-2022-36841 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A heap-based overflow vulnerability in PrepareRecogLibrary_Part function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
|
|||||
| CVE-2022-36833 | 2 Google, Samsung | 2 Android, Gameoptimizingservice | 2024-11-21 | N/A | 7.3 HIGH |
|
Improper Privilege Management vulnerability in Game Optimizing Service prior to versions 3.3.04.0 in Android 10, and 3.5.04.8 in Android 11 and above allows local attacker to execute hidden function for developer by changing package name.
|
|||||
| CVE-2022-33732 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.2 MEDIUM |
|
Improper access control vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows local attackers to scan and connect to PC by unprotected binder call.
|
|||||
| CVE-2022-33731 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.1 MEDIUM |
|
Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components.
|
|||||
| CVE-2022-33730 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.8 MEDIUM |
|
Heap-based buffer overflow vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows arbitrary code execution by physical attackers.
|
|||||
| CVE-2022-33729 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.9 MEDIUM |
|
Improper restriction of broadcasting Intent in ConfirmConnectActivity of?NFC prior to SMR Aug-2022 Release 1 leaks MAC address of the connected Bluetooth device.
|
|||||
| CVE-2022-33728 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
|
Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attackers to access connected BT macAddress via Settings.Gloabal.
|
|||||
| CVE-2022-33727 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.8 MEDIUM |
|
A vulnerable code in onCreate of SecDevicePickerDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack.
|
|||||
| CVE-2022-33726 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
Unprotected dynamic receiver in Samsung Galaxy Friends prior to SMR Aug-2022 Release 1 allows attacker to launch activity.
|
|||||
| CVE-2022-33725 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
|
A vulnerability using PendingIntent in Knox VPN prior to SMR Aug-2022 Release 1 allows attackers to access content providers with system privilege.
|
|||||
| CVE-2022-33724 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
Exposure of Sensitive Information in Samsung Dialer application?prior to SMR Aug-2022 Release 1 allows local attackers to access ICCID via log.
|
|||||
| CVE-2022-33723 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.8 MEDIUM |
|
A vulnerable code in onCreate of BluetoothScanDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack.
|
|||||
| CVE-2022-33722 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
|
Implicit Intent hijacking vulnerability in Smart View prior to SMR Aug-2022 Release 1 allows attacker to access connected device MAC address.
|
|||||
| CVE-2022-33721 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A vulnerability using PendingIntent in DeX for PC prior to SMR Aug-2022 Release 1 allows attackers to access files with system privilege.
|
|||||
| CVE-2022-33720 | 1 Google | 1 Android | 2024-11-21 | N/A | 2.4 LOW |
|
Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut.
|
|||||
| CVE-2022-33719 | 1 Google | 1 Android | 2024-11-21 | N/A | 8.6 HIGH |
|
Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause integer overflow to heap overflow.
|
|||||
| CVE-2022-33718 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.2 MEDIUM |
|
An improper access control vulnerability in Wi-Fi Service prior to SMR AUG-2022 Release 1 allows untrusted applications to manipulate the list of apps that can use mobile data.
|
|||||
| CVE-2022-33717 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A missing input validation before memory read in SEM TA prior to SMR Aug-2022 Release 1 allows local attackers to read out of bound memory.
|
|||||
| CVE-2022-33716 | 1 Google | 1 Android | 2024-11-21 | N/A | 2.3 LOW |
|
An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local attacker to read uninitialized memory.
|
|||||
| CVE-2022-33715 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.3 MEDIUM |
|
Improper access control and path traversal vulnerability in LauncherProvider prior to SMR Aug-2022 Release 1 allow local attacker to access files of One UI.
|
|||||
| CVE-2022-33714 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.2 MEDIUM |
|
Improper access control vulnerability in SemWifiApBroadcastReceiver prior to SMR Aug-2022 Release 1 allows attacker to reset a setting value related to mobile hotspot.
|
|||||
| CVE-2022-33712 | 2 Google, Samsung | 2 Android, Camera | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information.
|
|||||
| CVE-2022-33704 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 8.5 HIGH |
|
Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-33703 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 8.5 HIGH |
|
Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-33702 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 6.2 MEDIUM |
|
Improper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local attacker to disable keyguard and bypass Knoxguard lock by factory reset.
|
|||||
| CVE-2022-33701 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 3.3 LOW |
|
Improper access control vulnerability in KnoxCustomManagerService prior to SMR Jul-2022 Release 1 allows attacker to call PowerManaer.goToSleep method which is protected by system permission by sending braodcast intent.
|
|||||
| CVE-2022-33700 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 2.0 LOW |
|
Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.
|
|||||