28 matches found
EUVD-2022-36755
Malicious code in bioql PyPI...
CVE-2022-33730
Heap-based buffer overflow vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows arbitrary code execution by physical attackers...
CVE-2022-33715
Improper access control and path traversal vulnerability in LauncherProvider prior to SMR Aug-2022 Release 1 allow local attacker to access files of One UI...
CVE-2022-33724
Exposure of Sensitive Information in Samsung Dialer application?prior to SMR Aug-2022 Release 1 allows local attackers to access ICCID via log...
CVE-2022-33723
A vulnerable code in onCreate of BluetoothScanDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack...
CVE-2022-33719
Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause integer overflow to heap overflow...
CVE-2022-33728
Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attackers to access connected BT macAddress via Settings.Gloabal...
CVE-2022-33718
An improper access control vulnerability in Wi-Fi Service prior to SMR AUG-2022 Release 1 allows untrusted applications to manipulate the list of apps that can use mobile data...
Design/Logic Flaw
Unprotected dynamic receiver in Samsung Galaxy Friends prior to SMR Aug-2022 Release 1 allows attacker to launch activity...
Input validation
Improper restriction of broadcasting Intent in ConfirmConnectActivity of?NFC prior to SMR Aug-2022 Release 1 leaks MAC address of the connected Bluetooth device...
Integer overflow
Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause integer overflow to heap overflow...
Code injection
A vulnerable code in onCreate of BluetoothScanDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack...
Design/Logic Flaw
Exposure of Sensitive Information in Samsung Dialer application?prior to SMR Aug-2022 Release 1 allows local attackers to access ICCID via log...
CVE-2022-33720
CVE-2022-33720 concerns Samsung AppLock. The vulnerability is an improper authentication issue in AppLock prior to SMR Aug-2022 Release 1, which could let a physical attacker bypass the lock and access Chrome secured by AppLock via a new tap shortcut. Affected component: AppLock’s Chrome access c...
CVE-2022-33730
CVE-2022-33730 describes a heap-based buffer overflow in Samsung Dex for PC prior to SMR Aug-2022 Release 1, allowing arbitrary code execution by physical attackers. Affected: Samsung Dex for PC (pre‑SMR Aug‑2022 Release 1). Root cause: heap-based overflow in Samsung Dex for PC. Impact: potential...
CVE-2022-33719
Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause integer overflow to heap overflow...
CVE-2022-33724
Exposure of Sensitive Information in Samsung Dialer application?prior to SMR Aug-2022 Release 1 allows local attackers to access ICCID via log...
CVE-2022-33726
CVE-2022-33726 involves Samsung Galaxy Friends prior to the SMR Aug-2022 Release 1, where an unprotected dynamic receiver enables an attacker to launch an activity. The vulnerability arises from an unprotected component that can be invoked by local attackers, leading to unintended activity initia...
CVE-2022-33722
Affected product: Samsung Smart View (prior to SMR Aug-2022 Release 1). Vulnerability: Implicit Intent hijacking that allows an attacker to access the MAC address of a connected device. Root cause / nature: Vulnerability in Smart View’s handling of implicit intents (modeled as an intent hijack). ...
CVE-2022-33731
CVE-2022-33731 involves an improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1. The issue allows an attacker with local access to enable or disable arbitrary components within DesktopSystemUI. Affected software: DesktopSystemUI (pre-SMR Aug-2022 Release 1). Ro...