CVE-2022-39864

The CVE-2022-39864 issue affects Samsung SmartThings, specifically the WifiSetupLaunchHelper component. It is an improper access control vulnerability in SmartThings versions prior to 1.7.89.25, allowing attackers to access sensitive information through implicit intents. The vulnerability targets...

PT-2022-25056 · Samsung · Smartthings

Name of the Vulnerable Software and Affected Versions: SmartThings versions prior to 1.7.89.0 Description: The issue is related to improper access control in the ContentsSharingActivity.java file, allowing attackers to access sensitive information via implicit broadcast. Recommendations: For...

CVE-2022-39878

Improper access control vulnerability in Samsung Checkout prior to version 5.0.55.3 allows attackers to access sensitive information via implicit intent broadcast...

PT-2022-25070 · Samsung · Samsung Checkout

Name of the Vulnerable Software and Affected Versions: Samsung Checkout versions prior to 5.0.55.3 Description: The issue is related to improper access control, allowing attackers to access sensitive information. This is achieved via implicit intent broadcast. Recommendations: For versions prior ...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices version 3.0.12, which stems from an implicit intent hijacking vulnerability in the UPHelper...

PT-2022-25051 · Unknown · Quick Share

Name of the Vulnerable Software and Affected Versions: QuickShare versions prior to 13.2.3.5 Description: The issue is related to improper access control, allowing attackers to access sensitive information via implicit broadcast. Recommendations: For versions prior to 13.2.3.5, update to version...

PT-2022-25057 · Samsung · Smartthings

Name of the Vulnerable Software and Affected Versions: SmartThings versions prior to 1.7.89.0 Description: The issue is related to improper access control in the RegisteredEventMediator.kt file, allowing attackers to access sensitive information via implicit broadcast. Recommendations: For versio...

CVE-2022-39859

CVE-2022-39859 affects the UPHelper library prior to version 3.0.12, where an implicit intent hijacking vulnerability can allow an attacker to access sensitive information via implicit intents. The issue is documented across multiple sources (e.g., PT-2022-25049) indicating the vulnerability lies...

CVE-2022-39865

Improper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcast...

PT-2022-25059 · Samsung · Smartthings

Name of the Vulnerable Software and Affected Versions: SmartThings versions prior to 1.7.89.0 Description: The issue is related to improper access control in the GedSamsungAccount.kt file, allowing attackers to access sensitive information via implicit broadcast. Recommendations: For versions pri...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices version 1.7.89.25, which stems from an improper access control vulnerability in...

CVE-2022-39871

Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts...

PT-2022-25049 · Uphelper · Uphelper

Name of the Vulnerable Software and Affected Versions: UPHelper library versions prior to 3.0.12 Description: The issue allows attackers to access sensitive information via implicit intent, specifically through an implicit intent hijacking vulnerability in the UPHelper library. Recommendations: F...

CVE-2022-39865

The CVE-2022-39865 issue affects Samsung SmartThings: versions prior to 1.7.89.0 expose information via an improper access control in ContentsSharingActivity.java. The vulnerability stems from insufficient access restrictions around implicit broadcasts, enabling an attacker with local access to r...

CVE-2022-39864

Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitive information via implicit intent...

GSD-2022-1005491 drm/meson: Fix overflow implicit truncation warnings

drm/meson: Fix overflow implicit truncation warnings This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.63 by commit...

PT-2022-34228 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.211 Description: The issue is related to an overflow implicit truncation warning in the irqchip/tegra component. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linu...

mariadb: crash in multi-update and implicit grouping

An assertion failure was found in the MariaDB Server. This issue is via, 'node-pcur-relpos == BTRPCURON' at /row/row0mysql.cc, affecting availability...

CVE-2022-36870

Pending Intent hijacking vulnerability in MTransferNotificationManager in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent...

CVE-2022-36872

Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent...