32 matches found
EUVD-2022-52549
Malicious code in bioql PyPI...
CVE-2022-30719
Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash...
Improper access control
Improper handling of insufficient permissions vulnerability in addAppPackageNameToAllowList in PersonaManagerService prior to SMR Jun-2022 Release 1 allows local attackers to set some setting value in work space...
CVE-2022-30717
Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allows untrusted applications to use some camera functions via deeplink...
CVE-2022-30714
Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information...
CVE-2022-30726
Unprotected component vulnerability in DeviceSearchTrampoline in SecSettingsIntelligence prior to SMR Jun-2022 Release 1 allows local attackers to launch activities of SecSettingsIntelligence...
CVE-2022-30722
Implicit Intent hijacking vulnerability in Samsung Account prior to SMR Jun-2022 Release 1 allows attackers to bypass user confirmation of Samsung Account...
CVE-2022-30724
Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionCompleted function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device...
CVE-2022-30709
Improper input validation check logic vulnerability in SECRIL prior to SMR Jun-2022 Release 1 allows attackers to trigger crash...
CVE-2022-30710
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities...
Input validation
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities...
Input validation
Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash...
CVE-2022-30727
CVE-2022-30727 affects Samsung Mobile’s PersonaManagerService, due to improper handling of permissions in addAppPackageNameToAllowList. The issue allows a local attacker to set certain workspace settings. Root cause: permission management weakness in PersonaManagerService prior to the SMR Jun-202...
CVE-2022-30726
CVE-2022-30726 corresponds to an unprotected DeviceSearchTrampoline component in Samsung SecSettingsIntelligence, enabling local attackers to launch SecSettingsIntelligence activities. Affected: Samsung Mobile/SecSettingsIntelligence (DeviceSearchTrampoline). Root cause: unprotected component exp...
CVE-2022-30725
Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionError function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device...
CVE-2022-30725
CVE-2022-30725 refers to a Bluetooth issue in Samsung devices where a broadcast Intent that includes a BluetoothDevice object is not properly restricted to recipients in the sendIntentSessionError function, prior to the SMR Jun-2022 Release 1. This leads to leakage of the connected device’s MAC a...
CVE-2022-30724
CVE-2022-30724 (Samsung Mobile Bluetooth Information Disclosure) : The vulnerability arises from broadcasting the BluetoothDevice object in the sendIntentSessionCompleted function without properly restricting receivers, which leaks the MAC address of the connected Bluetooth device. This affects S...
CVE-2022-30723
CVE-2022-30723 affects Samsung Mobile devices with Bluetooth prior to SMR Jun-2022 Release 1. The root cause is a broadcast of a BluetoothDevice object via activateVoiceRecognitionWithDevice without proper receiver restrictions, leading to leakage of the connected device’s MAC address. Impact is ...
CVE-2022-30722
CVE-2022-30722 concerns an implicit intent hijacking vulnerability in Samsung Account prior to the SMR Jun-2022 Release 1. The issue allows bypassing user confirmation by exploiting hijacking of non-privileged applications, impacting Samsung Account on Samsung devices. The available documents cit...
CVE-2022-30729
CVE-2022-30729: Implicit Intent hijacking vulnerability in Samsung Settings prior to SMR Jun-2022 Release 1 enables retrieval of Wi‑Fi SSID and passwords via a malicious QR scanner. Affected component: Samsung Settings; root cause is misuse of implicit intents that can be hijacked by unprivileged...