Lucene search
+L

7 matches found

cve
cve
added 2026/06/05 10:15 a.m.28 views

CVE-2026-21037

Samsung Members (pre-5.8.01.5) is affected by improper input validation that enables local attackers to access an arbitrary URL and launch an arbitrary activity with Samsung Members privileges. The root cause is insufficient input validation within the app, leading to privilege escalation on the ...

7.1CVSS5.6AI score0.00105EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2026/06/05 12:0 a.m.13 views

PT-2026-46921

Improper authorization in AppBlock prior to SMR Jun-2026 Release 1 allows local attacker to launch arbitrary activity. User interaction is required for triggering this vulnerability...

5.2CVSS5.5AI score0.00093EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/05 12:0 a.m.19 views

PT-2026-46927

Name of the Vulnerable Software and Affected Versions Samsung Members versions prior to 5.8.01.5 Description Improper input validation allows local attackers to access arbitrary URLs and launch arbitrary activities using Samsung Members privileges. Recommendations Update to version 5.8.01.5 or...

7.1CVSS6AI score0.00105EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/03/16 12:0 a.m.11 views

PT-2026-25593

Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability...

6.8CVSS5.8AI score0.00082EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2023/06/15 12:0 a.m.23 views

CVE-2023-21139

In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.2AI score0.00083EPSS
Exploits0References1
attackerkb
attackerkb
added 2022/07/12 2:15 p.m.3 views

CVE-2022-33685

Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information...

5.5CVSS5.8AI score0.00105EPSS
Exploits0References2
attackerkb
attackerkb
added 2022/02/11 6:15 p.m.7 views

CVE-2022-22292

Unprotected dynamic receiver in Telecom prior to SMR Feb-2022 Release 1 allows untrusted applications to launch arbitrary activity...

7.8CVSS7.2AI score0.00131EPSS
Exploits0References2
Rows per page
Query Builder