Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

522 matches found

Cvelist
Cvelistadded 2025/03/11 10:30 p.m.25 views

CVE-2025-2233 Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability

Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Samsung SmartThings. Authentication is not required to exploit this vulnerability. T...

8.8CVSS0.00705EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/03/11 12:0 a.m.2 views

Samsung SmartThings 数据伪造问题漏洞

SAMSUNG SmartThings is an app for connectable smart devices from Samsung South Korea. A data forgery issue vulnerability exists in Samsung SmartThings that stems from not properly verifying cryptographic signatures, which could lead to authentication bypass...

8.8CVSS8.8AI score0.00705EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/03/11 12:0 a.m.4 views

PT-2025-10977 · Samsung · Samsung Smartthings Hub

Name of the Vulnerable Software and Affected Versions: Samsung SmartThings affected versions not specified Description: This issue allows network-adjacent attackers to bypass authentication on affected installations of Samsung SmartThings, with no authentication required for exploitation. The fla...

8.8CVSS7AI score0.00705EPSS
Exploits0References8
Zero Day Initiative
Zero Day Initiativeadded 2025/03/11 12:0 a.m.12 views

(0Day) (Pwn2Own) Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Samsung SmartThings. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Hub Local API service, which listens on TCP port 8766 by default. The...

8.8CVSS6.8AI score0.00705EPSS
Exploits0
OSV
OSVadded 2024/12/03 6:15 a.m.3 views

CVE-2024-49416

Use of implicit intent for sensitive communication in SmartThings prior to version 1.8.21 allows local attackers to get sensitive information...

5.5CVSS5.8AI score0.00131EPSS
Exploits0References1
NVD
NVDadded 2024/12/03 6:15 a.m.19 views

CVE-2024-49416

Use of implicit intent for sensitive communication in SmartThings prior to version 1.8.21 allows local attackers to get sensitive information...

5.5CVSS0.00131EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/12/03 5:47 a.m.17 views

CVE-2024-49416

Use of implicit intent for sensitive communication in SmartThings prior to version 1.8.21 allows local attackers to get sensitive information...

4CVSS0.00131EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/12/03 5:47 a.m.6 views

CVE-2024-49416

Use of implicit intent for sensitive communication in SmartThings prior to version 1.8.21 allows local attackers to get sensitive information...

4CVSS6.9AI score0.00131EPSS
Exploits0References1
CVE
CVEadded 2024/12/03 5:47 a.m.49 views

CVE-2024-49416

CVE-2024-49416 concerns Samsung SmartThings prior to version 1.8.21, where an implicit intent used for sensitive communication can leak information to a local attacker. The vulnerability is described across multiple sources (NVD, Red Hat, CVE listings) with a consistent impact: exposure of sensit...

5.5CVSS4.3AI score0.00131EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 2024/12/03 12:0 a.m.3 views

SAMSUNG SmartThings 安全漏洞

SAMSUNG SmartThings is an app for connectable smart devices from Samsung South Korea. A security vulnerability exists in SAMSUNG SmartThings versions prior to 1.8.21, which stems from the use of implicit intent for sensitive communications, allowing a local attacker to obtain sensitive informatio...

5.5CVSS6.2AI score0.00131EPSS
Exploits0References1
OSV
OSVadded 2024/07/02 10:15 a.m.2 views

CVE-2024-34596

Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner...

7.5CVSS5.8AI score0.00483EPSS
Exploits0References1
NVD
NVDadded 2024/07/02 10:15 a.m.17 views

CVE-2024-34596

Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner...

7.5CVSS0.00483EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/07/02 9:23 a.m.17 views

CVE-2024-34596

Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner...

5.9CVSS7.5AI score0.00483EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/07/02 9:23 a.m.21 views

CVE-2024-34596

Improper authentication in SmartThings prior to version 1.8.17 allows remote attackers to bypass the expiration date for members set by the owner...

5.9CVSS0.00483EPSS
Exploits0References1
CVE
CVEadded 2024/07/02 9:23 a.m.47 views

CVE-2024-34596

CVE-2024-34596 concerns Samsung SmartThings authentication. Multiple connected sources confirm an improper authentication flaw in SmartThings versions prior to 1.8.17 that allows remote attackers to bypass the owner-set expiration date for members. Affected software is Samsung SmartThings (SmartT...

7.5CVSS7.5AI score0.00483EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 2024/07/02 12:0 a.m.2 views

SAMSUNG Mobile devices Authorization Issues Vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. An authorization issue vulnerability exists in SAMSUNG Mobile devices prior to version 1.8.17, which stems from an improper authentication issue in...

7.5CVSS7AI score0.00483EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/07/02 12:0 a.m.2 views

PT-2024-26011 · Samsung · Smartthings

Name of the Vulnerable Software and Affected Versions: SmartThings versions prior to 1.8.17 Description: The issue concerns improper authentication, allowing remote attackers to bypass the expiration date for members set by the owner. Recommendations: For versions prior to 1.8.17, update to versi...

7.5CVSS7.4AI score0.00483EPSS
Exploits0References2
OSV
OSVadded 2024/04/02 3:15 a.m.2 views

CVE-2024-20852

Improper verification of intent by broadcast receiver vulnerability in SmartThings prior to version 1.8.13.22 allows local attackers to access testing configuration...

3.3CVSS5.8AI score0.00135EPSS
Exploits0References1
NVD
NVDadded 2024/04/02 3:15 a.m.12 views

CVE-2024-20852

Improper verification of intent by broadcast receiver vulnerability in SmartThings prior to version 1.8.13.22 allows local attackers to access testing configuration...

5.9CVSS5.6AI score0.00135EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/04/02 2:59 a.m.10 views

CVE-2024-20852

Improper verification of intent by broadcast receiver vulnerability in SmartThings prior to version 1.8.13.22 allows local attackers to access testing configuration...

5.9CVSS6.7AI score0.00135EPSS
Exploits0References1
Rows per page
Query Builder