Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission.
2.4CVSS
4AI Score
0.001EPSS
Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink.
5.3CVSS
5.3AI Score
0.001EPSS
Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication.
3.2CVSS
4.2AI Score
0.0004EPSS
Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged action.
7.8CVSS
7.6AI Score
0.0004EPSS
Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in specific condition.
7.8CVSS
7.8AI Score
0.0004EPSS
Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link.
6.5CVSS
6.4AI Score
0.001EPSS
Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in Samsung Internet.
5.3CVSS
5.2AI Score
0.001EPSS
Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and obtain Samsung Account token.
6.5CVSS
5.7AI Score
0.001EPSS
Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to execute script codes in Samsung Internet.
6.1CVSS
6.5AI Score
0.001EPSS
Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in Samsung Internet.
4CVSS
4.2AI Score
0.0004EPSS
Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication
5.7CVSS
5.7AI Score
0.0004EPSS
Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted HTML page.
6.5CVSS
6.2AI Score
0.001EPSS
Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1 allows attackers to access bookmark tab without proper credentials.
4CVSS
4.5AI Score
0.0005EPSS
Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address bar via executing script.
4.3CVSS
4.5AI Score
0.001EPSS
Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical attackers to guess stored credit card numbers.
4.3CVSS
4.3AI Score
0.0004EPSS
Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret mode without user authentication.
4.6CVSS
4.5AI Score
0.0005EPSS
Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie.
6.5CVSS
6.4AI Score
0.001EPSS
Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication.
4.6CVSS
4.5AI Score
0.001EPSS
Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication.
4.6CVSS
4.5AI Score
0.001EPSS