Internet Security Vulnerabilities and Issues — Internet CVE List

Lucene search

SamsungInternet

24 matches found

CVE•added 2022/01/14 8:15 p.m.•87 views

CVE-2022-22290

Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted HTML page.

6.5CVSS6.2AI score0.00305EPSS

CVE•added 2022/04/11 8:15 p.m.•66 views

CVE-2022-27839

Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1 allows attackers to access bookmark tab without proper credentials.

4.3CVSS4.5AI score0.00161EPSS

CVE•added 2021/03/04 10:15 p.m.•60 views

CVE-2021-25348

Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission.

2.4CVSS4AI score0.00059EPSS

CVE•added 2022/06/07 7:15 p.m.•55 views

CVE-2022-30738

Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address bar via executing script.

4.3CVSS4.5AI score0.00291EPSS

CVE•added 2022/06/07 7:15 p.m.•53 views

CVE-2022-30740

Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical attackers to guess stored credit card numbers.

4.3CVSS4.3AI score0.0006EPSS

CVE•added 2022/01/10 2:12 p.m.•50 views

CVE-2022-22284

Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication

5.7CVSS5.7AI score0.00054EPSS

CVE•added 2021/03/25 5:15 p.m.•47 views

CVE-2021-25354

Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink.

6.8CVSS5.3AI score0.00159EPSS

CVE•added 2024/03/05 5:15 a.m.•47 views

CVE-2024-20838

Improper validation vulnerability in Samsung Internet prior to version 24.0.3.2 allows local attackers to execute arbitrary code.

7.8CVSS6.8AI score0.00023EPSS

CVE•added 2024/05/07 5:15 a.m.•47 views

CVE-2024-20869

Improper privilege management vulnerability in Samsung Internet prior to version 25.0.0.41 allows local attackers to bypass protection for cookies.

5.5CVSS6.7AI score0.0002EPSS

CVE•added 2024/03/05 5:15 a.m.•42 views

CVE-2024-20837

Improper handling of granting permission for Trusted Web Activities in Samsung Internet prior to version 24.0.0.41 allows local attackers to grant permission to their own TWA WebApps without user interaction.

5.3CVSS5.2AI score0.00078EPSS

CVE•added 2022/10/07 3:15 p.m.•41 views

CVE-2022-39873

Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret mode without user authentication.

4.6CVSS4.5AI score0.0007EPSS

CVE•added 2023/08/10 2:15 a.m.•40 views

CVE-2023-30704

Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication.

4.6CVSS4.5AI score0.00065EPSS

CVE•added 2024/03/05 5:15 a.m.•40 views

CVE-2024-20829

Missing proper interaction for opening deeplink in Samsung Internet prior to version v24.0.0.0 allows remote attackers to open an application without proper interaction.

5.4CVSS5.5AI score0.00126EPSS

CVE•added 2024/02/06 3:15 a.m.•37 views

CVE-2024-20828

Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication.

4.6CVSS4.5AI score0.00096EPSS

CVE•added 2021/08/05 8:15 p.m.•36 views

CVE-2021-25445

Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in Samsung Internet.

5.3CVSS5.2AI score0.00243EPSS

CVE•added 2021/03/25 5:15 p.m.•34 views

CVE-2021-25366

Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication.

3.6CVSS4.2AI score0.00069EPSS

CVE•added 2021/06/11 3:15 p.m.•32 views

CVE-2021-25418

Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in specific condition.

7.8CVSS7.8AI score0.00049EPSS

CVE•added 2021/09/09 7:15 p.m.•31 views

CVE-2021-25466

Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and obtain Samsung Account token.

6.5CVSS5.7AI score0.00235EPSS

CVE•added 2021/12/08 3:15 p.m.•30 views

CVE-2021-25520

Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to execute script codes in Samsung Internet.

6.1CVSS6.5AI score0.00453EPSS

CVE•added 2021/06/11 3:15 p.m.•29 views

CVE-2021-25419

Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link.

6.5CVSS6.4AI score0.00275EPSS

CVE•added 2025/05/16 9:15 p.m.•29 views

CVE-2025-32407

Samsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does not properly validate TLS certificates, allowing for an attacker to impersonate any and all websites visited by the user. This is a critical misconfiguration in the way the browser validates the identit...

5.9CVSS6.6AI score0.0001EPSS

CVE•added 2021/06/11 3:15 p.m.•28 views

CVE-2021-25400

Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged action.

7.8CVSS7.6AI score0.00049EPSS

CVE•added 2021/12/08 3:15 p.m.•25 views

CVE-2021-25521

Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in Samsung Internet.

4CVSS4.2AI score0.00062EPSS

CVE•added 2023/07/06 3:15 a.m.•24 views

CVE-2023-30674

Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie.

6.5CVSS6.4AI score0.00171EPSS