VYPR

Samsung Pay

by Samsung Pay

CVEs (30)

  • CVE-2022-33722MedAug 5, 2022
    risk 0.26cvss 4.0epss 0.00

    Implicit Intent hijacking vulnerability in Smart View prior to SMR Aug-2022 Release 1 allows attacker to access connected device MAC address.

  • CVE-2022-30716MedJun 7, 2022
    risk 0.26cvss 4.0epss 0.00

    Unprotected broadcast in sendIntentForToastDumpLog in DisplayToast prior to SMR Jun-2022 Release 1 allows untrusted applications to access toast message information from device.

  • CVE-2022-27832MedApr 11, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper boundary check in media.extractor library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via a crafted media file.

  • CVE-2022-25822MedMar 10, 2022
    risk 0.26cvss 4.0epss 0.00

    An use after free vulnerability in sdp driver prior to SMR Mar-2022 Release 1 allows kernel crash.

  • CVE-2022-22272MedJan 10, 2022
    risk 0.26cvss 4.0epss 0.00

    Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission

  • CVE-2022-36851LowSep 9, 2022
    risk 0.25cvss 3.9epss 0.00

    Improper access control vulnerability in Samsung pass prior to version 4.0.03.1 allow physical attackers to access data of Samsung pass on a certain state of an unlocked device.

  • CVE-2022-24000LowFeb 11, 2022
    risk 0.25cvss 3.9epss 0.00

    PendingIntent hijacking vulnerability in DataUsageReminderReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent.

  • CVE-2022-36834LowAug 5, 2022
    risk 0.21cvss 3.3epss 0.00

    Exposure of Sensitive Information vulnerability in Game Launcher prior to version 6.0.07 allows local attacker to access app data with user interaction.

  • CVE-2022-30753LowJul 12, 2022
    risk 0.21cvss 3.3epss 0.00

    Improper use of a unique device ID in unprotected SecSoterService prior to SMR Jul-2022 Release 1 allows local attackers to get the device ID without permission.

  • CVE-2022-24924LowFeb 11, 2022
    risk 0.14cvss 2.2epss 0.01

    An improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a specific named system directory without a proper permission.

Page 2 of 2