Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2022
CVE-2022-36838
Implicit Intent hijacking vulnerability in Galaxy Wearable prior to version 2.2.50 allows attacker to get sensitive information.
CVSS Score
4.0
EPSS Score
0.001
Published
2022-08-05
CVE-2022-36839
SQL injection vulnerability via IAPService in Samsung Checkout prior to version 5.0.53.1 allows attackers to access IAP information.
CVSS Score
5.9
EPSS Score
0.002
Published
2022-08-05
CVE-2022-36840
DLL hijacking vulnerability in Samsung Update Setup prior to version 2.2.9.50 allows attackers to execute arbitrary code.
CVSS Score
4.5
EPSS Score
0.001
Published
2022-08-05
CVE-2022-33730
Heap-based buffer overflow vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows arbitrary code execution by physical attackers.
CVSS Score
6.8
EPSS Score
0.0
Published
2022-08-05
CVE-2022-33731
Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components.
CVSS Score
5.1
EPSS Score
0.0
Published
2022-08-05
CVE-2022-33732
Improper access control vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows local attackers to scan and connect to PC by unprotected binder call.
CVSS Score
6.2
EPSS Score
0.0
Published
2022-08-05
CVE-2022-33733
Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission.
CVSS Score
6.2
EPSS Score
0.001
Published
2022-08-05
CVE-2022-33734
Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission.
CVSS Score
6.2
EPSS Score
0.001
Published
2022-08-05
CVE-2022-34768
insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-08-05
CVE-2022-34769
Michlol - rashim web interface Insecure direct object references (IDOR). First of all, the attacker needs to login. After he performs log into the system there are some functionalities that the specific user is not allowed to perform. However all the attacker needs to do in order to achieve his goals is to change the value of the ptMsl parameter and then the attacker can access sensitive data that he not supposed to access because its belong to another user.
CVSS Score
6.3
EPSS Score
0.002
Published
2022-08-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved