CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20828
https://notcve.org/view.php?id=CVE-2024-20828
Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication. Una vulnerabilidad de verificación de autorización inadecuada en Samsung Internet anterior a la versión 24.0 permite a atacantes físicos acceder a archivos descargados en SecretMode sin la autenticación adecuada. • https://security.samsungmobile.com/serviceWeb.smsb?year=2024&month=02 • CWE-863: Incorrect Authorization •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30704
https://notcve.org/view.php?id=CVE-2023-30704
Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=08 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30674
https://notcve.org/view.php?id=CVE-2023-30674
Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=07 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39873
https://notcve.org/view.php?id=CVE-2022-39873
Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret mode without user authentication. Una vulnerabilidad de autorización inapropiada en Samsung Internet versiones anteriores a 18.0.4.14, permite a atacantes físicos añadir marcadores en modo secreto sin autenticación del usuario • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10 • CWE-285: Improper Authorization •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30740
https://notcve.org/view.php?id=CVE-2022-30740
Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical attackers to guess stored credit card numbers. Un algoritmo de auto rellenado inapropiado en Samsung Internet versiones anteriores a 17.0.1.69, permite a atacantes físicos adivinar los números de tarjeta de crédito almacenados • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=6 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-922: Insecure Storage of Sensitive Information •