CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-36833
https://notcve.org/view.php?id=CVE-2022-36833
05 Aug 2022 — Improper Privilege Management vulnerability in Game Optimizing Service prior to versions 3.3.04.0 in Android 10, and 3.5.04.8 in Android 11 and above allows local attacker to execute hidden function for developer by changing package name. Una vulnerabilidad de administración inapropiada de privilegios en Game Optimizing Service anterior a las versiones 3.3.04.0 en Android 10, y 3.5.04.8 en Android 11 y posteriores permite a un atacante local ejecutar una función oculta para el desarrollador cambiando el nom... • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=08 • CWE-269: Improper Privilege Management •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33726
https://notcve.org/view.php?id=CVE-2022-33726
05 Aug 2022 — Unprotected dynamic receiver in Samsung Galaxy Friends prior to SMR Aug-2022 Release 1 allows attacker to launch activity. Un receptor dinámico desprotegido en Samsung Galaxy Friends versiones anteriores a SMR Aug-2022 Release 1, permite a un atacante lanzar una actividad • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-561: Dead Code •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33731
https://notcve.org/view.php?id=CVE-2022-33731
05 Aug 2022 — Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components. Una vulnerabilidad de control de acceso inapropiado en DesktopSystemUI versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes activar y desactivar componentes arbitrarios • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-284: Improper Access Control •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33714
https://notcve.org/view.php?id=CVE-2022-33714
05 Aug 2022 — Improper access control vulnerability in SemWifiApBroadcastReceiver prior to SMR Aug-2022 Release 1 allows attacker to reset a setting value related to mobile hotspot. Una vulnerabilidad de control de acceso inapropiada en SemWifiApBroadcastReceiver versiones anteriores a SMR Aug-2022 Release 1, permite a un atacante restablecer un valor de configuración relacionado con el punto de acceso móvil • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-284: Improper Access Control •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33718
https://notcve.org/view.php?id=CVE-2022-33718
05 Aug 2022 — An improper access control vulnerability in Wi-Fi Service prior to SMR AUG-2022 Release 1 allows untrusted applications to manipulate the list of apps that can use mobile data. Una vulnerabilidad de control de acceso inapropiada en Wi-Fi Service versiones anteriores a SMR Aug-2022 Release 1, permite a aplicaciones no confiables manipular la lista de aplicaciones que pueden usar los datos móviles • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33715
https://notcve.org/view.php?id=CVE-2022-33715
05 Aug 2022 — Improper access control and path traversal vulnerability in LauncherProvider prior to SMR Aug-2022 Release 1 allow local attacker to access files of One UI. Un control de acceso inapropiado y una vulnerabilidad de salto de ruta en LauncherProvider versiones anteriores a SMR Aug-2022 Release 1, permiten a un atacante local acceder a archivos de One UI • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33725
https://notcve.org/view.php?id=CVE-2022-33725
05 Aug 2022 — A vulnerability using PendingIntent in Knox VPN prior to SMR Aug-2022 Release 1 allows attackers to access content providers with system privilege. Una vulnerabilidad usando PendingIntent en Knox VPN versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes acceder a los proveedores de contenido con privilegio del sistema • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33717
https://notcve.org/view.php?id=CVE-2022-33717
05 Aug 2022 — A missing input validation before memory read in SEM TA prior to SMR Aug-2022 Release 1 allows local attackers to read out of bound memory. Una ausencia de comprobación de entrada anteriores a lectura de memoria en SEM TA versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes locales leer memoria no inicializada • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-33716
https://notcve.org/view.php?id=CVE-2022-33716
05 Aug 2022 — An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local attacker to read uninitialized memory. Una ausencia de inicialización de variables en ICCC TA versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes locales leer memoria no inicializada • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-457: Use of Uninitialized Variable CWE-908: Use of Uninitialized Resource •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-33728
https://notcve.org/view.php?id=CVE-2022-33728
05 Aug 2022 — Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attackers to access connected BT macAddress via Settings.Gloabal. Una exposición de información confidencial en Bluetooth versiones anteriores a SMR Aug-2022 Release 1, permite a atacantes locales acceder a la dirección MAC del BT conectado por medio de Settings.Gloabal • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=08 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •