CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-33710
https://notcve.org/view.php?id=CVE-2022-33710
Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. Una vulnerabilidad de comprobación de entrada inapropiada en BillingPackageInsraller de Galaxy Store versiones anteriores a 4.5.41.8 permite a atacantes locales lanzar actividades como privilegio de Galaxy Store • https://security.samsungmobile.com/serviceWeb.smsb?year==2022&month=07 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-33709
https://notcve.org/view.php?id=CVE-2022-33709
Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. Una vulnerabilidad de comprobación de entrada inapropiada en ApexPackageInstaller de Galaxy Store versiones anteriores a 4.5.41.8 permite a atacantes locales iniciar actividades con el privilegio de Galaxy Store • https://security.samsungmobile.com/serviceWeb.smsb?year==2022&month=07 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-33708
https://notcve.org/view.php?id=CVE-2022-33708
Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. Una vulnerabilidad de comprobación de entrada inapropiada en AppsPackageInstaller de Galaxy Store versiones anteriores a 4.5.41.8 permite a atacantes locales iniciar actividades con el privilegio de Galaxy Store • https://security.samsungmobile.com/serviceWeb.smsb?year==2022&month=07 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-33691
https://notcve.org/view.php?id=CVE-2022-33691
A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations. Una posible vulnerabilidad de condición de carrera en score driver versiones anteriores a SMR Jul-2022 Release 1, puede permitir a atacantes locales intercalar operaciones maliciosas • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30749
https://notcve.org/view.php?id=CVE-2022-30749
Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to add arbitrary smart devices by bypassing login activity. Una vulnerabilidad de control de acceso inapropiado en Smart Things versiones anteriores a 1.7.85.25, permite a atacantes locales añadir dispositivos inteligentes arbitrarios al omitir la actividad de inicio de sesión • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=6 • CWE-287: Improper Authentication •