11 results (0.007 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Improper URL validation vulnerability in Samsung Members prior to version 14.0.07.1 allows attackers to access sensitive information. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=08 •

CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0

Exposure of Sensitive Information in FaqSymptomCardViewModel in Samsung Members prior to versions 4.3.00.11 in Global and 14.0.02.4 in China allows local attackers to access device identification via log. Una Exposición de información Confidencial en FaqSymptomCardViewModel en Samsung Members versiones anteriores a 4.3.00.11 en Global y 14.0.02.4 en China, permite a atacantes locales acceder a la identificación del dispositivo por medio del registro • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=09 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Unprotected dynamic receiver in Samsung Members prior to version 4.2.005 allows attacker to launch arbitrary activity. Un receptor dinámico desprotegido en Samsung Members versiones anteriores a 4.2.005, permite a un atacante lanzar una actividad arbitraria • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=6 • CWE-561: Dead Code •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local attacker to execute call function without CALL_PHONE permission. Una vulnerabilidad de control de acceso inapropiada en Samsung Members versiones anteriores a 13.6.08.5, permite a un atacante local ejecutar una función de llamada sin el permiso CALL_PHONE • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=4 • CWE-284: Improper Access Control •

CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0

Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbitrary webpage loading in webview. Una vulnerabilidad de control de acceso inapropiado en Samsung Members versiones anteriores a 2.4.85.11 en Android O(8.1) y por debajo, y versiones 3.9.10.11 en Android P(9.0) y superiores, permite a aplicaciones no confiables causar la carga de páginas web arbitrarias en la vista web • https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=7 • CWE-284: Improper Access Control •