cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-42572,https://securityvulnerability.io/vulnerability/CVE-2023-42572,Implicit Intent Hijacking in Samsung Account Web SDK,"An implicit intent hijacking vulnerability exists in the Samsung Account Web SDK that allows attackers to exploit the SDK versions earlier than 1.5.24. This arises from improper handling of intent data, enabling unauthorized parties to access sensitive user information, putting users at risk. It is crucial for users of the affected SDK to upgrade to the latest version to mitigate potential threats.",Samsung,Samsung Account Web SDK,3.3,LOW,0.0005200000014156103,false,,false,false,false,,,false,false,,2023-12-05T03:15:00.000Z,0
CVE-2023-42549,https://securityvulnerability.io/vulnerability/CVE-2023-42549,Sensitive Communication Vulnerability in Samsung Account Prior to Version 14.5.00.7,"The vulnerability in Samsung Account affects versions prior to 14.5.00.7, where the use of implicit intent for sensitive communication can allow attackers to gain unauthorized access to arbitrary files with Samsung Account privileges. This flaw potentially exposes sensitive user data and highlights the need for stringent security practices in app development.",Samsung,Samsung Account,5.5,MEDIUM,0.000590000010561198,false,,false,false,false,,,false,false,,2023-11-07T08:15:00.000Z,0
CVE-2023-42551,https://securityvulnerability.io/vulnerability/CVE-2023-42551,Sensitive Communication Vulnerability in Samsung Account,"A vulnerability in Samsung Account allows malicious parties to exploit implicit intents for sensitive communication. This flaw permits attackers to access arbitrary files by leveraging Samsung Account privileges, impacting user security and privacy. Users are encouraged to update to version 14.5.00.7 or later to mitigate this risk. For more information, visit Samsung's security website.",Samsung,Samsung Account,5.5,MEDIUM,0.000590000010561198,false,,false,false,false,,,false,false,,2023-11-07T08:15:00.000Z,0
CVE-2023-42550,https://securityvulnerability.io/vulnerability/CVE-2023-42550,Sensitive Communication Vulnerability in Samsung Account,"A vulnerability in the Samsung Account application allows attackers to exploit the implicit intent, facilitating unauthorized access to sensitive files. This issue affects versions prior to 14.5.00.7, particularly compromising user privacy and data security. Users are encouraged to update their applications to the latest version to mitigate this risk.",Samsung,Samsung Account,5.5,MEDIUM,0.000590000010561198,false,,false,false,false,,,false,false,,2023-11-07T08:15:00.000Z,0
CVE-2023-42548,https://securityvulnerability.io/vulnerability/CVE-2023-42548,Sensitive Communication Vulnerability in Samsung Account Software,"A security flaw in the Samsung Account software allows attackers to exploit the use of implicit intent for sensitive communications. Prior to version 14.5.00.7, this vulnerability enables unauthorized access to arbitrary files using the privileges of the Samsung Account, posing a significant risk to user data and privacy.",Samsung,Samsung Account,6.5,MEDIUM,0.000590000010561198,false,,false,false,false,,,false,false,,2023-11-07T08:15:00.000Z,0
CVE-2023-42547,https://securityvulnerability.io/vulnerability/CVE-2023-42547,Sensitive Communication Vulnerability in Samsung Account,"A vulnerability exists in the Samsung Account system where the use of implicit intents for sensitive communications can lead to unauthorized access to arbitrary files. This flaw affects versions prior to 14.5.00.7. Attackers could exploit this vulnerability to gain privileges associated with the Samsung Account, potentially compromising user data and security.",Samsung,Samsung Account,5.5,MEDIUM,0.000590000010561198,false,,false,false,false,,,false,false,,2023-11-07T08:15:00.000Z,0
CVE-2023-42546,https://securityvulnerability.io/vulnerability/CVE-2023-42546,Sensitive Communication Vulnerability in Samsung Account,"A vulnerability exists in the Samsung Account related to the use of implicit intents for sensitive communication. Attackers can exploit this flaw in versions prior to 14.5.00.7, potentially allowing unauthorized access to arbitrary files with the privileges associated with the Samsung Account. This risk emphasizes the importance of secure coding practices to prevent unauthorized data access.",Samsung,Samsung Account,6.5,MEDIUM,0.000590000010561198,false,,false,false,false,,,false,false,,2023-11-07T08:15:00.000Z,0
CVE-2023-42540,https://securityvulnerability.io/vulnerability/CVE-2023-42540,Improper Access Control Vulnerability in Samsung Account Products,"An improper access control vulnerability in Samsung Account allows attackers to gain unauthorized access to sensitive information. This flaw exists in versions prior to 14.5.01.1 and can be exploited via implicit intent, posing a risk to user data security.",Samsung,Samsung Account,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-11-07T08:15:00.000Z,0
CVE-2022-39863,https://securityvulnerability.io/vulnerability/CVE-2022-39863,Intent Redirection Vulnerability in Samsung Account Software,"An intent redirection vulnerability has been identified in Samsung Account prior to version 13.5.01.3. This flaw allows attackers to exploit the app to access content providers without appropriate permissions, potentially leading to unauthorized access to sensitive information.",Samsung,Samsung Account,3.6,LOW,0.0008999999845400453,false,,false,false,false,,,false,false,,2022-10-07T00:00:00.000Z,0
CVE-2022-39874,https://securityvulnerability.io/vulnerability/CVE-2022-39874,Sensitive Log Information Leakage in Samsung Account,"A security vulnerability in Samsung Account versions prior to 13.5.0 enables unauthorized access that may lead to account logout through sensitive log information leakage. Attackers exploiting this flaw can gain unauthorized insights into user sessions, posing a significant risk to account security and user privacy.",Samsung,Samsung Account,4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-10-07T00:00:00.000Z,0
CVE-2022-39875,https://securityvulnerability.io/vulnerability/CVE-2022-39875,Improper Component Protection in Samsung Account Affects User Logout Functionality,"A vulnerability in Samsung Account prior to version 13.5.0 exposes users to unauthorized logout actions due to improper component protection. Attackers can exploit this weakness, potentially gaining access to user accounts and sensitive data. It is crucial for users to update to the latest version to safeguard against this risk.",Samsung,Samsung Account,5.1,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-10-07T00:00:00.000Z,0
CVE-2022-30743,https://securityvulnerability.io/vulnerability/CVE-2022-30743,Improper Privilege Management in Samsung Account by Samsung,"An improper privilege management flaw in Samsung Account allows unauthorized access to users' sensitive data, including contacts and gallery files, without explicit permission. This vulnerability prior to version 13.2.00.6 could potentially expose personal user data, making devices and accounts susceptible to exploitation by malicious actors.",Samsung,Samsung Account,5.3,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2022-06-07T18:19:10.000Z,0
CVE-2022-30739,https://securityvulnerability.io/vulnerability/CVE-2022-30739,Improper Privilege Management in Samsung Account Affects User Data Exposure,"An improper privilege management vulnerability in the Samsung Account prior to version 13.2.00.6 enables attackers with normal user permissions to retrieve sensitive user information, such as email addresses and phone numbers. This flaw poses significant risks to user privacy and data security, allowing unauthorized access to personal information. Users are urged to apply updates to their Samsung Account to safeguard against potential exploitation.",Samsung,Samsung Account,4,MEDIUM,0.0004799999878741801,false,,false,false,false,,,false,false,,2022-06-07T18:17:38.000Z,0
CVE-2022-30737,https://securityvulnerability.io/vulnerability/CVE-2022-30737,Implicit Intent Hijacking Vulnerability in Samsung Account,"An Implicit Intent hijacking vulnerability exists in Samsung Account that could allow an attacker to gain unauthorized access to a user's email ID. This security flaw, present in versions before 13.2.00.6, puts user data at risk by enabling malicious actors to exploit the intent system on affected devices. Users should ensure they update to the latest version to mitigate risks associated with this vulnerability.",Samsung,Samsung Account,4,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2022-06-07T18:16:51.000Z,0
CVE-2022-30736,https://securityvulnerability.io/vulnerability/CVE-2022-30736,Improper Privilege Management in Samsung Account by Samsung,"The improper privilege management vulnerability in Samsung Account versions prior to 13.2.00.6 allows unauthorized access to sensitive user data, including contacts and gallery images. This flaw poses significant privacy risks as attackers can exploit this vulnerability to retrieve personal information without user consent.",Samsung,Samsung Account,5.3,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2022-06-07T18:16:30.000Z,0
CVE-2022-30735,https://securityvulnerability.io/vulnerability/CVE-2022-30735,Improper Privilege Management in Samsung Account - Samsung,"An improper privilege management flaw in Samsung Account prior to version 13.2.00.6 enables unauthorized attackers to obtain access tokens without the necessary permissions, potentially compromising user accounts and sensitive information.",Samsung,Samsung Account,5.9,MEDIUM,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-06-07T18:16:09.000Z,0
CVE-2022-30734,https://securityvulnerability.io/vulnerability/CVE-2022-30734,Sensitive Information Exposure in Samsung Account Prior to Version 13.2.00.6,"A vulnerability in Samsung Account allows unauthorized access to sensitive user information, such as email addresses and phone numbers, prior to version 13.2.00.6. Attackers can exploit this flaw to retrieve personal data without requiring user permission, posing a significant risk to user privacy and security.",Samsung,Samsung Account,4,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2022-06-07T18:15:46.000Z,0
CVE-2022-30733,https://securityvulnerability.io/vulnerability/CVE-2022-30733,Sensitive Information Exposure in Samsung Account,"A vulnerability in the Samsung Account service prior to version 13.2.00.6 allows attackers to access sensitive information, such as user email addresses and phone numbers, without explicit permission. This exposure can lead to further exploitation and unauthorized actions against users, significantly impacting their privacy and security.",Samsung,Samsung Account,4,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2022-06-07T18:15:21.000Z,0
CVE-2022-30732,https://securityvulnerability.io/vulnerability/CVE-2022-30732,Exposure of Sensitive Information Vulnerability in Samsung Account,"The Samsung Account application, prior to version 13.2.00.6, contains a vulnerability that enables unauthorized access to sensitive user information. This vulnerability occurs through the onActivityResult method, which may be exploited by attackers to extract data without proper authorization. Users of affected versions are encouraged to update their applications to safeguard their sensitive information from potential breaches.",Samsung,Samsung Account,5.5,MEDIUM,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-06-07T18:14:53.000Z,0
CVE-2022-25825,https://securityvulnerability.io/vulnerability/CVE-2022-25825,Improper Access Control in Samsung Account Affects Samsung Devices,"An improper access control vulnerability in the Samsung Account prior to version 13.1.0.1 permits attackers to gain unauthorized access to the authentication code needed for sign-in. This flaw could enable malicious actors to exploit user accounts and compromise sensitive information, heightening the need for users to update to the latest version.",Samsung,Samsung Account,6.2,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-03-10T17:47:00.000Z,0
CVE-2021-25403,https://securityvulnerability.io/vulnerability/CVE-2021-25403,,"Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provider using SettingWebView component.",Samsung,Samsung Account,3.3,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-06-11T14:45:23.000Z,0
CVE-2021-25381,https://securityvulnerability.io/vulnerability/CVE-2021-25381,,"Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.",Samsung,Samsung Account,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-04-09T17:40:41.000Z,0
CVE-2021-25351,https://securityvulnerability.io/vulnerability/CVE-2021-25351,,Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password.,Samsung,Samsung Account,3.2,LOW,0.0005600000149570405,false,,false,false,false,,,false,false,,2021-03-25T16:10:55.000Z,0
CVE-2021-25350,https://securityvulnerability.io/vulnerability/CVE-2021-25350,,Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user information via log.,Samsung,Samsung Account,2,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-03-25T16:10:01.000Z,0
CVE-2015-0864,https://securityvulnerability.io/vulnerability/CVE-2015-0864,,Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x before 2.1.0069 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code.,Samsung,"Galaxy App,Samsung Account App",8,HIGH,0.0005799999926239252,false,,false,false,false,,,false,false,,2017-03-27T17:00:00.000Z,0