cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-34671,https://securityvulnerability.io/vulnerability/CVE-2024-34671,Local Attackers Can Access Sensitive Information Through Implicit Intent in Prior Versions of Samsung Internet,Use of implicit intent for sensitive communication in translation혻in Samsung Internet prior to version 26.0.3.1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.,Samsung,Samsung Internet,3.3,LOW,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-08T06:30:53.723Z,0
CVE-2024-20869,https://securityvulnerability.io/vulnerability/CVE-2024-20869,Privilege Management Vulnerability in Samsung Internet Allows Local Attackers to Bypass Cookie Protection,Improper privilege management vulnerability in Samsung Internet prior to version 25.0.0.41 allows local attackers to bypass protection for cookies.,Samsung,Samsung Internet,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-05-07T04:28:57.359Z,0
CVE-2024-20838,https://securityvulnerability.io/vulnerability/CVE-2024-20838,Samsung Internet Vulnerability Allows Local Attackers to Execute Arbitrary Code,"An improper validation vulnerability exists in Samsung Internet that may allow local attackers to execute arbitrary code. This exploit affects all versions prior to 24.0.3.2, potentially compromising user data and device integrity. Users are advised to upgrade to the latest version to protect against this vulnerability.",Samsung,Samsung Internet,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-05T04:44:47.533Z,0
CVE-2024-20837,https://securityvulnerability.io/vulnerability/CVE-2024-20837,Samsung Internet Vulnerability Allows Local Attackers to Grant Permission to Their Own TWA WebApps Without User Interaction,Improper handling of granting permission for Trusted Web Activities in Samsung Internet prior to version 24.0.0.41 allows local attackers to grant permission to their own TWA WebApps without user interaction.,Samsung,Samsung Internet,5.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-05T04:44:46.414Z,0
CVE-2024-20829,https://securityvulnerability.io/vulnerability/CVE-2024-20829,Samsung Internet Vulnerability Allows Remote Attackers to Open Applications Without Interaction,Missing proper interaction for opening deeplink in Samsung Internet prior to version v24.0.0.0 allows remote attackers to open an application without proper interaction.,Samsung,Samsung Internet,5.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-05T04:44:37.660Z,0
CVE-2024-20828,https://securityvulnerability.io/vulnerability/CVE-2024-20828,Physical Attackers Can Access SecretMode Files Without Proper Authentication,Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files downloaded in SecretMode without proper authentication.,Samsung,Samsung Internet,4.6,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-02-06T02:23:18.791Z,0
CVE-2023-30704,https://securityvulnerability.io/vulnerability/CVE-2023-30704,Improper Authorization in Samsung Internet Affects User Data Access,"An improper authorization vulnerability exists in Samsung Internet that can be exploited by physical attackers. Prior to version 22.0.0.35, this flaw enables unauthorized access to files downloaded in Secret Mode without requiring user authentication. This security gap can lead to sensitive information exposure, highlighting the importance of updating to the latest version to mitigate potential risks.",Samsung,Samsung Internet,3.8,LOW,0.0005699999746866524,false,,false,false,false,,,false,false,,2023-08-10T02:15:00.000Z,0
CVE-2023-30674,https://securityvulnerability.io/vulnerability/CVE-2023-30674,Improper Configuration in Samsung Internet Browser,"A configuration flaw in Samsung Internet versions prior to 21.0.0.41 can enable attackers to circumvent SameSite cookie attributes. This vulnerability could potentially allow the extraction of sensitive user data through manipulated cookie handling, thus posing a significant risk to user privacy and security online. Users are advised to update their browsers to mitigate this risk.",Samsung,Samsung Internet,6.5,MEDIUM,0.0008699999889358878,false,,false,false,false,,,false,false,,2023-07-06T03:15:00.000Z,0
CVE-2022-39873,https://securityvulnerability.io/vulnerability/CVE-2022-39873,Improper Authorization Flaw in Samsung Internet Browser,"An improper authorization vulnerability exists in Samsung Internet prior to version 18.0.4.14, allowing physical attackers to manipulate bookmarks in secret mode without requiring user authentication. This flaw poses a significant security risk, as it enables unauthorized users to access confidential information stored in the browser, potentially leading to privacy breaches and data compromise.",Samsung,Samsung Internet,4.3,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2022-10-07T00:00:00.000Z,0
CVE-2022-36835,https://securityvulnerability.io/vulnerability/CVE-2022-36835,Implicit Intent Hijacking Vulnerability in Samsung Internet Browser,"An Implicit Intent hijacking vulnerability exists in Samsung Internet Browser prior to version 17.0.7.34. This flaw allows attackers to exploit the browser and gain unauthorized access to arbitrary files, potentially leading to data breaches and privacy violations. Users of affected versions are advised to update their browsers to the latest version to mitigate risks associated with this vulnerability.",Samsung,Samsung Internet Browser,3.3,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-08-05T15:13:15.000Z,0
CVE-2022-30740,https://securityvulnerability.io/vulnerability/CVE-2022-30740,Improper Auto-Fill Algorithm in Samsung Internet Browser,"A vulnerability exists in Samsung Internet prior to version 17.0.1.69, where an improper auto-fill algorithm can be exploited by physical attackers. This flaw permits unauthorized individuals to guess and access stored credit card numbers, potentially leading to financial fraud and data breaches. Users are urged to update their Samsung Internet browser to enhance their security against such attacks.",Samsung,Samsung Internet,4.1,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-06-07T18:18:04.000Z,0
CVE-2022-30738,https://securityvulnerability.io/vulnerability/CVE-2022-30738,Address Bar Spoofing Vulnerability in Samsung Internet Browser,"A security flaw in the Loader component of Samsung Internet allows attackers to manipulate the address bar. By executing malicious scripts, an attacker can create a deceptive user interface that misleads users into thinking they are interacting with a legitimate website. This vulnerability poses risks for users by potentially exposing them to phishing attacks and other malicious activities.",Samsung,Samsung Internet,4.3,MEDIUM,0.000910000002477318,false,,false,false,false,,,false,false,,2022-06-07T18:17:15.000Z,0
CVE-2022-27839,https://securityvulnerability.io/vulnerability/CVE-2022-27839,Improper Authentication Vulnerability in Samsung Internet,"An improper authentication vulnerability exists in SecretMode of Samsung Internet prior to version 16.2.1, enabling attackers to gain unauthorized access to the bookmark tab. This flaw allows attackers to view sensitive information stored within bookmarks, posing significant risks to user privacy and data security.",Samsung,Samsung Internet,3.3,LOW,0.0005499999970197678,false,,false,false,false,,,false,false,,2022-04-11T19:37:31.000Z,0
CVE-2022-22290,https://securityvulnerability.io/vulnerability/CVE-2022-22290,Domain Spoofing in Samsung Internet Browser,"The Samsung Internet browser is affected by a vulnerability that allows attackers to exploit an incorrect download source UI. This flaw enables domain spoofing via a specially crafted HTML page, which can mislead users into believing they are interacting with legitimate content. As a result, attackers can potentially harvest sensitive information or execute malicious actions unbeknownst to the user. Users are advised to update to version 16.0.6.23 or later to mitigate this security risk.",Samsung,Samsung Internet,6.5,MEDIUM,0.0009399999980814755,false,,false,false,false,,,false,false,,2022-01-14T19:11:37.000Z,0
CVE-2022-22284,https://securityvulnerability.io/vulnerability/CVE-2022-22284,Improper Authentication in Samsung Internet Browser,"An improper authentication vulnerability exists in Samsung Internet prior to version 16.0.2.19, enabling attackers to bypass password protection for the secret mode. This flaw could allow unauthorized access to sensitive information stored within the browser’s secret mode, posing risks to user privacy and security.",Samsung,Samsung Internet,5.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-01-10T14:12:00.000Z,0
CVE-2021-25521,https://securityvulnerability.io/vulnerability/CVE-2021-25521,Insecure Caller Check in Samsung Internet Affects Mobile Browsing Security,"A vulnerability has been identified in the Samsung Internet browser prior to version 16.0.2 that allows untrusted applications to access the current tab's URL. This issue stems from insufficient security checks in the sharevia deeplink logic, posing a risk of unintended information disclosure. Users of affected versions should update their browser to enhance security and protect against potential exploitation.",Samsung,Samsung Internet,4,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-12-08T14:20:21.000Z,0
CVE-2021-25520,https://securityvulnerability.io/vulnerability/CVE-2021-25520,Insecure Input Validation in Samsung Internet by Samsung,"A security flaw exists in the input validation logic of the SearchKeyword deeplink in Samsung Internet. This vulnerability allows untrusted applications to execute script code within the browser, potentially compromising user data and security. Users are advised to ensure their version of Samsung Internet is updated to 16.0.2 or later to mitigate these risks.",Samsung,Samsung Internet,5.9,MEDIUM,0.000910000002477318,false,,false,false,false,,,false,false,,2021-12-08T14:20:15.000Z,0
CVE-2021-25466,https://securityvulnerability.io/vulnerability/CVE-2021-25466,Improper Scheme Check in Samsung Internet Browser,"An improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 enables attackers to execute a man-in-the-middle attack. This security flaw allows unauthorized access to sensitive information, such as the Samsung Account token, potentially compromising user accounts and data integrity.",Samsung,Samsung Internet,6.5,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2021-09-09T18:05:33.000Z,0
CVE-2021-25445,https://securityvulnerability.io/vulnerability/CVE-2021-25445,Unprotected Component Flaw in Samsung Internet by Samsung,"A vulnerability exists in Samsung Internet that permits unauthorized applications to gain access to internal files, potentially compromising user data and application integrity. This flaw affects versions prior to 14.2, highlighting a significant risk for users who have not updated their browsers. To protect sensitive information and maintain optimal security hygiene, users are encouraged to upgrade to the latest version. For further details, visit the official Samsung security page.",Samsung,Samsung Internet,5.3,MEDIUM,0.001019999966956675,false,,false,false,false,,,false,false,,2021-08-05T19:43:40.000Z,0
CVE-2021-25418,https://securityvulnerability.io/vulnerability/CVE-2021-25418,,Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in specific condition.,Samsung,Samsung Internet,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-06-11T14:33:45.000Z,0
CVE-2021-25419,https://securityvulnerability.io/vulnerability/CVE-2021-25419,,Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phising URL link.,Samsung,Samsung Internet,6.5,MEDIUM,0.0009399999980814755,false,,false,false,false,,,false,false,,2021-06-11T14:33:45.000Z,0
CVE-2021-25366,https://securityvulnerability.io/vulnerability/CVE-2021-25366,,Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication.,Samsung,Samsung Internet,3.2,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-03-25T16:14:25.000Z,0
CVE-2021-25354,https://securityvulnerability.io/vulnerability/CVE-2021-25354,,Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via malicious deeplink.,Samsung,Samsung Internet,3.3,LOW,0.0005200000014156103,false,,false,false,false,,,false,false,,2021-03-25T16:13:14.000Z,0
CVE-2021-25348,https://securityvulnerability.io/vulnerability/CVE-2021-25348,,Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without authorized STORAGE permission.,Samsung,Samsung Internet,2.1,LOW,0.0005600000149570405,false,,false,false,false,,,false,false,,2021-03-04T21:07:19.000Z,0
CVE-2018-10496,https://securityvulnerability.io/vulnerability/CVE-2018-10496,,This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Internet Browser Fixed in version 6.4.0.15. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of TypedArray objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5326.,Samsung,Samsung Internet Browser,8.8,HIGH,0.016499999910593033,false,,false,false,false,,,false,false,,2018-09-24T23:29:00.000Z,0