Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2022
CVE-2022-22702
PartKeepr versions up to v1.4.0, in the functionality to upload attachments using a URL when creating a part does not validate that requests can be made to local ports, allowing an authenticated user to carry out SSRF attacks and port enumeration.
CVSS Score
4.3
EPSS Score
0.001
Published
2022-01-10
CVE-2022-22288
Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the allowlist.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-01-10
CVE-2022-22289
Improper access control vulnerability in S Assistant prior to version 7.5 allows attacker to remotely get senstive information.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-01-10
CVE-2022-22287
Abitrary file access vulnerability in Samsung Email prior to 6.1.60.16 allows attacker to read isolated data in sandbox.
CVSS Score
3.9
EPSS Score
0.001
Published
2022-01-10
CVE-2022-22286
A vulnerability using PendingIntent in Bixby Routines prior to version 3.1.21.8 in Android R(11.0) and 2.6.30.5 in Android Q(10.0) allows attackers to execute privileged action by hijacking and modifying the intent.
CVSS Score
4.4
EPSS Score
0.001
Published
2022-01-10
CVE-2022-22284
Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication
CVSS Score
5.7
EPSS Score
0.001
Published
2022-01-10
CVE-2022-22285
A vulnerability using PendingIntent in Reminder prior to version 12.2.05.0 in Android R(11.0) and 12.3.02.1000 in Android S(12.0) allows attackers to execute privileged action by hijacking and modifying the intent.
CVSS Score
4.4
EPSS Score
0.001
Published
2022-01-10
CVE-2022-22283
Improper session management vulnerability in Samsung Health prior to 6.20.1.005 prevents logging out from Samsung Health App.
CVSS Score
2.8
EPSS Score
0.001
Published
2022-01-10
CVE-2022-22272
Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission
CVSS Score
4.0
EPSS Score
0.0
Published
2022-01-10
CVE-2022-22271
A missing input validation before memory copy in TIMA trustlet prior to SMR Jan-2022 Release 1 allows attackers to copy data from arbitrary memory.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-01-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved