Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2022
CVE-2022-24001
Information disclosure vulnerability in Edge Panel prior to Android S(12) allows physical attackers to access screenshot in clipboard via Edge Panel.
CVSS Score
3.8
EPSS Score
0.0
Published
2022-02-11
CVE-2022-24002
Improper Authorization vulnerability in Link Sharing prior to version 12.4.00.3 allows attackers to open protected activity via PreconditionActivity.
CVSS Score
4.0
EPSS Score
0.002
Published
2022-02-11
CVE-2022-24003
Exposure of Sensitive Information vulnerability in Bixby Vision prior to version 3.7.50.6 allows attackers to access internal data of Bixby Vision via unprotected intent.
CVSS Score
4.0
EPSS Score
0.002
Published
2022-02-11
CVE-2022-24923
Improper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China models allows untrusted applications to load arbitrary URL and local files in webview.
CVSS Score
4.0
EPSS Score
0.001
Published
2022-02-11
CVE-2022-24924
An improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a specific named system directory without a proper permission.
CVSS Score
2.2
EPSS Score
0.038
Published
2022-02-11
CVE-2022-24925
Improper input validation vulnerability in SettingsProvider prior to Android S(12) allows privileged attackers to trigger a permanent denial of service attack on a victim's devices.
CVSS Score
4.4
EPSS Score
0.0
Published
2022-02-11
CVE-2022-24926
Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.15-6 allows privileged attackers to trigger a XSS on a victim's devices.
CVSS Score
5.7
EPSS Score
0.005
Published
2022-02-11
CVE-2022-24927
Improper privilege management vulnerability in Samsung Video Player prior to version 7.3.15.30 allows attackers to execute video files without permission.
CVSS Score
4.2
EPSS Score
0.001
Published
2022-02-11
CVE-2022-0561
Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-02-11
CVE-2022-0562
Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-02-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved