Shodan
Vulnerabilities
Vulnerable Software
Samsung:  Security Vulnerabilities
CVE-2022-40280
An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_close after sqlite3_open_v2, leading to a denial of service.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-09-08
CVE-2022-40281
An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). cyassl_connect_step2 in curl/vtls/cyassl.c has a missing X509_free after SSL_get_peer_certificate, leading to information disclosure.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-09-08
CVE-2022-39828
sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_private_key, leading to a denial of service.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-09-05
CVE-2022-39829
There is a NULL pointer dereference in aes256_encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVP_CIPHER_CTX_new.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-09-05
CVE-2022-39830
sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_public_key_affine_coordinates, leading to a denial of service.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-09-05
CVE-2022-36621
Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_AllocateTransientObject.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-09-01
CVE-2022-36622
Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_GetObjectInfo1.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-09-01
CVE-2022-38155
TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive Memory Allocation via a large len value, as demonstrated by a Numaker-PFM-M2351 TEE kernel crash.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-08-11
CVE-2022-36833
Improper Privilege Management vulnerability in Game Optimizing Service prior to versions 3.3.04.0 in Android 10, and 3.5.04.8 in Android 11 and above allows local attacker to execute hidden function for developer by changing package name.
CVSS Score
7.3
EPSS Score
0.001
Published
2022-08-05
CVE-2022-36834
Exposure of Sensitive Information vulnerability in Game Launcher prior to version 6.0.07 allows local attacker to access app data with user interaction.
CVSS Score
3.3
EPSS Score
0.001
Published
2022-08-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved