Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Account
(Samsung)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 23 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-11-07 | CVE-2023-42540 | Improper access control vulnerability in Samsung Account prior to version 14.5.01.1 allows attackers to access sensitive information via implicit intent. | Account | 5.5 | ||
| 2024-03-05 | CVE-2024-20841 | Improper Handling of Insufficient Privileges in Samsung Account prior to version 14.8.00.3 allows local attackers to access data. | Account | 5.5 | ||
| 2021-03-25 | CVE-2021-25350 | Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user information via log. | Account | 3.9 | ||
| 2021-03-25 | CVE-2021-25351 | Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password. | Account | 2.4 | ||
| 2021-04-09 | CVE-2021-25381 | Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | Account | 7.8 | ||
| 2021-06-11 | CVE-2021-25403 | Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provider using SettingWebView component. | Account | 3.3 | ||
| 2022-06-07 | CVE-2022-30732 | Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows attacker to access sensitive information via onActivityResult. | Account | 7.5 | ||
| 2022-06-07 | CVE-2022-30733 | Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission. | Account | 5.3 | ||
| 2022-06-07 | CVE-2022-30735 | Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the access_token without permission. | Account | 7.5 | ||
| 2022-06-07 | CVE-2022-30734 | Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission. | Account | 5.3 |