Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Internet
(Samsung)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 23 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-08-05 | CVE-2021-25445 | Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in Samsung Internet. | Internet | 5.3 | ||
| 2021-09-09 | CVE-2021-25466 | Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and obtain Samsung Account token. | Internet | 5.9 | ||
| 2021-12-08 | CVE-2021-25521 | Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in Samsung Internet. | Internet | 3.3 | ||
| 2021-12-08 | CVE-2021-25520 | Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to execute script codes in Samsung Internet. | Internet | 6.1 | ||
| 2022-01-10 | CVE-2022-22284 | Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication | Internet | 5.5 | ||
| 2022-01-14 | CVE-2022-22290 | Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted HTML page. | Internet | 6.5 | ||
| 2022-04-11 | CVE-2022-27839 | Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1 allows attackers to access bookmark tab without proper credentials. | Internet | 4.0 | ||
| 2022-06-07 | CVE-2022-30738 | Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address bar via executing script. | Internet | 4.3 | ||
| 2022-06-07 | CVE-2022-30740 | Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical attackers to guess stored credit card numbers. | Internet | 4.3 | ||
| 2022-10-07 | CVE-2022-39873 | Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret mode without user authentication. | Internet | 4.6 |