Samsung Quick Share vulnerabilities

5 known vulnerabilities affecting samsung/quick_share.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM3LOW2

Vulnerabilities

Page 1 of 1
CVE-2024-49421MEDIUMCVSS 4.3fixed in 3.5.19.41fixed in 3.5.19.42+1 more2024-12-03
CVE-2024-49421 [MEDIUM] CWE-22 CVE-2024-49421: Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 1 Path traversal in Quick Share Agent prior to version 3.5.14.47 in Android 12, 3.5.19.41 in Android 13, and 3.5.19.42 in Android 14 allows adjacent attackers to write file in arbitrary location.
nvd
CVE-2023-42544MEDIUMCVSS 5.5fixed in 13.5.52.02023-11-07
CVE-2023-42544 [MEDIUM] CVE-2023-42544: Improper access control vulnerability in Quick Share prior to 13.5.52.0 allows local attacker to acc Improper access control vulnerability in Quick Share prior to 13.5.52.0 allows local attacker to access local files.
nvd
CVE-2023-21462LOWCVSS 3.3fixed in 3.5.14.18fixed in 3.5.16.202023-03-16
CVE-2023-21462 [MEDIUM] CWE-215 CVE-2023-21462: The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in Android 12 and 3.5.16.20 in Android 13 allows to local attacker to access MAC address without related permission.
nvd
CVE-2022-39860LOWCVSS 3.5fixed in 13.2.3.52022-10-07
CVE-2022-39860 [MEDIUM] CWE-284 CVE-2022-39860: Improper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to ac Improper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to access sensitive information via implicit broadcast.
nvd
CVE-2022-30745MEDIUMCVSS 5.5fixed in 13.1.2.42022-06-07
CVE-2022-30745 [MEDIUM] CWE-284 CVE-2022-30745: Improper access control vulnerability in Quick Share prior to version 13.1.2.4 allows attacker to ac Improper access control vulnerability in Quick Share prior to version 13.1.2.4 allows attacker to access internal files in Quick Share.
nvd