CVE-2022-39909

MEDIUM Year: 2022
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-345
View all →

Vulnerability Description

Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager prior to version 2.1.221019.51 allows local attackers to create arbitrary file using symbolic link.

Related Vulnerabilities

CVE-2019-10157

MEDIUM
CVSS:5.5(Medium)

It was found that Keycloak's Node.js adapter before version 4.8.3 did not properly verify the web token received from the server in its backchannel logout . An attacker with local access could use thi...

CWE-3452019

CVE-2020-14122

MEDIUM
CVSS:5.5(Medium)

Some Xiaomi phones have information leakage vulnerabilities, and some of them may be able to forge a specific identity due to the lack of parameter verification, resulting in user information leakage.

CWE-3452020

CVE-2020-23906

MEDIUM
CVSS:5.5(Medium)

FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio file due to insufficient verification of data authenticity.

CWE-3452020

CVE-2020-9885

MEDIUM
CVSS:5.5(Medium)

An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchO...

CWE-3452020

CVE-2021-22419

MEDIUM
CVSS:5.5(Medium)

A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to cause persistent dos.

CWE-3452021

CVE-2021-22460

MEDIUM
CVSS:5.5(Medium)

A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to bypass the control mechanism.

CWE-3452021