Search
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-42580 | 1 Samsung | 1 Galaxy Store | 2023-12-12 | N/A | 9.8 CRITICAL |
| Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store. | |||||
| CVE-2023-42581 | 1 Samsung | 1 Galaxy Store | 2023-12-12 | N/A | 7.5 HIGH |
| Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data. | |||||
| CVE-2023-30705 | 1 Samsung | 1 Galaxy Store | 2023-08-15 | N/A | 5.5 MEDIUM |
| Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission. | |||||
| CVE-2022-28791 | 1 Samsung | 1 Galaxy Store | 2022-05-11 | 2.1 LOW | 5.5 MEDIUM |
| Improper input validation vulnerability in InstallAgent in Galaxy Store prior to version 4.5.41.8 allows attacker to overwrite files stored in a specific path. The patch adds proper protection to prevent overwrite to existing files. | |||||
| CVE-2022-22288 | 1 Samsung | 1 Galaxy Store | 2022-01-19 | 5.0 MEDIUM | 7.5 HIGH |
| Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the allowlist. | |||||
| CVE-2021-25499 | 1 Samsung | 1 Galaxy Store | 2021-10-14 | 2.1 LOW | 5.5 MEDIUM |
| Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy Store. | |||||