Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Galaxy_store
(Samsung)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 21 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2024-02-06 | CVE-2024-20822 | Implicit intent hijacking vulnerability in AccountActivity of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | Galaxy_store | 5.5 | ||
2024-02-06 | CVE-2024-20823 | Implicit intent hijacking vulnerability in SamsungAccount of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | Galaxy_store | 5.5 | ||
2024-02-06 | CVE-2024-20824 | Implicit intent hijacking vulnerability in VoiceSearch of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | Galaxy_store | 5.5 | ||
2024-02-06 | CVE-2024-20825 | Implicit intent hijacking vulnerability in IAP of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | Galaxy_store | 5.5 | ||
2023-12-05 | CVE-2023-42580 | Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store. | Galaxy_store | 9.8 | ||
2023-08-10 | CVE-2023-30705 | Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission. | Galaxy_store | 5.5 | ||
2022-04-11 | CVE-2022-28776 | Improper access control vulnerability in Galaxy Store prior to version 4.5.36.4 allows attacker to install applications from Galaxy Store without user interactions. | Galaxy_store | 7.8 | ||
2022-01-10 | CVE-2022-22288 | Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the allowlist. | Galaxy_store | 7.5 | ||
2023-05-26 | CVE-2023-21514 | Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store. | Galaxy_store | 8.8 | ||
2023-05-26 | CVE-2023-21515 | InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store. | Galaxy_store | 8.8 |