Samsung

Galaxy Store

26 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2023-42580

  • EPSS 0.37%
  • Published 05.12.2023 03:15:19
  • Last modified 21.11.2024 08:22:49

Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store.

5.5

CVE-2023-30705

  • EPSS 0.05%
  • Published 10.08.2023 02:15:12
  • Last modified 21.11.2024 08:00:43

Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission.

9.6

CVE-2023-21516

  • EPSS 0.36%
  • Published 26.05.2023 22:15:14
  • Last modified 21.11.2024 07:42:59

XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

8.8

CVE-2023-21515

  • EPSS 0.18%
  • Published 26.05.2023 22:15:14
  • Last modified 21.11.2024 07:42:59

InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

8.8

CVE-2023-21514

  • EPSS 0.14%
  • Published 26.05.2023 22:15:14
  • Last modified 21.11.2024 07:42:59

Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

6.1

CVE-2023-21434

  • EPSS 10.46%
  • Published 09.02.2023 19:15:15
  • Last modified 21.11.2024 07:42:51

Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page.

7.8

CVE-2023-21433

  • EPSS 2.64%
  • Published 09.02.2023 19:15:15
  • Last modified 21.11.2024 07:42:51

Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store.

7.8

CVE-2022-33710

  • EPSS 0.03%
  • Published 12.07.2022 14:15:18
  • Last modified 21.11.2024 07:08:22

Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.

7.8

CVE-2022-33709

  • EPSS 0.03%
  • Published 12.07.2022 14:15:18
  • Last modified 21.11.2024 07:08:22

Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.

7.8

CVE-2022-33708

  • EPSS 0.03%
  • Published 12.07.2022 14:15:18
  • Last modified 21.11.2024 07:08:22

Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.