Show filters
80 Total Results
Displaying 11-20 of 80
Sort by:
Attacker Value
Unknown
CVE-2023-42581
Disclosure Date: December 05, 2023 (last updated December 13, 2023)
Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data.
0
Attacker Value
Unknown
CVE-2023-42580
Disclosure Date: December 05, 2023 (last updated December 13, 2023)
Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store.
0
Attacker Value
Unknown
CVE-2023-30705
Disclosure Date: August 10, 2023 (last updated October 08, 2023)
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission.
0
Attacker Value
Unknown
CVE-2023-21516
Disclosure Date: May 26, 2023 (last updated October 08, 2023)
XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.
0
Attacker Value
Unknown
CVE-2023-21515
Disclosure Date: May 26, 2023 (last updated October 08, 2023)
InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.
0
Attacker Value
Unknown
CVE-2023-21514
Disclosure Date: May 26, 2023 (last updated October 08, 2023)
Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.
0
Attacker Value
Unknown
CVE-2022-1230
Disclosure Date: March 28, 2023 (last updated October 08, 2023)
This vulnerability allows local attackers to execute arbitrary code on affected installations of Samsung Galaxy S21 prior to 4.5.40.5 phones. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of redirections. An attacker can force a redirection to a site that serves malicious content. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the current user. Was ZDI-CAN-15918.
0
Attacker Value
Unknown
CVE-2023-21434
Disclosure Date: February 09, 2023 (last updated October 08, 2023)
Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page.
0
Attacker Value
Unknown
CVE-2023-21433
Disclosure Date: February 09, 2023 (last updated October 08, 2023)
Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store.
0
Attacker Value
Unknown
CVE-2022-33710
Disclosure Date: July 12, 2022 (last updated February 24, 2025)
Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.
0
