Show filters
24 Total Results
Displaying 1-10 of 24
Sort by:
Attacker Value
Unknown

CVE-2025-20895

Disclosure Date: February 04, 2025 (last updated February 04, 2025)
Authentication Bypass Using an Alternate Path in Galaxy Store prior to version 4.5.87.6 allows physical attackers to install arbitrary applications to bypass restrictions of Setupwizard.
0
0
Attacker Value
Unknown

CVE-2024-34601

Disclosure Date: July 02, 2024 (last updated January 07, 2025)
Improper verification of intent by broadcast receiver vulnerability in GalaxyStore prior to version 4.5.81.0 allows local attackers to launch unexported activities of GalaxyStore.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-20870

Disclosure Date: May 07, 2024 (last updated May 07, 2024)
Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.71.8 allows local attackers to write arbitrary files with the privilege of Galaxy Store.
0
0
Attacker Value
Unknown

CVE-2024-20825

Disclosure Date: February 06, 2024 (last updated February 10, 2024)
Implicit intent hijacking vulnerability in IAP of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-20824

Disclosure Date: February 06, 2024 (last updated February 10, 2024)
Implicit intent hijacking vulnerability in VoiceSearch of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-20823

Disclosure Date: February 06, 2024 (last updated February 10, 2024)
Implicit intent hijacking vulnerability in SamsungAccount of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-20822

Disclosure Date: February 06, 2024 (last updated February 10, 2024)
Implicit intent hijacking vulnerability in AccountActivity of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-42581

Disclosure Date: December 05, 2023 (last updated December 13, 2023)
Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-42580

Disclosure Date: December 05, 2023 (last updated December 13, 2023)
Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-30705

Disclosure Date: August 10, 2023 (last updated October 08, 2023)
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
View More Topics  Next >