Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
galaxy app vulnerabilities and exploits
(subscribe to this query)
7.9
CVSSv2
CVE-2015-0863
GALAXY Apps (aka Samsung Apps, Samsung Updates, or com.sec.android.app.samsungapps) prior to 14120405.03.012 allows man-in-the-middle malicious users to obtain sensitive information and execute arbitrary code.
Samsung Samsung Account App -
Samsung Galaxy App -
7.9
CVSSv2
CVE-2015-0864
Samsung Account (AKA com.osp.app.signin) prior to 1.6.0069 and 2.x prior to 2.1.0069 allows man-in-the-middle malicious users to obtain sensitive information and execute arbitrary code.
Samsung Galaxy App -
Samsung Samsung Account App -
5
CVSSv2
CVE-2022-22288
Improper authorization vulnerability in Galaxy Store before 4.5.36.5 allows remote app installation of the allowlist.
Samsung Galaxy Store
2 Github repositories
5.4
CVSSv2
CVE-2020-35693
On some Samsung phones and tablets running Android up to and including 7.1.1, it is possible for an attacker-controlled Bluetooth Low Energy (BLE) device to pair silently with a vulnerable target device, without any user interaction, when the target device's Bluetooth is on,...
Google Android
1 Github repository
3.5
CVSSv2
CVE-2021-37534
app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a galaxy cluster.
Misp Misp 2.4.146
3.5
CVSSv2
CVE-2021-37742
app/View/Elements/GalaxyClusters/view_relation_tree.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster relationships.
Misp Misp 2.4.147
3.5
CVSSv2
CVE-2021-37743
app/View/GalaxyElements/ajax/index.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster elements in JSON format.
Misp Misp 2.4.147
4.3
CVSSv2
CVE-2021-25324
MISP 2.4.136 has Stored XSS in the galaxy cluster view via a cluster name to app/View/GalaxyClusters/view.ctp.
Misp Misp 2.4.136
4.3
CVSSv2
CVE-2021-25325
MISP 2.4.136 has XSS via galaxy cluster element values to app/View/GalaxyElements/ajax/index.ctp. Reference types could contain javascript: URLs.
Misp Misp 2.4.136
5
CVSSv2
CVE-2020-8893
An issue exists in MISP prior to 2.4.121. The Galaxy view contained an incorrectly sanitized search string in app/View/Galaxies/view.ctp.
Misp Misp
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28254
CVE-2024-32515
CVE-2024-21338
validation
CVE-2024-32522
dos
CVE-2024-2101
CVE-2024-21107
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »