Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samsung galaxy store vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-21433
Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local malicious users to install applications from Galaxy Store.
Samsung Galaxy Store
8.8
CVSSv3
CVE-2023-21514
Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows malicious users to execute javascript API to install APK from Galaxy Store.
Samsung Galaxy Store
5.5
CVSSv3
CVE-2022-28542
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local malicious users to access privileged content providers as Galaxy Store permission.
Samsung Galaxy Store
7.8
CVSSv3
CVE-2022-28776
Improper access control vulnerability in Galaxy Store prior to version 4.5.36.4 allows malicious user to install applications from Galaxy Store without user interactions.
Samsung Galaxy Store
5.5
CVSSv3
CVE-2022-28544
Path traversal vulnerability in unzip method of InstallAgentCommonHelper in Galaxy store prior to version 4.5.40.5 allows malicious user to access the file of Galaxy store.
Samsung Galaxy Store
5.5
CVSSv3
CVE-2022-28791
Improper input validation vulnerability in InstallAgent in Galaxy Store prior to version 4.5.41.8 allows malicious user to overwrite files stored in a specific path. The patch adds proper protection to prevent overwrite to existing files.
Samsung Galaxy Store
7.5
CVSSv3
CVE-2022-22288
Improper authorization vulnerability in Galaxy Store before 4.5.36.5 allows remote app installation of the allowlist.
Samsung Galaxy Store
2 Github repositories
9.8
CVSSv3
CVE-2023-42580
Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows malicious users to execute JavaScript API to install APK from Galaxy Store.
Samsung Galaxy Store
7.5
CVSSv3
CVE-2023-42581
Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows malicious users to execute JavaScript API to access data.
Samsung Galaxy Store
7.8
CVSSv3
CVE-2022-33709
Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local malicious users to launch activities as Galaxy Store privilege.
Samsung Galaxy Store
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »