Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
galaxy app vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2015-0863
GALAXY Apps (aka Samsung Apps, Samsung Updates, or com.sec.android.app.samsungapps) prior to 14120405.03.012 allows man-in-the-middle malicious users to obtain sensitive information and execute arbitrary code.
Samsung Samsung Account App -
Samsung Galaxy App -
8
CVSSv3
CVE-2015-0864
Samsung Account (AKA com.osp.app.signin) prior to 1.6.0069 and 2.x prior to 2.1.0069 allows man-in-the-middle malicious users to obtain sensitive information and execute arbitrary code.
Samsung Galaxy App -
Samsung Samsung Account App -
7.5
CVSSv3
CVE-2022-22288
Improper authorization vulnerability in Galaxy Store before 4.5.36.5 allows remote app installation of the allowlist.
Samsung Galaxy Store
2 Github repositories
8.8
CVSSv3
CVE-2020-35693
On some Samsung phones and tablets running Android up to and including 7.1.1, it is possible for an attacker-controlled Bluetooth Low Energy (BLE) device to pair silently with a vulnerable target device, without any user interaction, when the target device's Bluetooth is on,...
Google Android
1 Github repository
5.4
CVSSv3
CVE-2021-37534
app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a galaxy cluster.
Misp Misp 2.4.146
5.4
CVSSv3
CVE-2021-37742
app/View/Elements/GalaxyClusters/view_relation_tree.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster relationships.
Misp Misp 2.4.147
6.1
CVSSv3
CVE-2021-25324
MISP 2.4.136 has Stored XSS in the galaxy cluster view via a cluster name to app/View/GalaxyClusters/view.ctp.
Misp Misp 2.4.136
5.4
CVSSv3
CVE-2021-37743
app/View/GalaxyElements/ajax/index.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster elements in JSON format.
Misp Misp 2.4.147
6.1
CVSSv3
CVE-2021-25325
MISP 2.4.136 has XSS via galaxy cluster element values to app/View/GalaxyElements/ajax/index.ctp. Reference types could contain javascript: URLs.
Misp Misp 2.4.136
7.5
CVSSv3
CVE-2020-8893
An issue exists in MISP prior to 2.4.121. The Galaxy view contained an incorrectly sanitized search string in app/View/Galaxies/view.ctp.
Misp Misp
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »