Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
galaxy app vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2015-0863
GALAXY Apps (aka Samsung Apps, Samsung Updates, or com.sec.android.app.samsungapps) prior to 14120405.03.012 allows man-in-the-middle malicious users to obtain sensitive information and execute arbitrary code.
Samsung Samsung Account App -
Samsung Galaxy App -
8
CVSSv3
CVE-2015-0864
Samsung Account (AKA com.osp.app.signin) prior to 1.6.0069 and 2.x prior to 2.1.0069 allows man-in-the-middle malicious users to obtain sensitive information and execute arbitrary code.
Samsung Galaxy App -
Samsung Samsung Account App -
7.5
CVSSv3
CVE-2022-22288
Improper authorization vulnerability in Galaxy Store before 4.5.36.5 allows remote app installation of the allowlist.
Samsung Galaxy Store
2 Github repositories
8.8
CVSSv3
CVE-2020-35693
On some Samsung phones and tablets running Android up to and including 7.1.1, it is possible for an attacker-controlled Bluetooth Low Energy (BLE) device to pair silently with a vulnerable target device, without any user interaction, when the target device's Bluetooth is on,...
Google Android
1 Github repository
5.4
CVSSv3
CVE-2021-37534
app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a galaxy cluster.
Misp Misp 2.4.146
5.4
CVSSv3
CVE-2021-37742
app/View/Elements/GalaxyClusters/view_relation_tree.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster relationships.
Misp Misp 2.4.147
5.4
CVSSv3
CVE-2021-37743
app/View/GalaxyElements/ajax/index.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster elements in JSON format.
Misp Misp 2.4.147
6.1
CVSSv3
CVE-2021-25324
MISP 2.4.136 has Stored XSS in the galaxy cluster view via a cluster name to app/View/GalaxyClusters/view.ctp.
Misp Misp 2.4.136
6.1
CVSSv3
CVE-2021-25325
MISP 2.4.136 has XSS via galaxy cluster element values to app/View/GalaxyElements/ajax/index.ctp. Reference types could contain javascript: URLs.
Misp Misp 2.4.136
4.3
CVSSv3
CVE-2013-4764
Samsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send arbitrary SMS texts to arbitrary destinations without permission.
Samsung Galaxy S3 Firmware 1.0
Samsung Galaxy S4 Firmware 1.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »