Galaxy Store

galaxy_store

Vendor: Samsung • 31 CVEs

CVEs (31)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-21434 1Samsung 1Galaxy Store Nov 21, 2024 Feb 9, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page.
CVE-2023-21433 1Samsung 1Galaxy Store Nov 21, 2024 Feb 9, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store.
CVE-2022-33710 1Samsung 1Galaxy Store Nov 21, 2024 Jul 12, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.
CVE-2022-33709 1Samsung 1Galaxy Store Nov 21, 2024 Jul 12, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.
CVE-2022-33708 1Samsung 1Galaxy Store Nov 21, 2024 Jul 12, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.
CVE-2022-28791 1Samsung 1Galaxy Store Nov 21, 2024 May 3, 2022 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Improper input validation vulnerability in InstallAgent in Galaxy Store prior to version 4.5.41.8 allows attacker to overwrite files stored in a specific path. The patch adds proper protection to prevent overwrite to exi...Show more Improper input validation vulnerability in InstallAgent in Galaxy Store prior to version 4.5.41.8 allows attacker to overwrite files stored in a specific path. The patch adds proper protection to prevent overwrite to existing files.Show less
CVE-2022-28776 1Samsung 1Galaxy Store Nov 21, 2024 Apr 11, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Improper access control vulnerability in Galaxy Store prior to version 4.5.36.4 allows attacker to install applications from Galaxy Store without user interactions.
CVE-2022-28544 1Samsung 1Galaxy Store Nov 21, 2024 Apr 11, 2022 N/A· v4 5.5 MEDIUM· v3 5.0 MEDIUM· v2 Path traversal vulnerability in unzip method of InstallAgentCommonHelper in Galaxy store prior to version 4.5.40.5 allows attacker to access the file of Galaxy store.
CVE-2022-28542 1Samsung 1Galaxy Store Nov 21, 2024 Apr 11, 2022 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local attackers to access privileged content providers as Galaxy Store permission.
CVE-2022-22288 1Samsung 1Galaxy Store Nov 21, 2024 Jan 10, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the allowlist.
CVE-2021-25499 1Samsung 1Galaxy Store Nov 21, 2024 Oct 6, 2021 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy Store.

Previous 12