Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.71.8 allows local attackers to write arbitrary files with the privilege of Galaxy...
5.1CVSS
6.8AI Score
0.0004EPSS
Implicit intent hijacking vulnerability in VoiceSearch of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit...
5.5CVSS
5.2AI Score
0.001EPSS
Implicit intent hijacking vulnerability in IAP of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit...
5.5CVSS
5.2AI Score
0.001EPSS
Implicit intent hijacking vulnerability in SamsungAccount of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit...
5.5CVSS
5.2AI Score
0.001EPSS
Implicit intent hijacking vulnerability in AccountActivity of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit...
5.5CVSS
5.2AI Score
0.001EPSS
Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access...
7.5CVSS
7.6AI Score
0.001EPSS
Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy...
9.8CVSS
9.4AI Score
0.001EPSS
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store...
6.8CVSS
5.3AI Score
0.0004EPSS
InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy...
8.8CVSS
8.7AI Score
0.001EPSS
XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy...
9.6CVSS
9AI Score
0.001EPSS
Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy...
8.8CVSS
8.8AI Score
0.001EPSS
Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy...
7.8CVSS
7.4AI Score
0.0004EPSS
Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web...
6.2CVSS
6.3AI Score
0.001EPSS
Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store...
7.8CVSS
7.4AI Score
0.0004EPSS
Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store...
7.8CVSS
7.4AI Score
0.0004EPSS
Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store...
7.8CVSS
7.4AI Score
0.0004EPSS
Improper input validation vulnerability in InstallAgent in Galaxy Store prior to version 4.5.41.8 allows attacker to overwrite files stored in a specific path. The patch adds proper protection to prevent overwrite to existing...
6.2CVSS
5.4AI Score
0.0004EPSS
Path traversal vulnerability in unzip method of InstallAgentCommonHelper in Galaxy store prior to version 4.5.40.5 allows attacker to access the file of Galaxy...
6.2CVSS
5.4AI Score
0.0004EPSS
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local attackers to access privileged content providers as Galaxy Store...
6.8CVSS
5.3AI Score
0.0004EPSS
Improper access control vulnerability in Galaxy Store prior to version 4.5.36.4 allows attacker to install applications from Galaxy Store without user...
7.8CVSS
7.5AI Score
0.0004EPSS
Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app installation of the...
7.5CVSS
7.5AI Score
0.001EPSS
Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy...
7.1CVSS
5.4AI Score
0.0004EPSS
Samsung Galaxy Apps before 4.4.01.7 allows modification of the hostname used for load balancing on installations of applications through a man-in-the-middle attack. An attacker may trick Galaxy Apps into using an arbitrary hostname for which the attacker can provide a valid SSL certificate, and...
8.1CVSS
8.1AI Score
0.003EPSS