CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Samsung Galaxy Apps before 4.4.01.7 allows modification of the hostname used for load balancing on installations of applications through a man-in-the-middle attack. An attacker may trick Galaxy Apps into using an arbitrary hostname for which the attacker can provide a valid SSL certificate, and...

8.1CVSS7.4AI score0.00973EPSS

Exploits1References1

CNNVD•added 2022/04/12 12:0 a.m.•2 views

Samsung Galaxy S21 输入验证错误漏洞

SAMSUNG Galaxy Apps is a pre-installed application store program for Samsung mobile devices from Samsung South Korea. An input validation error vulnerability exists in Samsung Galaxy S21 versions prior to 4.5.40.5. An attacker can exploit the vulnerability to execute arbitrary code...

3.9CVSS5.5AI score0.00098EPSS

Exploits0References4

CNVD•added 2019/06/12 12:0 a.m.•3 views

Samsung Galaxy Apps Trust Management Issue Vulnerability

Samsung Galaxy Apps is a pre-installed application store program for Samsung mobile devices from Samsung South Korea. A security vulnerability exists in Samsung Galaxy Apps versions prior to 4.4.01.7. An attacker can exploit the vulnerability to modify the hostname to mimic the app store's API,...

8.1CVSS6.7AI score0.00973EPSS

Exploits1References1

OSV•added 2019/06/07 4:29 p.m.•1 views

CVE-2018-20135

8.1CVSS6AI score0.00973EPSS

Exploits1References2

NVD•added 2019/06/07 4:29 p.m.•17 views

CVE-2018-20135

8.1CVSS8.2AI score0.00973EPSS

Exploits1References2

Prion•added 2019/06/07 4:29 p.m.•16 views

Design/Logic Flaw

6.8CVSS8.2AI score0.00973EPSS

Exploits1References2Affected Software1

Cvelist•added 2019/06/07 3:45 p.m.•17 views

CVE-2018-20135

8.2AI score0.00973EPSS

Exploits1References2

CVE•added 2019/06/07 3:45 p.m.•74 views

CVE-2018-20135

Samsung Galaxy Apps before 4.4.01.7 is vulnerable: an MITM-empowered attacker can cause the app store API to use a forged load-balancing hostname and bypass app-signature validation, enabling remote code execution on the device. Core issues include an HTTP method that obtains the load-balanced ho...

8.1CVSS8.1AI score0.00973EPSS

Exploits1References2Affected Software1

NVD•added 2018/09/24 11:29 p.m.•10 views

CVE-2018-10502

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 4.2.18.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

7.8CVSS7.7AI score0.00046EPSS

Exploits0References1

OSV•added 2018/09/24 11:29 p.m.•0 views

CVE-2018-10502

7.8CVSS6AI score0.00046EPSS

Exploits0References1

NVD•added 2018/09/24 11:29 p.m.•9 views

CVE-2018-10500

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

7CVSS7AI score0.00046EPSS

Exploits0References1

Prion•added 2018/09/24 11:29 p.m.•11 views

Design/Logic Flaw

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

4.4CVSS6.9AI score0.00077EPSS

Exploits0References1Affected Software1

Prion•added 2018/09/24 11:29 p.m.•12 views

Design/Logic Flaw

4.4CVSS6.9AI score0.00046EPSS

Exploits0References1Affected Software1

NVD•added 2018/09/24 11:29 p.m.•13 views

CVE-2018-10499

7CVSS7AI score0.00077EPSS

Exploits0References1

OSV•added 2018/09/24 11:29 p.m.•1 views

CVE-2018-10499