CVE-2019-20623

An issue was discovered on Samsung mobile devices with N7.1, O8.x, and P9.0 software. Gallery has uninitialized memory disclosure. The Samsung ID is SVE-2018-13060 February 2019...

EUVD-2025-33811

Identity authentication bypass vulnerability in the Gallery app. Successful exploitation of this vulnerability may affect service confidentiality...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An authentication bypass vulnerability exists in the Huawei HarmonyOS Gallery app, which can be exploited by an attacker to compromise service confidentialit...

EUVD-2020-20804

Malware in sbrugna...

EUVD-2019-11163

Malware in sbrugna...

EUVD-2018-3540

Malware in sbrugna...

EUVD-2016-10272

Malware in sbrugna...

CVE-2024-51527

Permission control vulnerability in the Gallery app Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2021-25379

Intent redirection vulnerability in Gallery prior to version 5.4.16.1 allows attacker to execute privileged action...

CVE-2020-28342

An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 China / India software. The S Secure application allows attackers to bypass authentication for a locked Gallery application via the Reminder application. The Samsung ID is SVE-2020-18689 November 2020...

Huawei HarmonyOS和EMUI 安全漏洞

Huawei EMUI and Huawei HarmonyOS are both products of the Chinese company Huawei Huawei.Huawei EMUI is a mobile operating system based on Android development.Huawei HarmonyOS is an operating system. Provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS and...

CVE-2023-31225

The Gallery app has the risk of hijacking attacks. Successful exploitation of this vulnerability may cause download failures and affect product availability...

CVE-2020-28342

Technical details are not publicly available in the provided documents; no information on affected products, components, or fixes beyond the generic description. Monitor for updates.

Nextcloud server improper authorization vulnerability

Nextcloud is a client-server software suite for creating network hard disks. An improper authorization vulnerability exists in Nextcloud Server 17.0.0. An attacker can exploit the vulnerability to cause preview and file disclosure when opening a file to place a share link via the Gallery...

CVE-2018-11511

The tree list functionality in the photo gallery application in ASUSTOR ADM 3.1.0.RFQ3 has a SQL injection vulnerability that affects the ‘albumid’ or ‘scope’ parameter via a photo-gallery/api/album/treelists/ URI. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...

Nextcloud: Stored XSS in Gallery application (NC-SA-2017-010)

Stored XSS in Gallery application NC-SA-2017-010 Risk level: Low CVSS v3 Base Score: 3 AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N CWE: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' CWE-79 Description A JavaScript library used by Nextcloud for sanitizing untrusted...

Nextcloud Multiple Vulnerabilities - Linux

Nextcloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nextcloud:nextcloudserver"; if...

Cross site scripting

Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from Reflected XSS in the Gallery application. The gallery app was not properly sanitizing exception messages from the Nextcloud/ownCloud server. Due to an endpoint where an attacker could influence the error message,...

Reflected XSS in Gallery application - ownCloud

The gallery app was not properly sanitizing exception messages from the ownCloud server. Due to an endpoint where an attacker could influence the error message this lead to a reflected Cross-Site-Scripting vulnerability. Affected Software ownCloud Server 9.1.2 CVE-2016-????...

Nextcloud 'share.js' Gallery Application XSS Vulnerability - Linux

Nextcloud is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...