CVE-2026-21002

Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application...

CVE-2026-21002

Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application...

SAMSUNG Galaxy Store 安全漏洞

SAMSUNG Galaxy Store is an application store owned by South Korean company Samsung. Versions of SAMSUNG Galaxy Store prior to version 4.6.03.8 contained security vulnerabilities. These vulnerabilities stemmed from improper encryption signature verification, which could allow local attackers to...

CVE-2024-34598

Improper export of component in GoodLock prior to version 2.2.04.95 allows local attackers to install arbitrary applications from Galaxy Store...

CVE-2024-22092

in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action...

CVE-2024-22092 Bundlemanager has an authentication bypass vulnerability

in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action...

CVE-2023-21433

Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store...

Xiaomi Mi App Store Open Redirect Vulnerability

A security vulnerability exists in Xiaomi Mi App Store, an app store of Xiaomi, a Chinese company. The vulnerability is due to the Xiaomi App Store not verifying the validity of incoming data, which could be exploited by an attacker to cause the app store to automatically download and install app...

CVE-2020-14118

An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by the Mi App Store does not verify the validity of the incoming data, can cause the app store to automatically download and install apps...

PT-2022-2299 · Cisco · Cisco Iox +1

Name of the Vulnerable Software and Affected Versions: Cisco IOx affected versions not specified Description: The issue exists due to incorrect restriction of the directory path name with limited access. An attacker could inject arbitrary commands into the underlying host operating system, execut...

Samsung SMR 输入验证错误漏洞

Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung mobile applications. A security vulnerability exists in versions prior to Samsung SMR APR-2021 Release 1, which allows an unprivileged application to install arbitrary applications, grant device...

Unspecified Vulnerability in Deskpro (CNVD-2020-22253)

Deskpro is a helpdesk software solution that helps companies manage communication with their customers and user base across multiple channels. A security vulnerability exists in Deskpro. An attacker could exploit the vulnerability to be able to control/install helpdesk applications and disclose t...

Samsung S7 Edge Access Control Error Vulnerability

Samsung S7 Edge is a smartphone from the South Korean company Samsung Samsung. An access control error vulnerability exists in Samsung S7 Edge. The vulnerability stems from the network system or product not properly restricting access to resources from unauthorized roles. An attacker could exploi...

Samsung J6 Access Control Error Vulnerability

The Samsung J6 is a smartphone from the South Korean company Samsung Samsung. An access control error vulnerability exists in the Samsung J6. The vulnerability stems from the network system or product not properly restricting access to resources from unauthorized roles. An attacker could exploit...

CVE-2017-9381

An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a user with the capability of installing or deleting apps on the device using the web management interface. It seems that the device does not implement any cross-site request forgery protection...

Unauthorized access vulnerability in Xiaomi Box

Xiaomi Box is a high-definition Internet TV box. Xiaomi Box suffers from an unauthorized access vulnerability, which is due to the failure of the Xiaomi Box server to verify authorization for service access. An attacker can use this vulnerability to install and uninstall applications, play...

Remote Code Execution Vulnerability in Stranger Client

Stranger is a location-based mobile social networking tool. There is a remote code execution vulnerability in the Stranger client, which can be exploited by an attacker to trigger an attack code to automatically download and automatically use the interface to install any application, call sensiti...

Shopify: staff memeber can install apps even if have limitied access

hey ; for example staff member have limit access to orders when this memeber want install app scope readorders ,error message showed : Oauth error invalidrequest: You do not have permission to access the requested scopes bug: ----- staff memeber can install app even if have limit access to scops...