Lucene search
+L

24 matches found

NVD
NVD
added 3 days ago5 views

CVE-2026-20297

In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, 9.4.13, and 9.3.14, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.6, 10.2.2510.18, and 10.1.2507.24, a user who holds a role that contains the editlocalapps and installapps capabilities could cause a legitimate app...

7.2CVSS0.00381EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago39 views

CVE-2026-20297 Path Traversal through 'explicit_appname' in the App Install REST Endpoint in Splunk Enterprise

In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, 9.4.13, and 9.3.14, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.6, 10.2.2510.18, and 10.1.2507.24, a user who holds a role that contains the editlocalapps and installapps capabilities could cause a legitimate app...

7.2CVSS0.00381EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-44736

In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, 9.4.13, and 9.3.14, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.6, 10.2.2510.18, and 10.1.2507.24, a user who holds a role that contains the editlocalapps and installapps capabilities could cause a legitimate app...

7.2CVSS6.1AI score0.00381EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago5 views

CVE-2026-20297

In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, 9.4.13, and 9.3.14, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.6, 10.2.2510.18, and 10.1.2507.24, a user who holds a role that contains the editlocalapps and installapps capabilities could cause a legitimate app...

7.2CVSS6.1AI score0.00381EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 3 days ago7 views

PT-2026-60234

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.4.1 Splunk Enterprise versions prior to 10.2.5 Splunk Enterprise versions prior to 10.0.8 Splunk Enterprise versions prior to 9.4.13 Splunk Enterprise versions prior to 9.3.14 Splunk Cloud Platform versio...

7.2CVSS6.1AI score0.00381EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/26 3:12 p.m.5 views

CVE-2026-21002

Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application...

5.9CVSS5.9AI score0.00068EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/16 4:32 a.m.3 views

CVE-2026-21002

Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application...

5.9CVSS5.9AI score0.00068EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.8 views

SAMSUNG Galaxy Store 安全漏洞

SAMSUNG Galaxy Store is an application store owned by South Korean company Samsung. Versions of SAMSUNG Galaxy Store prior to version 4.6.03.8 contained security vulnerabilities. These vulnerabilities stemmed from improper encryption signature verification, which could allow local attackers to...

5.9CVSS5.9AI score0.00068EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/04 10:55 a.m.5 views

CVE-2024-34598

Improper export of component in GoodLock prior to version 2.2.04.95 allows local attackers to install arbitrary applications from Galaxy Store...

7.7CVSS6.1AI score0.00111EPSS
Exploits0References1
OSV
OSV
added 2024/04/02 7:15 a.m.10 views

CVE-2024-22092

in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action...

7.4CVSS5.8AI score0.00446EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/02 6:22 a.m.22 views

CVE-2024-22092 Bundlemanager has an authentication bypass vulnerability

in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action...

7.7CVSS7.7AI score0.00446EPSS
Exploits0References1
OSV
OSV
added 2023/02/09 7:15 p.m.6 views

CVE-2023-21433

Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store...

7.8CVSS7.4AI score0.03671EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.9 views

The vulnerability of the Galaxy Store app, related to improper authorization, allows a malicious user to install apps from the Galaxy Store without interacting with the user.

The vulnerability of the Galaxy Store app is related to improper authorization. Exploiting this vulnerability allows a hacker to install apps from the Galaxy Store without any interaction with the user...

7.8CVSS7.2AI score0.00262EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2022/04/29 12:0 a.m.24 views

Xiaomi Mi App Store Open Redirect Vulnerability

A security vulnerability exists in Xiaomi Mi App Store, an app store of Xiaomi, a Chinese company. The vulnerability is due to the Xiaomi App Store not verifying the validity of incoming data, which could be exploited by an attacker to cause the app store to automatically download and install app...

6.1CVSS3.1AI score0.00541EPSS
Exploits0References1
OSV
OSV
added 2022/04/21 6:15 p.m.4 views

CVE-2020-14118

An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by the Mi App Store does not verify the validity of the incoming data, can cause the app store to automatically download and install apps...

6.1CVSS6.4AI score0.00541EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/04/13 12:0 a.m.6 views

PT-2022-2299 · Cisco · Cisco Iox +1

Name of the Vulnerable Software and Affected Versions: Cisco IOx affected versions not specified Description: The issue exists due to incorrect restriction of the directory path name with limited access. An attacker could inject arbitrary commands into the underlying host operating system, execut...

6.8CVSS5.3AI score0.01232EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/04/09 12:0 a.m.7 views

Samsung SMR 输入验证错误漏洞

Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung mobile applications. A security vulnerability exists in versions prior to Samsung SMR APR-2021 Release 1, which allows an unprivileged application to install arbitrary applications, grant device...

8.8CVSS5.8AI score0.00177EPSS
Exploits1References5
CNVD
CNVD
added 2020/04/02 12:0 a.m.4 views

Unspecified Vulnerability in Deskpro (CNVD-2020-22253)

Deskpro is a helpdesk software solution that helps companies manage communication with their customers and user base across multiple channels. A security vulnerability exists in Deskpro. An attacker could exploit the vulnerability to be able to control/install helpdesk applications and disclose t...

8.8CVSS6.8AI score0.01909EPSS
Exploits1References1
CNVD
CNVD
added 2019/12/17 12:0 a.m.3 views

Samsung S7 Edge Access Control Error Vulnerability

Samsung S7 Edge is a smartphone from the South Korean company Samsung Samsung. An access control error vulnerability exists in Samsung S7 Edge. The vulnerability stems from the network system or product not properly restricting access to resources from unauthorized roles. An attacker could exploi...

7.8CVSS6.7AI score0.0031EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/17 12:0 a.m.6 views

Samsung J6 Access Control Error Vulnerability

The Samsung J6 is a smartphone from the South Korean company Samsung Samsung. An access control error vulnerability exists in the Samsung J6. The vulnerability stems from the network system or product not properly restricting access to resources from unauthorized roles. An attacker could exploit...

7.8CVSS6.8AI score0.0031EPSS
Exploits0References1
Rows per page
Query Builder