24 matches found
CVE-2026-20297
In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, 9.4.13, and 9.3.14, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.6, 10.2.2510.18, and 10.1.2507.24, a user who holds a role that contains the editlocalapps and installapps capabilities could cause a legitimate app...
CVE-2026-20297 Path Traversal through 'explicit_appname' in the App Install REST Endpoint in Splunk Enterprise
In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, 9.4.13, and 9.3.14, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.6, 10.2.2510.18, and 10.1.2507.24, a user who holds a role that contains the editlocalapps and installapps capabilities could cause a legitimate app...
EUVD-2026-44736
In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, 9.4.13, and 9.3.14, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.6, 10.2.2510.18, and 10.1.2507.24, a user who holds a role that contains the editlocalapps and installapps capabilities could cause a legitimate app...
CVE-2026-20297
In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, 9.4.13, and 9.3.14, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.6, 10.2.2510.18, and 10.1.2507.24, a user who holds a role that contains the editlocalapps and installapps capabilities could cause a legitimate app...
PT-2026-60234
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.4.1 Splunk Enterprise versions prior to 10.2.5 Splunk Enterprise versions prior to 10.0.8 Splunk Enterprise versions prior to 9.4.13 Splunk Enterprise versions prior to 9.3.14 Splunk Cloud Platform versio...
CVE-2026-21002
Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application...
CVE-2026-21002
Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application...
SAMSUNG Galaxy Store 安全漏洞
SAMSUNG Galaxy Store is an application store owned by South Korean company Samsung. Versions of SAMSUNG Galaxy Store prior to version 4.6.03.8 contained security vulnerabilities. These vulnerabilities stemmed from improper encryption signature verification, which could allow local attackers to...
CVE-2024-34598
Improper export of component in GoodLock prior to version 2.2.04.95 allows local attackers to install arbitrary applications from Galaxy Store...
CVE-2024-22092
in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action...
CVE-2024-22092 Bundlemanager has an authentication bypass vulnerability
in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action...
CVE-2023-21433
Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store...
The vulnerability of the Galaxy Store app, related to improper authorization, allows a malicious user to install apps from the Galaxy Store without interacting with the user.
The vulnerability of the Galaxy Store app is related to improper authorization. Exploiting this vulnerability allows a hacker to install apps from the Galaxy Store without any interaction with the user...
Xiaomi Mi App Store Open Redirect Vulnerability
A security vulnerability exists in Xiaomi Mi App Store, an app store of Xiaomi, a Chinese company. The vulnerability is due to the Xiaomi App Store not verifying the validity of incoming data, which could be exploited by an attacker to cause the app store to automatically download and install app...
CVE-2020-14118
An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by the Mi App Store does not verify the validity of the incoming data, can cause the app store to automatically download and install apps...
PT-2022-2299 · Cisco · Cisco Iox +1
Name of the Vulnerable Software and Affected Versions: Cisco IOx affected versions not specified Description: The issue exists due to incorrect restriction of the directory path name with limited access. An attacker could inject arbitrary commands into the underlying host operating system, execut...
Samsung SMR 输入验证错误漏洞
Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung mobile applications. A security vulnerability exists in versions prior to Samsung SMR APR-2021 Release 1, which allows an unprivileged application to install arbitrary applications, grant device...
Unspecified Vulnerability in Deskpro (CNVD-2020-22253)
Deskpro is a helpdesk software solution that helps companies manage communication with their customers and user base across multiple channels. A security vulnerability exists in Deskpro. An attacker could exploit the vulnerability to be able to control/install helpdesk applications and disclose t...
Samsung S7 Edge Access Control Error Vulnerability
Samsung S7 Edge is a smartphone from the South Korean company Samsung Samsung. An access control error vulnerability exists in Samsung S7 Edge. The vulnerability stems from the network system or product not properly restricting access to resources from unauthorized roles. An attacker could exploi...
Samsung J6 Access Control Error Vulnerability
The Samsung J6 is a smartphone from the South Korean company Samsung Samsung. An access control error vulnerability exists in the Samsung J6. The vulnerability stems from the network system or product not properly restricting access to resources from unauthorized roles. An attacker could exploit...