15 matches found
PT-2024-19201 · Unknown · Openharmony
Name of the Vulnerable Software and Affected Versions: OpenHarmony versions prior to 3.2.4 Description: The issue allows a remote attacker to bypass permission verification and install apps, although user action is required. Recommendations: For OpenHarmony versions prior to 3.2.4, update to a...
CVE-2023-21326
Summary of CVE-2023-21326 : This Android vulnerability affects the Package Manager Service and allows a local attacker to determine whether an app is installed without query permissions, via a side-channel information disclosure. The impact is information disclosure (confidentiality) with no user...
CVE-2023-21495
Improper access control vulnerability in Knox Enrollment Service prior to SMR May-2023 Release 1 allow attacker install KSP app when device admin is set...
Samsung on7xeltelgt Access Control Error Vulnerability
Samsung on7xeltelgt is a smartphone from the South Korean company Samsung Samsung. An access control error vulnerability exists in Samsung on7xeltelgt. The vulnerability arises from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacke...
CVE-2019-15450
The Samsung j3popeltecan Android device with a build fingerprint of samsung/j3popeltevl/j3popeltecan:8.1.0/M1AJQ/J327WVLS3BSA2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app versionCode=7000100, versionName=7.0.1.0 that allows other...
CVE-2019-15465
The Samsung J7 Pro Android device with a build fingerprint of samsung/j7y17lteubm/j7y17lte:8.1.0/M1AJQ/J730GMUBS6BSC1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app versionCode=7000100, versionName=7.0.1.0 that allows other pre-installed...
CVE-2019-15455
The Samsung J5 Android device with a build fingerprint of samsung/j5y17ltexx/j5y17lte:8.1.0/M1AJQ/J530FXXU3BRL1:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app versionCode=7000100, versionName=7.0.1.0 that allows other pre-installed apps t...
CVE-2019-15454
The CVE-2019-15454 entry describes a vulnerability in the Samsung J4 (Android 8.0, build samsung/j4lteub/j4lte:8.0.0) where a pre-installed app com.samsung.android.themecenter (versionCode 7000000) exposes a component that lets other pre-installed apps perform app installation. Exploitation requi...
CVE-2019-15453
The CVE-2019-15453 entry describes a vulnerability in the Samsung J4 with build Samsung/j4lteub/j4lte:8.0.0/R16NW/J400MUBS2ASC2:user/release-keys, where a pre-installed app (com.samsung.android.themecenter, v7.0.0.0) exposes an accessible component that allows other pre-installed apps to install ...
CVE-2019-15450
The Samsung j3popeltecan Android device with a build fingerprint of samsung/j3popeltevl/j3popeltecan:8.1.0/M1AJQ/J327WVLS3BSA2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app versionCode=7000100, versionName=7.0.1.0 that allows other...
CVE-2019-15444
CVE-2019-15444 affects Samsung S7 on Android 8.0 where a pre-installed app, com.samsung.android.themecenter, exports capabilities that allow other pre-installed apps to perform app installation. The issue stems from the themecenter component, enabling access for apps that can obtain signatureOrSy...
CVE-2019-15443
The CVE-2019-15443 entry concerns Samsung J7 Max running Android 8.1.0 with a pre-installed app (com.samsung.android.themecenter, v7.0.1.0) that can enable other pre-installed apps to perform app installations via an accessible component. The underlying issue is that exported capabilities from th...
CVE-2019-15438
CVE-2019-15438 affects Samsung XCover4 running Android 8.1.0 (build samsung/xcover4ltedo/xcover4lte). A pre-installed app, com.samsung.android.themecenter (v7.0.1.0), exposes a component that lets other pre-installed apps perform app installation. Any pre-installed app with signatureOrSystem perm...
CVE-2019-15436
The Samsung A8+ Android device with a build fingerprint of samsung/jackpot2ltexx/jackpot2lte:8.0.0/R16NW/A730FXXS4BSC2:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app versionCode=7000000, versionName=7.0.0.0 that allows other pre-installed...
CVE-2017-9381
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a user with the capability of installing or deleting apps on the device using the web management interface. It seems that the device does not implement any cross-site request forgery protection...