Galaxy Store Security Vulnerabilities and Issues — Galaxy Store CVE List

Lucene search

SamsungGalaxy Store

8 matches found

CVE•added 2023/02/09 7:15 p.m.•62 views

CVE-2023-21434

Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page.

6.2CVSS6.3AI score0.10456EPSS

CVE•added 2023/02/09 7:15 p.m.•59 views

CVE-2023-21433

Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store.

7.8CVSS7.4AI score0.02639EPSS

CVE•added 2023/05/26 10:15 p.m.•59 views

CVE-2023-21514

Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

8.8CVSS8.8AI score0.00135EPSS

CVE•added 2023/05/26 10:15 p.m.•55 views

CVE-2023-21516

XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

9.6CVSS9AI score0.00362EPSS

CVE•added 2023/05/26 10:15 p.m.•41 views

CVE-2023-21515

InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

8.8CVSS8.7AI score0.00183EPSS

CVE•added 2023/08/10 2:15 a.m.•36 views

CVE-2023-30705

Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission.

6.8CVSS5.3AI score0.00048EPSS

CVE•added 2023/12/05 3:15 a.m.•35 views

CVE-2023-42580

Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store.

9.8CVSS9.4AI score0.00501EPSS

CVE•added 2023/12/05 3:15 a.m.•31 views

CVE-2023-42581

Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data.

7.5CVSS7.6AI score0.0038EPSS