Page 3 of 21 results (0.012 seconds)

CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0

Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=01 • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=01 • CWE-276: Incorrect Default Permissions CWE-285: Improper Authorization •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. Una vulnerabilidad de comprobación de entrada inapropiada en BillingPackageInsraller de Galaxy Store versiones anteriores a 4.5.41.8 permite a atacantes locales lanzar actividades como privilegio de Galaxy Store • https://security.samsungmobile.com/serviceWeb.smsb?year==2022&month=07 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. Una vulnerabilidad de comprobación de entrada inapropiada en ApexPackageInstaller de Galaxy Store versiones anteriores a 4.5.41.8 permite a atacantes locales iniciar actividades con el privilegio de Galaxy Store • https://security.samsungmobile.com/serviceWeb.smsb?year==2022&month=07 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. Una vulnerabilidad de comprobación de entrada inapropiada en AppsPackageInstaller de Galaxy Store versiones anteriores a 4.5.41.8 permite a atacantes locales iniciar actividades con el privilegio de Galaxy Store • https://security.samsungmobile.com/serviceWeb.smsb?year==2022&month=07 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •