CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21434
https://notcve.org/view.php?id=CVE-2023-21434
Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=01 • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21433
https://notcve.org/view.php?id=CVE-2023-21433
Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store. • https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=01 • CWE-276: Incorrect Default Permissions CWE-285: Improper Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-33710
https://notcve.org/view.php?id=CVE-2022-33710
Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. Una vulnerabilidad de comprobación de entrada inapropiada en BillingPackageInsraller de Galaxy Store versiones anteriores a 4.5.41.8 permite a atacantes locales lanzar actividades como privilegio de Galaxy Store • https://security.samsungmobile.com/serviceWeb.smsb?year==2022&month=07 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-33709
https://notcve.org/view.php?id=CVE-2022-33709
Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. Una vulnerabilidad de comprobación de entrada inapropiada en ApexPackageInstaller de Galaxy Store versiones anteriores a 4.5.41.8 permite a atacantes locales iniciar actividades con el privilegio de Galaxy Store • https://security.samsungmobile.com/serviceWeb.smsb?year==2022&month=07 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-33708
https://notcve.org/view.php?id=CVE-2022-33708
Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. Una vulnerabilidad de comprobación de entrada inapropiada en AppsPackageInstaller de Galaxy Store versiones anteriores a 4.5.41.8 permite a atacantes locales iniciar actividades con el privilegio de Galaxy Store • https://security.samsungmobile.com/serviceWeb.smsb?year==2022&month=07 • CWE-20: Improper Input Validation CWE-269: Improper Privilege Management •