Vulnerabilities > Samsung > Galaxy Store > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2024-20822 | Unspecified vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Implicit intent hijacking vulnerability in AccountActivity of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | 5.5 |
| 2024-02-06 | CVE-2024-20823 | Unspecified vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Implicit intent hijacking vulnerability in SamsungAccount of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | 5.5 |
| 2024-02-06 | CVE-2024-20824 | Unspecified vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Implicit intent hijacking vulnerability in VoiceSearch of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | 5.5 |
| 2024-02-06 | CVE-2024-20825 | Unspecified vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Implicit intent hijacking vulnerability in IAP of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent. | 5.5 |
| 2023-08-10 | CVE-2023-30705 | Incorrect Authorization vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.56.6?allows local attackers to access privileged content providers as Galaxy Store permission. | 5.5 |
| 2023-02-09 | CVE-2023-21434 | Cross-site Scripting vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8 Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page. | 6.1 |
| 2022-05-03 | CVE-2022-28791 | Improper Input Validation vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4 Improper input validation vulnerability in InstallAgent in Galaxy Store prior to version 4.5.41.8 allows attacker to overwrite files stored in a specific path. | 5.5 |
| 2022-04-11 | CVE-2022-28542 | Incorrect Authorization vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4 Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local attackers to access privileged content providers as Galaxy Store permission. | 5.5 |
| 2022-04-11 | CVE-2022-28544 | Path Traversal vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4 Path traversal vulnerability in unzip method of InstallAgentCommonHelper in Galaxy store prior to version 4.5.40.5 allows attacker to access the file of Galaxy store. | 5.5 |
| 2021-10-06 | CVE-2021-25499 | Unspecified vulnerability in Samsung Galaxy Store Intent redirection vulnerability in SamsungAccountSDKSigninActivity of Galaxy Store prior to version 4.5.32.4 allows attacker to access content provider of Galaxy Store. | 5.5 |