Shodan
Vulnerabilities
Vulnerable Software
Samsung:  >> Galaxy Store  Security Vulnerabilities
CVE-2025-20951
Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.90.7 allows local attackers to write arbitrary files with the privilege of Galaxy Store.
CVSS Score
5.1
EPSS Score
0.0
Published
2025-04-08
CVE-2025-20895
Authentication Bypass Using an Alternate Path in Galaxy Store prior to version 4.5.87.6 allows physical attackers to install arbitrary applications to bypass restrictions of Setupwizard.
CVSS Score
3.2
EPSS Score
0.0
Published
2025-02-04
CVE-2024-34601
Improper verification of intent by broadcast receiver vulnerability in GalaxyStore prior to version 4.5.81.0 allows local attackers to launch unexported activities of GalaxyStore.
CVSS Score
5.9
EPSS Score
0.0
Published
2024-07-02
CVE-2024-20870
Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.71.8 allows local attackers to write arbitrary files with the privilege of Galaxy Store.
CVSS Score
5.1
EPSS Score
0.001
Published
2024-05-07
CVE-2024-20823
Implicit intent hijacking vulnerability in SamsungAccount of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-02-06
CVE-2024-20824
Implicit intent hijacking vulnerability in VoiceSearch of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-02-06
CVE-2024-20825
Implicit intent hijacking vulnerability in IAP of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-02-06
CVE-2024-20822
Implicit intent hijacking vulnerability in AccountActivity of Galaxy Store prior to version 4.5.63.6 allows local attackers to access sensitive information via implicit intent.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-02-06
CVE-2023-42580
Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store.
CVSS Score
7.5
EPSS Score
0.005
Published
2023-12-05
CVE-2023-42581
Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data.
CVSS Score
7.5
EPSS Score
0.004
Published
2023-12-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved