Galaxy Store
Monthly
Galaxy Store versions up to 4.6.02 contains a vulnerability that allows attackers to execute arbitrary script (CVSS 7.8).
A security vulnerability in Galaxy Store for Galaxy Watch (CVSS 5.9) that allows local attacker. Remediation should follow standard vulnerability management procedures.
Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.90.7 allows local attackers to write arbitrary files with the privilege of Galaxy Store. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Authentication Bypass Using an Alternate Path in Galaxy Store prior to version 4.5.87.6 allows physical attackers to install arbitrary applications to bypass restrictions of Setupwizard. Rated low severity (CVSS 3.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Galaxy Store versions up to 4.6.02 contains a vulnerability that allows attackers to execute arbitrary script (CVSS 7.8).
A security vulnerability in Galaxy Store for Galaxy Watch (CVSS 5.9) that allows local attacker. Remediation should follow standard vulnerability management procedures.
Improper verification of intent by broadcast receiver vulnerability in Galaxy Store prior to version 4.5.90.7 allows local attackers to write arbitrary files with the privilege of Galaxy Store. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Authentication Bypass Using an Alternate Path in Galaxy Store prior to version 4.5.87.6 allows physical attackers to install arbitrary applications to bypass restrictions of Setupwizard. Rated low severity (CVSS 3.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.