Samsung | writeups.xyz

Title	Vulnerabilities	Programs	Authors
Uncovering a Critical Vulnerability in Samsung Mobile Security: A Bug Bounty Journey	Android Account Takeover	Samsung	David Albert
The Old, The New and The Bypass - One-click/Open-redirect to own Samsung S22 at Pwn2Own 2022	Open Redirect Insecure Deeplink Android	Samsung	Nguyễn Tiến Giang (@Testanull)
The Fuzzing Guide to the Galaxy: An Attempt with Android System Services	Android Fuzzing Heap Overflow Integer Overflow Out-of-Bounds Write Memory Corruption Local Privilege Escalation	Samsung	Anthony Remy
Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434)	Android Insecure Intent Insecure Deeplink URL Validation Bypass	Samsung	Ken Gannon (@Yogehi)
Discovering vendor-specific vulnerabilities in Android	Android	Samsung Google	Oversecured (@OversecuredInc)
SSD Advisory – Galaxy Store Applications Installation/Launching without User Interaction	XSS	Samsung	-
CSRF leads to Account Takeover \| Samsung	CSRF Account Takeover	Samsung	R Ando (@Rando02355205)
The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)	Memory Corruption Race Condition Local Privilege Escalation Android	Linux Kernel Organization Google Samsung	Xingyu Jin
Samsung Flow - Any App Can Read The External Storage	Android Insecure Intent	Samsung	Ken Gannon (@Yogehi)
Samsung Galaxy - Any App Can Install Any App In The Galaxy App Store	Android Insecure Intent	Samsung	Ken Gannon (@Yogehi)
Hacked Instagram Handle Of Samsung….	Broken Link Hijacking	Samsung	Amit Kumar (@Amitlt2)
Two weeks of securing Samsung devices: Part 2	Arbitrary File Write Arbitrary File Read Vulnerable Android Content Provider Android	Samsung	Oversecured (@OversecuredInc)
Two weeks of securing Samsung devices: Part 1	Arbitrary File Write Insecure Intent Android	Samsung	Oversecured (@OversecuredInc)
Broken Access Control on samsung.com subdomain leads to Mass Account Takeover of Samsung employees application accounts	Information Disclosure Account Takeover Broken Authorization	Samsung	Gal Nagli (@Naglinagli)
Samsung S20 - RCE via Samsung Galaxy Store App	RCE	Samsung	F-Secure
SVE-2020-18025: Unauthorised access to Samsung secure folder files	Broken Authorization	Samsung	Rahul Kankrale (@RahulKankrale)
Journey Of My First Bug Bounty (Nov 2018)	Authentication Bypass	Samsung	Harsh Tyagi (@Harshtya9i)
Multiple Kernel Vulnerabilities Affecting All Qualcomm Devices	Memory Corruption Race Condition	Qalcomm Samsung	Tamir Zahavi-Brunner (@Tamir_zb)
How “Recon” helped Samsung protect their production repositories of SamsungTv, eCommerce / eStores	Information Disclosure	Samsung	Prateek Tiwari
Samsung Galaxy Apps MiTM vulnerabilities	MiTM Android	Samsung	Simone Margaritelli (@Evilsocket)

Page 1 of 1