Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vivo vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-17463
Vivo modems allow remote malicious users to obtain sensitive information by reading the index.cgi?page=wifi HTML source code, as demonstrated by ssid and psk_wepkey fields.
Vivo Modem Firmware -
NA
CVE-2021-26277
The framework service handles pendingIntent incorrectly, allowing a malicious application with certain privileges to perform privileged actions.
Vivo Frame Service
3.3
CVSSv2
CVE-2018-15000
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.smartshot (versionCode=1, versionName=3.0.0). This app contains an exported service named com.vivo.smartshot...
Vivo V7 Firmware -
5.8
CVSSv2
CVE-2020-12483
The appstore prior to 8.12.0.0 exposes some of its components, and the attacker can cause remote download and install apps through carefully constructed parameters.
Vivo Appstore
2.1
CVSSv2
CVE-2018-15001
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.bsptest (versionCode=1, versionName=1.0) containing an exported activity app component named com.vivo.bsptes...
Vivo V7 Firmware 1.0
1.9
CVSSv2
CVE-2018-15002
The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys allows any app co-located on the device to set system properties as the com.android.phone user. The com.qualcomm.qti.modemtestmode app (versionCode=25, versionName=7.1.2) t...
Vivo V7 Firmware 7.1.2
2.1
CVSSv2
CVE-2020-12488
The attacker can access the sensitive information stored within the jovi Smart Scene module by entering carefully constructed commands without requesting permission.
Vivo Jovi Smart Scene
4.9
CVSSv2
CVE-2020-12485
The frame touch module does not make validity judgments on parameter lengths when processing specific parameters,which caused out of the boundary when memory access.The vulnerability eventually leads to a local DOS on the device.
Vivo Frame Touch Module 10
NA
CVE-2023-31893
Telefnica Brasil Vivo Play (IPTV) Firmware: 2023.04.04.01.06.15 is vulnerable to Denial of Service (DoS) via DNS Recursion.
Telefonica Brasil Vivo Play Firmware 2023.04.04.01.06.15
5
CVSSv2
CVE-2019-6986
SPARQL Injection in VIVO Vitro v1.10.0 allows a remote malicious user to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service (ReDoS), as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request.
Duraspace Vitro 1.10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started