Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oneplus vulnerabilities and exploits
(subscribe to this query)
3.6
CVSSv2
CVE-2017-5622
With OxygenOS prior to 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. Therefore, a malicious charger or a physical attacker can open up, without authorization, an ADB session with the device, in order to further ...
Oneplus Oxygenos
2.1
CVSSv2
CVE-2020-13626
OnePlus App Locker through 2020-10-06 allows physically proximate malicious users to use Google Assistant to bypass an authorization check in order to send an SMS message when the SMS application is locked.
Oneplus App Locker
2.1
CVSSv2
CVE-2020-7958
An issue exists on OnePlus 7 Pro devices prior to 10.0.3.GM21BA. The firmware was found to contain functionality that allows a privileged user (root) in the Rich Execution Environment (REE) to obtain bitmap images from the fingerprint sensor because of Leftover Debug Code. The is...
Oneplus Oneplus 7 Pro Firmware
1 Github repository
2.1
CVSSv2
CVE-2017-5625
In OxygenOS prior to 4.0.3 on OnePlus 3 and 3T devices, an unauthorized attacker can cause a locked bootloader to partially dump the ciphertext content of an arbitrary partition (except 'keystore') by issuing the 'fastboot oem dump <partition>' fastboot ...
Oneplus Oxygenos
NA
CVE-2023-26309
A remote code execution vulnerability in the webview component of OnePlus Store app.
Oneplus Store 3.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2