Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oneplus vulnerabilities and exploits
(subscribe to this query)
3.6
CVSSv2
CVE-2017-5622
With OxygenOS prior to 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. Therefore, a malicious charger or a physical attacker can open up, without authorization, an ADB session with the device, in order to further ...
Oneplus Oxygenos
2.1
CVSSv2
CVE-2020-13626
OnePlus App Locker through 2020-10-06 allows physically proximate malicious users to use Google Assistant to bypass an authorization check in order to send an SMS message when the SMS application is locked.
Oneplus App Locker
2.1
CVSSv2
CVE-2020-7958
An issue exists on OnePlus 7 Pro devices prior to 10.0.3.GM21BA. The firmware was found to contain functionality that allows a privileged user (root) in the Rich Execution Environment (REE) to obtain bitmap images from the fingerprint sensor because of Leftover Debug Code. The is...
Oneplus Oneplus 7 Pro Firmware
1 Github repository
2.1
CVSSv2
CVE-2017-5625
In OxygenOS prior to 4.0.3 on OnePlus 3 and 3T devices, an unauthorized attacker can cause a locked bootloader to partially dump the ciphertext content of an arbitrary partition (except 'keystore') by issuing the 'fastboot oem dump <partition>' fastboot ...
Oneplus Oxygenos
NA
CVE-2023-26309
A remote code execution vulnerability in the webview component of OnePlus Store app.
Oneplus Store 3.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2