Vulnerabilities > Oneplus > Oxygenos
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-29 | CVE-2017-5947 | Unspecified vulnerability in Oneplus Oxygenos An issue was discovered in OnePlus One, X, 2, 3, 3T, and 5 devices with OxygenOS 5.0 and earlier. low complexity oneplus | 6.8 |
| 2017-05-11 | CVE-2017-8851 | Cleartext Transmission of Sensitive Information vulnerability in Oneplus Oxygenos An issue was discovered on OnePlus One and X devices. | 5.9 |
| 2017-05-11 | CVE-2017-8850 | Cleartext Transmission of Sensitive Information vulnerability in Oneplus Oxygenos An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. | 5.9 |
| 2017-05-11 | CVE-2017-5948 | Improper Input Validation vulnerability in Oneplus Oxygenos An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. | 5.9 |
| 2017-05-11 | CVE-2016-10370 | Improper Access Control vulnerability in Oneplus Oxygenos An issue was discovered on OnePlus devices such as the 3T. | 7.5 |
| 2017-04-25 | CVE-2017-5625 | NULL Pointer Dereference vulnerability in Oneplus Oxygenos 3.2.8/3.5.4/4.0.2 In OxygenOS before 4.0.3 on OnePlus 3 and 3T devices, an unauthorized attacker can cause a locked bootloader to partially dump the ciphertext content of an arbitrary partition (except 'keystore') by issuing the 'fastboot oem dump <partition>' fastboot command. | 4.6 |
| 2017-03-26 | CVE-2017-5622 | Incorrect Default Permissions vulnerability in Oneplus Oxygenos 3.2.8/3.5.4/4.0.2 With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. | 5.9 |
| 2017-03-19 | CVE-2017-5623 | Improper Privilege Management vulnerability in Oneplus Oxygenos An issue was discovered in OxygenOS before 4.1.0 on OnePlus 3 and 3T devices. | 6.6 |
| 2017-03-12 | CVE-2017-5626 | Unspecified vulnerability in Oneplus Oxygenos 3.2.8/3.5.4 OxygenOS before version 4.0.2, on OnePlus 3 and 3T, has two hidden fastboot oem commands (4F500301 and 4F500302) that allow the attacker to lock/unlock the bootloader, disregarding the 'OEM Unlocking' checkbox, without user confirmation and without a factory reset. | 9.8 |
| 2017-03-12 | CVE-2017-5624 | Improper Privilege Management vulnerability in Oneplus Oxygenos 3.2.8/3.5.4/4.0.2 An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. | 9.8 |