Vulnerabilities > Oneplus > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-10 CVE-2023-26309 Unspecified vulnerability in Oneplus Store 3.3.0
A remote code execution vulnerability in the webview component of OnePlus Store app.
network
low complexity
oneplus
critical
9.8
2017-08-03 CVE-2017-11105 Unspecified vulnerability in Oneplus Primary Bootloader
The OnePlus 2 Primary Bootloader (PBL) does not validate the SBL1 partition before executing it, although it contains a certificate.
network
low complexity
oneplus
critical
9.8
2017-03-12 CVE-2017-5626 Unspecified vulnerability in Oneplus Oxygenos 3.2.8/3.5.4
OxygenOS before version 4.0.2, on OnePlus 3 and 3T, has two hidden fastboot oem commands (4F500301 and 4F500302) that allow the attacker to lock/unlock the bootloader, disregarding the 'OEM Unlocking' checkbox, without user confirmation and without a factory reset.
network
low complexity
oneplus
critical
9.8
2017-03-12 CVE-2017-5624 Improper Privilege Management vulnerability in Oneplus Oxygenos 3.2.8/3.5.4/4.0.2
An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T.
network
low complexity
oneplus CWE-269
critical
9.8