Vulnerabilities > Oppo
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-10 | CVE-2023-26311 | Unspecified vulnerability in Oppo Store 1.5.11 A remote code execution vulnerability in the webview component of OPPO Store app. | 9.8 |
| 2023-08-09 | CVE-2023-26310 | Command Injection vulnerability in Oppo Coloros 12.3 There is a command injection problem in the old version of the mobile phone backup app. | 9.8 |
| 2022-04-01 | CVE-2021-23247 | Command Injection vulnerability in Oppo Quick APP 4.5.0 A command injection vulerability found in quick game engine allows arbitrary remote code in quick app. | 9.8 |
| 2022-03-11 | CVE-2021-23246 | Unspecified vulnerability in Oppo Coloros 11 In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user information disclosure. | 7.5 |
| 2021-12-27 | CVE-2021-23244 | Unspecified vulnerability in Oppo Coloros 11 ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission. | 7.8 |
| 2020-12-31 | CVE-2020-11835 | Out-of-bounds Write vulnerability in Oppo Find X2 PRO Firmware and Reno3 PRO Firmware In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_da9313.c, failure to check the parameter buf in the function proc_work_mode_write in proc_work_mode_write causes a vulnerability. | 5.5 |
| 2020-12-31 | CVE-2020-11834 | Out-of-bounds Write vulnerability in Oppo Find X2 PRO Firmware and Reno3 PRO Firmware In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_vooc.c, the function proc_fastchg_fw_update_write in proc_fastchg_fw_update_write does not check the parameter len, resulting in a vulnerability. | 5.5 |
| 2020-12-31 | CVE-2020-11833 | Out-of-bounds Write vulnerability in Oppo Find X2 PRO Firmware and Reno3 PRO Firmware In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_mp2650.c, the function mp2650_data_log_write in mp2650_data_log_write does not check the parameter len which causes a vulnerability. | 5.5 |
| 2020-12-31 | CVE-2020-11832 | Out-of-bounds Write vulnerability in Oppo Find X2 PRO Firmware and Reno3 PRO Firmware In functions charging_limit_current_write and charging_limit_time_write in /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.c have not checked the parameters, which causes a vulnerability. | 5.5 |
| 2020-11-19 | CVE-2020-11831 | Incorrect Permission Assignment for Critical Resource vulnerability in Oppo Ovoicemanager 2.0.1 OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected product is com.oppo.ovoicemanager V2.0.1. | 9.8 |