VYPR

Vivvo

by Vivvo

CVEs (14)

  • CVE-2026-11535CriJun 12, 2026
    risk 0.61cvss epss 0.00

    An unauthorized access vulnerability exists in the PcSuite APP. The vulnerability can be exploited by attackers to Unauthorized access to the victim’s device.

  • CVE-2024-13186HigJan 8, 2025
    risk 0.49cvss 7.5epss 0.00

    The MinigameCenter module has insufficient restrictions on loading URLs, which may lead to some information leakage.

  • CVE-2024-13185HigJan 8, 2025
    risk 0.49cvss 7.5epss 0.00

    The MinigameCenter module has insufficient restrictions on loading URLs, which may lead to some information leakage.

  • CVE-2024-13173HigJan 8, 2025
    risk 0.49cvss 7.5epss 0.00

    The health module has insufficient restrictions on loading URLs, which may lead to some information leakage.

  • CVE-2021-26278MedDec 17, 2024
    risk 0.41cvss 6.3epss 0.00

    The wifi module exposes the interface and has improper permission control, leaking sensitive information about the device.

  • CVE-2025-15515MedMar 13, 2026
    risk 0.36cvss 5.5epss 0.00

    The authentication mechanism for a specific feature in the EasyShare module contains a vulnerability. If specific conditions are met on a local network, it can cause data leakage

  • CVE-2026-12058MedJun 12, 2026
    risk 0.34cvss epss 0.00

    The connection confirmation pop-up of a specific feature in the PcSuite can be bypassed.

  • CVE-2009-3787Oct 26, 2009
    risk 0.04cvss epss 0.07

    files.php in Vivvo CMS 4.1.5.1 allows remote attackers to conduct directory traversal attacks and read arbitrary files via the file parameter with "logs/" in between two . (dot) characters, which is filtered into a "../" sequence.

  • CVE-2020-12488Nov 10, 2021
    risk 0.00cvss epss 0.00

    The attacker can access the sensitive information stored within the jovi Smart Scene module by entering carefully constructed commands without requesting permission.

  • CVE-2018-15000Apr 25, 2019
    risk 0.00cvss epss 0.00

    The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.smartshot (versionCode=1, versionName=3.0.0). This app contains an exported service named…

  • CVE-2018-15001Dec 28, 2018
    risk 0.00cvss epss 0.00

    The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.bsptest (versionCode=1, versionName=1.0) containing an exported activity app component named…

  • CVE-2018-15002Dec 28, 2018
    risk 0.00cvss epss 0.00

    The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys allows any app co-located on the device to set system properties as the com.android.phone user. The com.qualcomm.qti.modemtestmode app (versionCode=25, versionName=7.1.2)…

  • CVE-2008-6801May 7, 2009
    risk 0.00cvss epss 0.00

    Cross-site request forgery (CSRF) vulnerability in Vivvo CMS before 4.0.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

  • CVE-2009-0466Feb 10, 2009
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Vivvo CMS before 4.1.1 allows remote attackers to inject arbitrary web script or HTML via a URI that triggers a 404 Page Not Found response.