Vendor CVEs
Oppo
All CVEs
22 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-1610 | Cri | 0.64 | 9.8 | 0.01 | Dec 18, 2024 | In OPPO Store APP, there's a possible escalation of privilege due to improper input validation. | ||
| CVE-2024-1609 | Hig | 0.57 | — | 0.00 | Dec 25, 2024 | In OPPOStore iOS App, there's a possible escalation of privilege due to improper input validation. | ||
| CVE-2025-27387 | Hig | 0.48 | 7.4 | 0.00 | Jun 23, 2025 | OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure. | ||
| CVE-2026-22070 | Hig | 0.46 | 7.1 | 0.00 | Apr 30, 2026 | ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal. | ||
| CVE-2026-22077 | Med | 0.36 | — | 0.00 | Apr 27, 2026 | OPPO Wallet APP contains a trusted domain validation flaw that allows attackers to bypass protected interface access restrictions, which may lead to account token hijacking and sensitive information disclosure. | ||
| CVE-2025-27389 | Med | 0.33 | — | 0.00 | Dec 5, 2025 | A flaw exists in the verification of application installation sources within ColorOS. Under specific conditions, this issue may cause the risk detection mechanism to fail, which could allow malicious applications to be installed without proper warning. | ||
| CVE-2024-1608 | 0.00 | — | 0.00 | Feb 20, 2024 | In OPPO Usercenter Credit SDK, there's a possible escalation of privilege due to loose permission check, This could lead to application internal information leak w/o user interaction. | |||
| CVE-2023-26311 | 0.00 | — | 0.01 | Aug 10, 2023 | A remote code execution vulnerability in the webview component of OPPO Store app. | |||
| CVE-2021-23247 | 0.00 | — | 0.02 | Apr 1, 2022 | A command injection vulerability found in quick game engine allows arbitrary remote code in quick app. Allows remote attacke0rs to gain arbitrary code execution in quick game engine | |||
| CVE-2021-23246 | 0.00 | — | 0.01 | Mar 11, 2022 | In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user information disclosure. | |||
| CVE-2021-37103 | 0.00 | — | 0.00 | Feb 25, 2022 | There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-23244 | 0.00 | — | 0.01 | Dec 27, 2021 | ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission. | |||
| CVE-2021-23243 | 0.00 | — | 0.00 | Sep 27, 2021 | In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used. | |||
| CVE-2020-11836 | 0.00 | — | 0.00 | Feb 5, 2021 | OPPO Android Phone with MTK chipset and Android 8.1/9/10/11 versions have an information leak vulnerability. The “adb shell getprop ro.vendor.aee.enforcing” or “adb shell getprop ro.vendor.aee.enforcing” return no. | |||
| CVE-2019-3405 | 0.00 | — | 0.01 | Jan 11, 2021 | In the 3.1.3.64296 and lower version of 360F5, the third party can trigger the device to send a deauth frame by constructing and sending a specific illegal 802.11 Null Data Frame, which will cause other wireless terminals connected to disconnect from the wireless, so as to… | |||
| CVE-2020-11835 | 0.00 | — | 0.00 | Dec 31, 2020 | In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_da9313.c, failure to check the parameter buf in the function proc_work_mode_write in proc_work_mode_write causes a vulnerability. | |||
| CVE-2020-11832 | 0.00 | — | 0.00 | Dec 31, 2020 | In functions charging_limit_current_write and charging_limit_time_write in /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.c have not checked the parameters, which causes a vulnerability. | |||
| CVE-2020-11831 | 0.00 | — | 0.01 | Nov 19, 2020 | OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected product is com.oppo.ovoicemanager V2.0.1. | |||
| CVE-2020-11830 | 0.00 | — | 0.01 | Nov 19, 2020 | QualityProtect has a vulnerability to execute arbitrary system commands, affected product is com.oppo.qualityprotect V2.0. | |||
| CVE-2020-11829 | 0.00 | — | 0.01 | Nov 19, 2020 | Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722. | |||
| CVE-2020-11828 | 0.00 | — | 0.01 | Apr 21, 2020 | In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is… | |||
| CVE-2018-14996 | 0.00 | — | 0.01 | Apr 25, 2019 | The Oppo F5 Android device with a build fingerprint of OPPO/CPH1723/CPH1723:7.1.1/N6F26Q/1513597833:user/release-keys contains a pre-installed platform app with a package name of com.dropboxchmod (versionCode=1, versionName=1.0) that contains an exported service named… |
- risk 0.64cvss 9.8epss 0.01
In OPPO Store APP, there's a possible escalation of privilege due to improper input validation.
- risk 0.57cvss —epss 0.00
In OPPOStore iOS App, there's a possible escalation of privilege due to improper input validation.
- risk 0.48cvss 7.4epss 0.00
OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information disclosure.
- risk 0.46cvss 7.1epss 0.00
ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal.
- risk 0.36cvss —epss 0.00
OPPO Wallet APP contains a trusted domain validation flaw that allows attackers to bypass protected interface access restrictions, which may lead to account token hijacking and sensitive information disclosure.
- risk 0.33cvss —epss 0.00
A flaw exists in the verification of application installation sources within ColorOS. Under specific conditions, this issue may cause the risk detection mechanism to fail, which could allow malicious applications to be installed without proper warning.
- CVE-2024-1608Feb 20, 2024risk 0.00cvss —epss 0.00
In OPPO Usercenter Credit SDK, there's a possible escalation of privilege due to loose permission check, This could lead to application internal information leak w/o user interaction.
- CVE-2023-26311Aug 10, 2023risk 0.00cvss —epss 0.01
A remote code execution vulnerability in the webview component of OPPO Store app.
- CVE-2021-23247Apr 1, 2022risk 0.00cvss —epss 0.02
A command injection vulerability found in quick game engine allows arbitrary remote code in quick app. Allows remote attacke0rs to gain arbitrary code execution in quick game engine
- CVE-2021-23246Mar 11, 2022risk 0.00cvss —epss 0.01
In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user information disclosure.
- CVE-2021-37103Feb 25, 2022risk 0.00cvss —epss 0.00
There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-23244Dec 27, 2021risk 0.00cvss —epss 0.01
ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission.
- CVE-2021-23243Sep 27, 2021risk 0.00cvss —epss 0.00
In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used.
- CVE-2020-11836Feb 5, 2021risk 0.00cvss —epss 0.00
OPPO Android Phone with MTK chipset and Android 8.1/9/10/11 versions have an information leak vulnerability. The “adb shell getprop ro.vendor.aee.enforcing” or “adb shell getprop ro.vendor.aee.enforcing” return no.
- CVE-2019-3405Jan 11, 2021risk 0.00cvss —epss 0.01
In the 3.1.3.64296 and lower version of 360F5, the third party can trigger the device to send a deauth frame by constructing and sending a specific illegal 802.11 Null Data Frame, which will cause other wireless terminals connected to disconnect from the wireless, so as to…
- CVE-2020-11835Dec 31, 2020risk 0.00cvss —epss 0.00
In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_da9313.c, failure to check the parameter buf in the function proc_work_mode_write in proc_work_mode_write causes a vulnerability.
- CVE-2020-11832Dec 31, 2020risk 0.00cvss —epss 0.00
In functions charging_limit_current_write and charging_limit_time_write in /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.c have not checked the parameters, which causes a vulnerability.
- CVE-2020-11831Nov 19, 2020risk 0.00cvss —epss 0.01
OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected product is com.oppo.ovoicemanager V2.0.1.
- CVE-2020-11830Nov 19, 2020risk 0.00cvss —epss 0.01
QualityProtect has a vulnerability to execute arbitrary system commands, affected product is com.oppo.qualityprotect V2.0.
- CVE-2020-11829Nov 19, 2020risk 0.00cvss —epss 0.01
Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722.
- CVE-2020-11828Apr 21, 2020risk 0.00cvss —epss 0.01
In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is…
- CVE-2018-14996Apr 25, 2019risk 0.00cvss —epss 0.01
The Oppo F5 Android device with a build fingerprint of OPPO/CPH1723/CPH1723:7.1.1/N6F26Q/1513597833:user/release-keys contains a pre-installed platform app with a package name of com.dropboxchmod (versionCode=1, versionName=1.0) that contains an exported service named…