Filtered by vendor Tecno Subscriptions

Search

Switch to Advanced Search (Beta)
Total 16 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2026-10510 1 Tecno 1 Com.transsion.aiassistantlifestyle 2026-06-02 6.1 Medium
Cross-Site Scripting (XSS) in GeniexWebView component in Transsion AI Assistant Lifestyle application (com.transsion.aiassistantlifestyle) all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted web_action_data URL parameter.
CVE-2024-10018 1 Tecno 1 Com.transsion.aivoiceassistant 2026-04-15 9.8 Critical
Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead to the launch of any unexported component.
CVE-2025-6172 1 Tecno 1 Com.afmobi.boomplayer 2026-04-15 9.8 Critical
Permission vulnerability in the mobile application (com.afmobi.boomplayer) may lead to the risk of unauthorized operation.
CVE-2025-4737 1 Tecno 1 Com.transsion.aivoiceassistant 2026-04-15 6.2 Medium
Insufficient encryption vulnerability in the mobile application (com.transsion.aivoiceassistant) may lead to the risk of sensitive information leakage.
CVE-2024-8039 1 Tecno 1 Com.afmobi.boomplayer 2026-04-15 9.8 Critical
Improper permission configurationDomain configuration vulnerability of the mobile application (com.afmobi.boomplayer) can lead to account takeover risks.
CVE-2024-11206 1 Tecno 1 Com.transsion.phoenix 2026-04-15 7.5 High
Unauthorized access vulnerability in the mobile application (com.transsion.phoenix) can lead to the leakage of user information.
CVE-2024-5163 1 Tecno 1 Com.transsion.carlcare 2026-04-15 9.8 Critical
Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user password and account security risks.
CVE-2025-1298 1 Tecno 1 Com.transsion.carlcare 2026-04-15 9.8 Critical
Logic vulnerability in the mobile application (com.transsion.carlcare) may lead to the risk of account takeover.
CVE-2025-15385 2 Google, Tecno 3 Android, Boomplay, Com.afmobi.boomplayer 2026-01-30 9.8 Critical
Insufficient Verification of Data Authenticity vulnerability in TECNO Mobile com.Afmobi.Boomplayer allows Authentication Bypass.This issue affects com.Afmobi.Boomplayer: 7.4.63.
CVE-2025-14817 3 Google, Tecno, Transsion 4 Android, Factory Mode App, Hios and 1 more 2026-01-05 6.5 Medium
The component com.transsion.tranfacmode.entrance.main.MainActivity in com.transsion.tranfacmode has no permission control and can be accessed by third-party apps which can construct intents to directly open adb debugging functionality without user interaction.
CVE-2025-9056 1 Tecno 2 Audiolink, Com.transsion.audiosmartconnect 2026-01-02 5.3 Medium
Unprotected service in the AudioLink component allows a local attacker to overwrite system files via unauthorized service invocation.
CVE-2025-3698 1 Tecno 1 Carlcare 2025-11-13 7.5 High
Interface exposure vulnerability in the mobile application (com.transsion.carlcare) may lead to information leakage risk.
CVE-2025-2190 1 Tecno 1 Com.transsnet.store 2025-11-13 8.1 High
The mobile application (com.transsnet.store) has a man-in-the-middle attack vulnerability, which may lead to code injection risks.
CVE-2024-7697 2 Tecno, Transsion 2 Com.transsion.carlcare, Carlcare 2025-11-13 7.5 High
Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user information leakage risks.
CVE-2024-3701 1 Tecno 1 Hios 2025-06-17 9.8 Critical
The system application (com.transsion.kolun.aiservice) component does not perform an authentication check, which allows attackers to perform malicious exploitations and affect system services.
CVE-2019-15417 1 Tecno 2 Spark Pro, Spark Pro Firmware 2024-11-21 7.8 High
The Tecno Spark Pro Android device with a build fingerprint of TECNO/H3722/TECNO-K8:7.0/NRD90M/K8-H3722ABCDE-N-171229V96:user/release-keys contains a pre-installed app with a package name of com.lovelyfont.defcontainer app (versionCode=7, versionName=7.0.5) that allows unauthorized dynamic code loading via a confused deputy attack. This capability can be accessed by any app co-located on the device.