Htc

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2013-10001 1Htc 1Mail Nov 21, 2024 May 17, 2022 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used.
CVE-2019-12177 1Htc 1Viveport Nov 21, 2024 Jun 3, 2019 N/A· v4 7.8 HIGH· v3 9.3 HIGH· v2 Privilege escalation due to insecure directory permissions affecting ViveportDesktopService in HTC VIVEPORT before 1.0.0.36 allows local attackers to escalate privileges via DLL hijacking.
CVE-2019-12176 1Htc 1Viveport Nov 21, 2024 Jun 3, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 Privilege escalation in the "HTC Account Service" and "ViveportDesktopService" in HTC VIVEPORT before 1.0.0.36 allows local attackers to escalate privileges to SYSTEM via reconfiguration of either service.
CVE-2018-1170 2Htc Volkswagen 2Customer Link Customer Link Bridge Nov 21, 2024 Mar 2, 2018 N/A· v4 8.8 HIGH· v3 8.3 HIGH· v2 This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App 1.30 and HTC Customer-Link Bridge. Authentication is not requi...Show more This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App 1.30 and HTC Customer-Link Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Customer-Link App and Customer-Link Bridge. The issue results from the lack of a proper protection mechanism against unauthorized firmware updates. An attacker can leverage this vulnerability to inject CAN messages. Was ZDI-CAN-5264.Show less
CVE-2013-4622 1Htc 1Droid Incredible Apr 29, 2026 Jun 19, 2013 N/A· v4 N/A· v3 7.5 HIGH· v2 The 3G Mobile Hotspot feature on the HTC Droid Incredible has a default WPA2 PSK passphrase of 1234567890, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage are...Show more The 3G Mobile Hotspot feature on the HTC Droid Incredible has a default WPA2 PSK passphrase of 1234567890, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.Show less
CVE-2012-2980 5Att HtcSamsung+2 more 9Chacha DesireEvo Shift 4g+6 more Apr 29, 2026 Aug 21, 2012 N/A· v4 N/A· v3 7.1 HIGH· v2 The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Sams...Show more The Samsung and HTC onTouchEvent method implementation for Android on the T-Mobile myTouch 3G Slide, HTC Merge, Sprint EVO Shift 4G, HTC ChaCha, AT&T Status, HTC Desire Z, T-Mobile G2, T-Mobile myTouch 4G Slide, and Samsung Galaxy S stores touch coordinates in the dmesg buffer, which allows remote attackers to obtain sensitive information via a crafted application, as demonstrated by PIN numbers, telephone numbers, and text messages.Show less
CVE-2012-2217 1Htc 14Evo 3d Evo 3d SoftwareEvo 4g+11 more Apr 29, 2026 May 1, 2012 N/A· v4 N/A· v3 6.4 MEDIUM· v2 The HTC IQRD service for Android on the HTC EVO 4G before 4.67.651.3, EVO Design 4G before 2.12.651.5, Shift 4G before 2.77.651.3, EVO 3D before 2.17.651.5, EVO View 4G before 2.23.651.1, Vivid before 3.26.502.56, and He...Show more The HTC IQRD service for Android on the HTC EVO 4G before 4.67.651.3, EVO Design 4G before 2.12.651.5, Shift 4G before 2.77.651.3, EVO 3D before 2.17.651.5, EVO View 4G before 2.23.651.1, Vivid before 3.26.502.56, and Hero does not restrict localhost access to TCP port 2479, which allows remote attackers to (1) send SMS messages, (2) obtain the Network Access Identifier (NAI) and its password, or trigger (3) popup messages or (4) tones via a crafted application that leverages the android.permission.INTERNET permission.Show less
CVE-2011-4872 1Htc 9Desire Hd Desire SDroid Incredible+6 more Apr 29, 2026 Feb 5, 2012 N/A· v4 N/A· v3 2.6 LOW· v2 Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40, and EVO 4G GRI40 a...Show more Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40, and EVO 4G GRI40 allow remote attackers to obtain 802.1X Wi-Fi credentials and SSID via a crafted application that uses the android.permission.ACCESS_WIFI_STATE permission to call the toString method on the WifiConfiguration class.Show less
CVE-2011-3975 2Google Htc 4Android Evo 3dEvo 4g+1 more Apr 29, 2026 Oct 3, 2011 N/A· v4 N/A· v3 2.6 LOW· v2 A certain HTC update for Android 2.3.4 build GRJ22, when the Sense interface is used on the HTC EVO 3D, EVO 4G, ThunderBolt, and unspecified other devices, provides the HtcLoggers.apk application, which allows user-assis...Show more A certain HTC update for Android 2.3.4 build GRJ22, when the Sense interface is used on the HTC EVO 3D, EVO 4G, ThunderBolt, and unspecified other devices, provides the HtcLoggers.apk application, which allows user-assisted remote attackers to obtain a list of telephone numbers from a log, and other sensitive information, by leveraging the android.permission.INTERNET application permission and establishing TCP sessions to 127.0.0.1 on port 65511 and a second port.Show less
CVE-2008-6775 1Htc 2Touch Cruise Touch Pro Apr 23, 2026 May 1, 2009 N/A· v4 N/A· v3 7.1 HIGH· v2 HTC Touch Pro and HTC Touch Cruise vCard allows remote attackers to cause denial of service (CPU consumption, SMS consumption, and connectivity loss) via a flood of vCards to UDP port 9204.