CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5309
https://notcve.org/view.php?id=CVE-2019-5309
29 Nov 2019 — Honor play smartphones with versions earlier than 9.1.0.333(C00E333R1P1T8) have an information disclosure vulnerability in certain Huawei . An attacker could view certain information after a series of operation without unlock the screen lock. Successful exploit could cause an information disclosure condition. Los teléfonos inteligentes Honor Play con versiones anteriores a 9.1.0.333 (C00E333R1P1T8), presentan una vulnerabilidad de divulgación de información en ciertos Huawei. Un atacante podría visualizar d... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191127-02-smartphone-en • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 2.4EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5213
https://notcve.org/view.php?id=CVE-2019-5213
12 Nov 2019 — Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. The system has a logic judge error under certain scenario. Successful exploit could allow the attacker to modify the alarm clock settings after a serious of uncommon operations without unlock the screen lock. Teléfonos Inteligentes Honor Play con versiones anteriores a Cornell-AL00A versión 9.1.0.321 (C00E320R1P1T8), presentan una vulnerabilidad de autenticación insufic... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191023-01-smartphone-en • CWE-287: Improper Authentication •
CVSS: 7.6EPSS: 0%CPEs: 6EXPL: 0CVE-2019-5216
https://notcve.org/view.php?id=CVE-2019-5216
06 Jun 2019 — There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8), Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8) and Honor Play smartphones versions earlier than Cornell-AL00A 9.0.0.156(C00E156R1P13T8). An attacker tricks the user into installing a malicious application, which makes multiple processes to operate the same variate at the same time. Successful exploit could cause execution of malicious cod... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190116-01-smartphone-en • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •