31 results (0.009 seconds)

CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0

The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11). La función Bluetooth de algunos smartphones de Huawei presenta una vulnerabilidad DoS. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en •

CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0

There is a JavaScript injection vulnerability in certain Huawei smartphones. A module does not verify some inputs sufficiently. Attackers can exploit this vulnerability by sending a malicious application request to launch JavaScript injection. This may compromise normal service. Affected product versions include HUAWEI P30 versions earlier than 10.1.0.165(C01E165R2P11), 11.0.0.118(C635E2R1P3), 11.0.0.120(C00E120R2P5), 11.0.0.138(C10E4R5P3), 11.0.0.138(C185E4R7P3), 11.0.0.138(C432E8R2P3), 11.0.0.138(C461E4R3P3), 11.0.0.138(C605E4R1P3), and 11.0.0.138(C636E4R3P3). • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210331-01-js-en • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0

There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions 10.0.0.186(C10E7R5P1), 10.0.0.186(C461E4R3P1), 10.0.0.188(C00E85R2P11), 10.0.0.188(C01E88R2P11),10.0.0.188(C605E19R1P3), 10.0.0.190(C185E4R7P1), 10.0.0.190(C431E22R2P5), 10.0.0.190(C432E22R2P5),10.0.0.190(C605E19R1P3), 10.0.0.190(C636E4R3P4), 10.0.0.192(C635E3R2P4). Se presenta una vulnerabilidad de escritura de memoria arbitraria en el teléfono inteligente Huawei cuando se procesa el análisis de archivos. Debido a una validación insuficiente de los archivos de entrada, una explotación con éxito podría causar que determinados servicios sean anormales. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210331-01-smartphone-en • CWE-787: Out-of-bounds Write •

CVSS: 3.3EPSS: 0%CPEs: 14EXPL: 0

There is a resource management errors vulnerability in Huawei P30. Local attackers construct broadcast message for some application, causing this application to send this broadcast message and impact the customer's use experience. Se presenta una vulnerabilidad de errores de administración de recursos en Huawei P30. Los atacantes locales construyen un mensaje de difusión para alguna aplicación, causando que esta aplicación envíe este mensaje de difusión y afecte la experiencia de uso del cliente. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-01-resourcemanagement-en • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.8EPSS: 0%CPEs: 56EXPL: 0

There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B. Se presenta una vulnerabilidad de desbordamiento del búfer en varios productos de Huawei. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •