CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7989
https://notcve.org/view.php?id=CVE-2018-7989
17 Oct 2018 — Huawei Mate 10 pro smartphones with the versions before BLA-AL00B 8.1.0.326(C00) have an improper authentication vulnerability. App Lock is a function to prevent unauthorized use of apps on smartphones, an attacker could directly change the lock password after a series of operations. Successful exploit could allow the attacker to use the application which is locked. Los smartphones Huawei Mate 10 en versiones anteriores a la BLA-AL00B 8.1.0.326(C00) tienen una vulnerabilidad de autenticación incorrecta. App... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181010-01-applock-en • CWE-287: Improper Authentication •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7990
https://notcve.org/view.php?id=CVE-2018-7990
04 Sep 2018 — Mate10 Pro Huawei smart phones with the versions before 8.1.0.326(C00) have a FRP bypass vulnerability. During the mobile phone reseting process, an attacker could bypass "Find My Phone" protect after a series of voice and keyboard operations. Successful exploit could allow an attacker to bypass FRP. Los smartphones Huawei Mate10 Pro en versiones anteriores a la 8.1.0.326(C00) tienen una vulnerabilidad de omisión de Factory Reset Protection (FRP). Durante el proceso de reinicio del teléfono móvil, un atacan... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180831-01-smartphone-en •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7936
https://notcve.org/view.php?id=CVE-2018-7936
04 Sep 2018 — Mate 10 Pro Huawei smart phones with the versions before BLA-L29 8.0.0.148(C432) have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can connect the phone with PC and send special instructions to install third party desktop and disable the boot wizard. As a result, the FRP function is bypassed. Los smartphones Huawei Mate 10 Pro con software anterior a las versiones BLA-L29 8.0.0.148(C432) ti... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180827-01-frpbypass-en •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7993
https://notcve.org/view.php?id=CVE-2018-7993
31 Jul 2018 — HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulnerability on mediaserver component. An attacker tricks the user install a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause execution of arbitrary code. Los smartphones HUAWEI Mate 10 en versiones anteriores a la ALP-AL00 8.1.0.311 tienen una vulnerabilidad de uso de memoria previamente liberada en el componente mediaserver. Un atacante e... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180711-01-smartphone-en • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7934
https://notcve.org/view.php?id=CVE-2018-7934
31 Jul 2018 — Some Huawei mobile phone with the versions before BLA-L29 8.0.0.145(C432) have a denial of service (DoS) vulnerability because they do not adapt to specific screen gestures. An attacker may trick users into installing a malicious app. As a result, apps running on the frontend crash after the users make specific screen gestures. Algunos teléfonos móviles de Huawei con versiones anteriores a la BLA-L29 8.0.0.145(C432) tienen una vulnerabilidad de denegación de servicio (DoS) porque no se adaptan a gestos de p... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180705-01-smartphone-en • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 16EXPL: 0CVE-2017-17227
https://notcve.org/view.php?id=CVE-2017-17227
09 Mar 2018 — GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The versions before ALP-L09 8.0.0.127(C900); The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) has a out-of-bounds memory access vulnerability due to the input parameters validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can call the driver with special parameter and cause accessing out-of-bounds memory. Successful exploit may result... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-smartphone-en • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2017-15311
https://notcve.org/view.php?id=CVE-2017-15311
22 Dec 2017 — The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B 8.0.0.334(C00), and before LON-AL00B 8.0.0.334(C00) have a stack overflow vulnerability due to the lack of parameter validation. An attacker could send malicious packets to the smart phones within radio range by special wireless device, which leads stack overflow when the baseband module handles these packets. The attacker c... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171125-01-baseband-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •