CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9243
https://notcve.org/view.php?id=CVE-2020-9243
10 Aug 2020 — HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successful exploit could cause a denial of service condition. HUAWEI Mate 30 con versiones anteriores a 10.1.0.150(C00E136R5P3) presenta una vulnerabilidad de denegación de servicio. El sistema no limita apropiadamente la profundidad de recursión, un atacante deber... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200805-03-smartphone-en • CWE-674: Uncontrolled Recursion •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9256
https://notcve.org/view.php?id=CVE-2020-9256
17 Jul 2020 — Huawei Mate 30 Pro smartphones with versions earlier than 10.1.0.150(C00E136R5P3) have an improper authorization vulnerability. The system does not properly restrict the use of system service by applications, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of audio service. Los teléfonos inteligentes Huawei Mate 30 Pro con versiones anteriores a 10.1.0.150(C00E136R5P3), presentan una vulnerabilidad de autorización inapropiada. El sistema no... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-05-smartphone-en •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-1839
https://notcve.org/view.php?id=CVE-2020-1839
06 Jul 2020 — HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a race condition vulnerability. There is a timing window exists in which certain pointer members can be modified by another process that is operating concurrently, an attacker should trick the user into running a crafted application with high privilege, successful exploit could cause code execution. HUAWEI Mate 30 con versiones anteriores a 10.1.0.150(C00E136R5P3), presenta una vulnerabilidad de condición de carrera. Se presenta una vent... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-04-smartphone-en • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9261
https://notcve.org/view.php?id=CVE-2020-9261
06 Jul 2020 — HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a type confusion vulnerability. The system does not properly check and transform the type of certain variable, the attacker tricks the user into installing then running a crafted application, successful exploit could cause code execution. HUAWEI Mate 30 con versiones anteriores a 10.1.0.150(C00E136R5P3), presenta una vulnerabilidad de confusión de tipo. El sistema no comprueba y ni transforma apropiadamente el tipo de determinada variabl... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-05-smartphone-en • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-1838
https://notcve.org/view.php?id=CVE-2020-1838
06 Jul 2020 — HUAWEI Mate 30 Pro with versions earlier than 10.1.0.150(C00E136R5P3) have is an improper authentication vulnerability. The device does not sufficiently validate certain credential of user's face, an attacker could craft the credential of the user, successful exploit could allow the attacker to pass the authentication with the crafted credential. HUAWEI Mate 30 Pro con versiones anteriores a 10.1.0.150(C00E136R5P3), presenta una vulnerabilidad de autenticación inapropiada. El dispositivo no comprueba sufici... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-03-smartphone-en • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9262
https://notcve.org/view.php?id=CVE-2020-9262
06 Jul 2020 — HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with high privilege, successful exploit could cause code execution. HUAWEI Mate 30 con versiones anteriores a 10.1.0.150(C00E136R5P3), presenta una vulnerabilidad de uso de la memoria previamente liberada. Se presenta una condición en la que el si... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-06-smartphone-en • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-1835
https://notcve.org/view.php?id=CVE-2020-1835
18 Jun 2020 — HUAWEI Mate 30 with versions earlier than 10.1.0.126(C00E125R5P3) have an information disclosure vulnerability. A logic judgment error occurs when the system handling Bluetooth connections, an attacker could craft as an authenticated Bluetooth peer to launch the attack. Successful exploit could cause information disclosure. HUAWEI Mate 30 con versiones anteriores a 10.1.0.126(C00E125R5P3), presenta una vulnerabilidad de divulgación de información. Un error de juicio lógico ocurre cuando el sistema maneja co... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-02-smartphone-en •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-1801
https://notcve.org/view.php?id=CVE-2020-1801
10 Apr 2020 — There is an improper authentication vulnerability in several smartphones. Certain function interface in the system does not sufficiently validate the caller's identity in certain share scenario, successful exploit could cause information disclosure. Affected product versions include:Mate 30 Pro versions Versions earlier than 10.0.0.205(C00E202R7P2);Mate 30 versions Versions earlier than 10.0.0.205(C00E201R7P2). Se presenta una vulnerabilidad de autenticación inapropiada en varios teléfonos inteligentes. Det... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-smartphone-en • CWE-287: Improper Authentication •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2020-1794
https://notcve.org/view.php?id=CVE-2020-1794
20 Mar 2020 — There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). Se presenta una vulnerabilidad de autenticación inapropiada en varios teléfonos ... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en • CWE-287: Improper Authentication •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2020-1793
https://notcve.org/view.php?id=CVE-2020-1793
20 Mar 2020 — There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). Se presenta una vulnerabilidad de autenticación inapropiada en varios teléfonos ... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200318-02-smartphone-en • CWE-287: Improper Authentication •