CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-9257
https://notcve.org/view.php?id=CVE-2020-9257
17 Jul 2020 — HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution. Los teléfonos inteligentes HUAWEI P... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-03-smartphone-en • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-9254
https://notcve.org/view.php?id=CVE-2020-9254
17 Jul 2020 — HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution. Los teléfonos inteligentes HUAWEI P30 Pro con versiones anteriores a 10.1.0.123(C432E19R2P... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-04-smartphone-en • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-9260
https://notcve.org/view.php?id=CVE-2020-9260
10 Jul 2020 — HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E22R2P5) and versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain WI-FI function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure. Los teléfonos inteligentes HUAWEI P30 y HUAWEI P30 Pro con versiones anteriores a 10.1.0.123(C432E22R2P5) y versiones anteriores... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200708-01-smartphone-en •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2020-1836
https://notcve.org/view.php?id=CVE-2020-1836
06 Jul 2020 — HUAWEI P30 with versions earlier than 10.1.0.160(C00E160R2P11) and HUAWEI P30 Pro with versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure. HUAWEI P30 con versiones anteriores a 10.1.0.160(C00E160R2P11) y HUAWEI P30 Pro con versiones anteriores a 10.1.0.160(C00E160R2P8), presenta una... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200624-01-smartphone-en •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2020-1834
https://notcve.org/view.php?id=CVE-2020-1834
18 Jun 2020 — HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C00E135R2P11) and versions earlier than 10.1.0.135(C00E135R2P8) have an insufficient integrity check vulnerability. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device. HUAWEI P30 y HUAWEI P30 Pro con versiones anteriores a 10.1.0.135(C00E135R2P11) y versiones anteriores a 10.1.0.135(C00E135R2P8), presentan una vulnerabilidad... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200617-01-smartphone-en • CWE-354: Improper Validation of Integrity Check Value •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-9076
https://notcve.org/view.php?id=CVE-2020-9076
15 Jun 2020 — HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not being properly verified, an attacker can exploit this vulnerability through man-in-the-middle attack to induce user to access malicious URL. Los teléfonos inteligentes HUAWEI P30; HUAWEI P30 Pro; Tony-AL00B con versiones anteriores a 10.... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-02-phone-en • CWE-287: Improper Authentication •
CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0CVE-2019-5303
https://notcve.org/view.php?id=CVE-2019-5303
27 Apr 2020 — There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0CVE-2019-5302
https://notcve.org/view.php?id=CVE-2019-5302
27 Apr 2020 — There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 46EXPL: 9CVE-2020-0022 – Android Bluetooth Remote Denial of Service
https://notcve.org/view.php?id=CVE-2020-0022
13 Feb 2020 — In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715 En la función reassemble_and_dispatch del archivo packet_fragmenter.cc, es posible una escritura fuera de límites debido a un cálculo de... • https://packetstorm.news/files/id/156891 • CWE-682: Incorrect Calculation •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2019-5251
https://notcve.org/view.php?id=CVE-2019-5251
13 Dec 2019 — There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure. Se presenta una vulnerabilidad de salto de ruta en varios teléfonos inteligentes Huawei. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •