CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2020-1798
https://notcve.org/view.php?id=CVE-2020-1798
29 May 2020 — HUAWEI P30 smartphones with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. A logic error occurs when handling NFC work, an attacker should establish a NFC connection to the target phone, and then do a series of operations on the target phone. Successful exploit could allow a guest user do certain operation which is beyond the guest user's privilege. Los teléfonos inteligentes HUAWEI P30 con versiones anteriores a 10.1.0.135(C00E135R2P11), presentan una vulnerab... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-02-smartphone-en • CWE-287: Improper Authentication •
CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0CVE-2019-5303
https://notcve.org/view.php?id=CVE-2019-5303
27 Apr 2020 — There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0CVE-2019-5302
https://notcve.org/view.php?id=CVE-2019-5302
27 Apr 2020 — There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-1800
https://notcve.org/view.php?id=CVE-2020-1800
26 Mar 2020 — HUAWEI smartphones P30 with versions earlier than 10.0.0.185(C00E85R1P11) have an improper access control vulnerability. The software incorrectly restricts access to a function interface from an unauthorized actor, the attacker tricks the user into installing a crafted application, successful exploit could allow the attacker do certain unauthenticated operations. Los teléfonos inteligentes HUAWEI P30 con versiones anteriores a 10.0.0.185(C00E85R1P11), presentan una vulnerabilidad de control de acceso inapro... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200325-02-smartphone-en •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-1812
https://notcve.org/view.php?id=CVE-2020-1812
18 Feb 2020 — HUAWEI P30 smartphones with versions earlier than 10.0.0.173(C00E73R1P11) have an improper authentication vulnerability. Due to improperly validation of certain application, an attacker should trick the user into installing a malicious application to exploit this vulnerability. Successful exploit could allow the attacker to bypass the authentication to perform unauthorized operations. Los teléfonos inteligentes HUAWEI P30 con versiones anteriores a 10.0.0.173(C00E73R1P11), presentan una vulnerabilidad de au... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200120-01-smartphone-en • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 0%CPEs: 46EXPL: 9CVE-2020-0022 – Android Bluetooth Remote Denial of Service
https://notcve.org/view.php?id=CVE-2020-0022
13 Feb 2020 — In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715 En la función reassemble_and_dispatch del archivo packet_fragmenter.cc, es posible una escritura fuera de límites debido a un cálculo de... • https://packetstorm.news/files/id/156891 • CWE-682: Incorrect Calculation •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-19441
https://notcve.org/view.php?id=CVE-2019-19441
03 Jan 2020 — HUAWEI P30 smart phones with versions earlier than 10.0.0.166(C00E66R1P11) have an information leak vulnerability. An attacker could send specific command in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause information leak. Los teléfonos inteligentes HUAWEI P30 con versiones anteriores a la versión 10.0.0.166 (C00E66R1P11), tienen una vulnerabilidad de filtrado de información. Un atacante podría enviar un comando específico en la red de área local (LAN) para exp... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-02-smartphone-en •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5265
https://notcve.org/view.php?id=CVE-2019-5265
23 Dec 2019 — Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an improper access control vulnerability. The function incorrectly controls certain access messages, attackers can simulate a sender to steal P2P network information. Successful exploit may cause information leakage. La función Huawei Share en el teléfono inteligente P30 versión 9.1.0.193(C00E190R2P1), presenta una vulnerabilidad de control de acceso inapropiada. La función controla incorrectamente determinados mensajes de acceso, los atacan... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191218-01-share-en •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5266
https://notcve.org/view.php?id=CVE-2019-5266
23 Dec 2019 — Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an insufficient input validation vulnerability. Attackers can exploit this vulnerability by sending crafted packets to the affected device. Successful exploit may cause the function will be disabled. La función Huawei Share en el teléfono inteligente P30 versión 9.1.0.193(C00E190R2P1), presenta una vulnerabilidad de comprobación de entrada insuficiente. Los atacantes pueden explotar esta vulnerabilidad mediante el envío de paquetes diseñados... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191218-02-share-en • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2019-5251
https://notcve.org/view.php?id=CVE-2019-5251
13 Dec 2019 — There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure. Se presenta una vulnerabilidad de salto de ruta en varios teléfonos inteligentes Huawei. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-03-smartphone-en • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •