CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9255
https://notcve.org/view.php?id=CVE-2020-9255
17 Jul 2020 — Huawei Honor 10 smartphones with versions earlier than 10.0.0.178(C00E178R1P4) have a denial of service vulnerability. Certain service in the system does not sufficiently validate certain parameter which is received, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of service condition. Los teléfonos inteligentes Huawei Honor 10 con versiones anteriores a 10.0.0.178(C00E178R1P4), presentan una vulnerabilidad de denegación de servicio. Determ... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-06-smartphone-en • CWE-20: Improper Input Validation •
CVSS: 4.6EPSS: 0%CPEs: 122EXPL: 0CVE-2019-19412
https://notcve.org/view.php?id=CVE-2019-19412
08 Jun 2020 — Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en. Algunos teléfonos inteligentes Huawei presentan una vulnerabilidad de seguridad que omite la Factory Reset Protec... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en •
CVSS: 6.5EPSS: 0%CPEs: 38EXPL: 0CVE-2020-9069
https://notcve.org/view.php?id=CVE-2020-9069
21 May 2020 — There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Affected product versions include: Anne-AL00 Versions earlier than 9.1.0.331(C675E9R1P3T8); Berkeley-L09 Versions earlier than 10.0.1.1(C675R1); CD16-10 Versions earlier than 10.0.2.8; CD17-10 Versions earlier than 10.0.2.8; CD17-16 Versions earlier than 10.0.2.8; CD18-10 Versions earlier than 10.... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200520-01-leakage-en •
CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0CVE-2019-5303
https://notcve.org/view.php?id=CVE-2019-5303
27 Apr 2020 — There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0CVE-2019-5302
https://notcve.org/view.php?id=CVE-2019-5302
27 Apr 2020 — There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 24EXPL: 0CVE-2020-1785
https://notcve.org/view.php?id=CVE-2020-1785
03 Jan 2020 — Mate 10 Pro;Honor V10;Honor 10;Nova 4 smartphones have a denial of service vulnerability. The system does not properly check the status of certain module during certain operations, an attacker should trick the user into installing a malicious application, successful exploit could cause reboot of the smartphone. Los teléfonos inteligentes Mate 10 Pro; Honor V10; Honor 10; Nova 4, tiene una vulnerabilidad de denegación de servicio. El sistema no comprueba apropiadamente el estado de cierto módulo durante dete... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-03-smartphone-en •
CVSS: 4.6EPSS: 0%CPEs: 50EXPL: 0CVE-2019-5264
https://notcve.org/view.php?id=CVE-2019-5264
13 Dec 2019 — There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure. tiene una vulnerabilidad de divulgación de información en ciertos teléfonos inteligentes Huawei (Mate 10; Mate 10 Pro; Honor V10; Changxiang 7S; P-smart; C... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-smartphone-en •
CVSS: 3.3EPSS: 0%CPEs: 6EXPL: 0CVE-2019-5292
https://notcve.org/view.php?id=CVE-2019-5292
13 Nov 2019 — Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9.1.0.217(C00E215R3P1), the versions before 9.1.0.205(C00E97R1P9), the versions before 9.1.0.205(C00E97R2P2) have an information leak vulnerability. Due to improper function error records of some module, an attacker with the access permission may exploit the vulnerability to obtain some information. Los teléfonos móviles Huawei Honor 10 Lite, Honor 8A, Y6 con las versiones anteriores a la versión 9.1.0.217(C00E215R3P1), las versiones ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-phone-en •
CVSS: 8.1EPSS: 3%CPEs: 371EXPL: 1CVE-2019-9506 – Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation
https://notcve.org/view.php?id=CVE-2019-9506
14 Aug 2019 — The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. La especificación de Bluetooth BR/EDR incluyendo versión 5.1, permite una longitud de clave de cifrado suficientemente baja y no impide que un atacante influya en la negociación d... • https://github.com/francozappa/knob • CWE-310: Cryptographic Issues CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5295
https://notcve.org/view.php?id=CVE-2019-5295
06 Jun 2019 — Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.125(C00E125R2P14T8) have an authorization bypass vulnerability. Due to improper authorization implementation logic, attackers can bypass certain authorization scopes of smart phones by performing specific operations. This vulnerability can be exploited to perform operations beyond the scope of authorization. Los teléfonos inteligentes Honor V10 de Huawei versiones anteriores a Berkeley-AL20 9.0.0.125 (C00E125R2P14T8), presentan una vulne... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190131-01-phone-en •