CVSS: 6.2EPSS: 0%CPEs: 10EXPL: 0CVE-2020-9119
https://notcve.org/view.php?id=CVE-2020-9119
24 Dec 2020 — There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user's privilege promotion. Se presenta una vulnerabilidad de escalada de privilegios en algunos teléfonos inteligentes de Huawei debido a defectos de diseño. El atacante necesita contactar físicamente con el teléfono móvil y conseguir mayores privilegios, y ejecutar comand... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201202-01-smartphone-en •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2020-1809
https://notcve.org/view.php?id=CVE-2020-1809
29 May 2020 — HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E143R2P4) have an information disclosure vulnerability. The attacker could wake up voice assistant then do a series of crafted voice operation, successful exploit could allow the attacker read certain files without unlock the phone leading to information disclosure. Los teléfonos inteligentes HUAWEI Mate 10 con versiones anteriores a la 10.0.0.143(C00E143R2P4), presentan una vulnerabilidad de divulgación de información. El atacante podría a... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-smartphone-en •
CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0CVE-2019-5303
https://notcve.org/view.php?id=CVE-2019-5303
27 Apr 2020 — There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 2 out of 2 vulnerabilities. Different than CVE-2020-5302. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 150EXPL: 0CVE-2019-5302
https://notcve.org/view.php?id=CVE-2019-5302
27 Apr 2020 — There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device abnormal. This is 1 out of 2 vulnerabilities. Different than CVE-2020-5303. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190814-01-mobile-en • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 24EXPL: 0CVE-2020-1785
https://notcve.org/view.php?id=CVE-2020-1785
03 Jan 2020 — Mate 10 Pro;Honor V10;Honor 10;Nova 4 smartphones have a denial of service vulnerability. The system does not properly check the status of certain module during certain operations, an attacker should trick the user into installing a malicious application, successful exploit could cause reboot of the smartphone. Los teléfonos inteligentes Mate 10 Pro; Honor V10; Honor 10; Nova 4, tiene una vulnerabilidad de denegación de servicio. El sistema no comprueba apropiadamente el estado de cierto módulo durante dete... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-03-smartphone-en •
CVSS: 4.6EPSS: 0%CPEs: 50EXPL: 0CVE-2019-5264
https://notcve.org/view.php?id=CVE-2019-5264
13 Dec 2019 — There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure. tiene una vulnerabilidad de divulgación de información en ciertos teléfonos inteligentes Huawei (Mate 10; Mate 10 Pro; Honor V10; Changxiang 7S; P-smart; C... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-smartphone-en •
CVSS: 8.1EPSS: 3%CPEs: 371EXPL: 1CVE-2019-9506 – Blutooth BR/EDR specification does not specify sufficient encryption key length and allows an attacker to influence key length negotiation
https://notcve.org/view.php?id=CVE-2019-9506
14 Aug 2019 — The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. La especificación de Bluetooth BR/EDR incluyendo versión 5.1, permite una longitud de clave de cifrado suficientemente baja y no impide que un atacante influya en la negociación d... • https://github.com/francozappa/knob • CWE-310: Cryptographic Issues CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5219
https://notcve.org/view.php?id=CVE-2019-5219
06 Jun 2019 — There is a double free vulnerability on certain drivers of Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.181(C00E87R2P20T8). An attacker tricks the user into installing a malicious application, which makes multiple processes operate the same resource at the same time. Successful exploit could cause a denial of service condition. Se presenta una vulnerabilidad de doble liberación (double free) en ciertos controladores de teléfonos inteligentes Mate10 de Huawei versiones anteriores a ALP-AL0... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190130-01-smartphone-en • CWE-415: Double Free •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5305
https://notcve.org/view.php?id=CVE-2019-5305
06 Jun 2019 — The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159(C185) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a system crash. El módulo de procesamiento de imágenes de algunas versiones de teléfonos inteligentes Mate 10 de Huawei anteriores a ALP-L29 9.0.0.159 (C185), presentan una vulnerabilidad de doble liberación de memoria... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190128-01-ivp-en • CWE-415: Double Free •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5214
https://notcve.org/view.php?id=CVE-2019-5214
06 Jun 2019 — There is a use after free vulnerability on certain driver component in Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.167(C00E85R2P20T8). An attacker tricks the user into installing a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause a denial of service condition. Se presenta una vulnerabilidad de uso de la memoria previamente liberada (use after free) en ciertos componentes del controlador en teléfonos inteligentes Ma... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190109-01-smartphone-en • CWE-416: Use After Free •