CVSS: 7.8EPSS: 0%CPEs: 100EXPL: 0CVE-2017-2692
https://notcve.org/view.php?id=CVE-2017-2692
22 Nov 2017 — The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier versions,ALE-L23C605B190 and earlier versions,ALE-TL00C01B250 and earlier versions,ALE-UL00C00B250 and earlier versions,MT7-L09C605B325 and earlier versions,MT7-L09C900B339 and earlier versions,MT7-TL10C900B339 and earlier versions,CRR... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170125-01-emui-en • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2017-2699
https://notcve.org/view.php?id=CVE-2017-2699
22 Nov 2017 — The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. An attacker could exploit this vulnerability to upload theme packs containing malicious files and trick users into installing the theme packets, resulting in the execution of arbitrary code. Huawei Themes APP en versiones anteriores a la PLK-UL00C17B385; versiones anteriores a la CRR-L09C432B380 y versiones anteriores a la LYO-L... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170222-01-theme-en • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 100EXPL: 0CVE-2017-2693
https://notcve.org/view.php?id=CVE-2017-2693
22 Nov 2017 — ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier versions,ALE-L23C605B190 and earlier versions,ALE-TL00C01B250 and earlier versions,ALE-UL00C00B250 and earlier versions,MT7-L09C605B325 and earlier versions,MT7-L09C900B339 and earlier versions,MT7-TL10C900B339 and earlier versions,CRR-CL00C92B172 and earlier ver... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170125-01-emui-en • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4421
https://notcve.org/view.php?id=CVE-2015-4421
19 Oct 2017 — The tzdriver module in Huawei Mate 7 (Mate7-TL10) smartphones before V100R001CHNC00B126SP03 allows local users to gain privileges or cause a denial of service (memory corruption) via an unspecified input. El módulo tzdrive en smartphones Huawei Mate 7 (Mate7-TL10) en versiones anteriores a la V100R001CHNC00B126SP03 permite que usuarios locales obtengan privilegios o provoquen una denegación de servicio (corrupción de memoria) mediante una entrada no especificada. • http://www.securityfocus.com/bid/74742 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4422
https://notcve.org/view.php?id=CVE-2015-4422
19 Oct 2017 — The TEEOS module in Huawei Mate 7 (Mate7-TL10) smartphones before V100R001CHNC00B126SP03 allows local users with root permissions to gain privileges or cause a denial of service (memory corruption) via a crafted application. El módulo TEEOS en smartphones Huawei Mate 7 (Mate7-TL10) en versiones anteriores a la V100R001CHNC00B126SP03 permite que usuarios locales con permisos root obtengan privilegios o provoquen una denegación de servicio (corrupción de memoria) mediante una entrada manipulada. • http://www.securityfocus.com/bid/74742 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 11EXPL: 2CVE-2015-8088 – Huawei Mate 7 - '/dev/hifi_misc' Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-8088
12 Jan 2016 — Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 and P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, and GRA-UL10 before GRA-UL10C00B220 allows attackers to cause a denial of service (reboot) or execute arbitrary code via a crafte... • https://www.exploit-db.com/exploits/44306 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 11EXPL: 0CVE-2015-8337
https://notcve.org/view.php?id=CVE-2015-8337
12 Jan 2016 — The HIFI driver in Huawei P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, GRA-UL10 before GRA-UL10C00B220 and Mate7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 allows remote attackers to cause a denial of service (invalid memory access and reboot) via unspecified vectors related to "inpu... • http://www.huawei.com/en/psirt/security-advisories/hw-465304 •