CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2021-22400
https://notcve.org/view.php?id=CVE-2021-22400
03 Aug 2021 — Some Huawei Smartphones has an insufficient input validation vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The app can modify specific parameters, causing the system to crash. Affected product include:OxfordS-AN00A 10.0.1.10(C00E10R1P1),10.0.1.105(C00E103R3P3),10.0.1.115(C00E110R3P3),10.0.1.123(C00E121R3P3),10.0.1.135(C00E130R3P3),10.0.1.135(C00E130R4P1),10.0.1.152(C00E140R4P1),10.0.1.160(C00E160R4P1),10.0.1.167(C00E166R4P1),10.0.1.173(C... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210721-01-phones-en • CWE-20: Improper Input Validation •
CVSS: 4.6EPSS: 0%CPEs: 21EXPL: 0CVE-2021-22440
https://notcve.org/view.php?id=CVE-2021-22440
13 Jul 2021 — There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly validate the pathname. Successful exploit could allow the attacker to access a location that is outside of the restricted directory by a crafted filename. Affected product versions include:HUAWEI Mate 20 9.0.0.195(C... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210630-01-pathtraversal-en • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 0CVE-2020-9235
https://notcve.org/view.php?id=CVE-2020-9235
03 Sep 2020 — Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200902-07-smartphone-en • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-1878
https://notcve.org/view.php?id=CVE-2020-1878
20 Mar 2020 — Huawei smartphone OxfordS-AN00A with versions earlier than 10.0.1.152D(C735E152R3P3),versions earlier than 10.0.1.160(C00E160R4P1) have an improper authentication vulnerability. Authentication to target component is improper when device performs an operation. Attackers exploit this vulnerability to obtain some information by loading malicious application, leading to information leak. El teléfono inteligente Huawei OxfordS-AN00A con versiones anteriores a 10.0.1.152D(C735E152R3P3), versiones anteriores a 10.... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200415-02-dos-en • CWE-287: Improper Authentication •