CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2020-9089
https://notcve.org/view.php?id=CVE-2020-9089
27 Dec 2024 — There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller's access. Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information leak. (Vulnerability ID: HWPSIRT-2019-12141) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9089. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-09-smartphone-en • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0CVE-2020-9081
https://notcve.org/view.php?id=CVE-2020-9081
27 Dec 2024 — There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9081. • https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200826-15-smartphone-en • CWE-285: Improper Authorization •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2021-22399
https://notcve.org/view.php?id=CVE-2021-22399
13 Jul 2021 — The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2021-22331
https://notcve.org/view.php?id=CVE-2021-22331
28 Apr 2021 — There is a JavaScript injection vulnerability in certain Huawei smartphones. A module does not verify some inputs sufficiently. Attackers can exploit this vulnerability by sending a malicious application request to launch JavaScript injection. This may compromise normal service. Affected product versions include HUAWEI P30 versions earlier than 10.1.0.165(C01E165R2P11), 11.0.0.118(C635E2R1P3), 11.0.0.120(C00E120R2P5), 11.0.0.138(C10E4R5P3), 11.0.0.138(C185E4R7P3), 11.0.0.138(C432E8R2P3), 11.0.0.138(C461E4R3... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210331-01-js-en • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-22330
https://notcve.org/view.php?id=CVE-2021-22330
28 Apr 2021 — There is an out of bounds write vulnerability in Huawei Smartphone HUAWEI P30 versions 9.1.0.131(C00E130R1P21) when processing a message. An unauthenticated attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of the input parameter, successful exploit can cause the process and the service to be abnormal. Se presenta una vulnerabilidad de escritura fuera de límites en el teléfono inteligente Huawei HUAWEI P30 versiones 9.1.0.131(C00E130R1P2... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210331-01-p30-en • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2021-22327
https://notcve.org/view.php?id=CVE-2021-22327
28 Apr 2021 — There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions 10.0.0.186(C10E7R5P1), 10.0.0.186(C461E4R3P1), 10.0.0.188(C00E85R2P11), 10.0.0.188(C01E88R2P11),10.0.0.188(C605E19R1P3), 10.0.0.190(C185E4R7P1), 10.0.0.190(C431E22R2P5), 10.0.0.190(C432E22R2P5),10.0.0.190(C605E19R1P3), 10.0.0.190(C636E4R3P4), 10.0.0... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210331-01-smartphone-en • CWE-787: Out-of-bounds Write •
CVSS: 3.3EPSS: 0%CPEs: 14EXPL: 0CVE-2020-9203
https://notcve.org/view.php?id=CVE-2020-9203
13 Jan 2021 — There is a resource management errors vulnerability in Huawei P30. Local attackers construct broadcast message for some application, causing this application to send this broadcast message and impact the customer's use experience. Se presenta una vulnerabilidad de errores de administración de recursos en Huawei P30. Los atacantes locales construyen un mensaje de difusión para alguna aplicación, causando que esta aplicación envíe este mensaje de difusión y afecte la experiencia de uso del cliente. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-01-resourcemanagement-en • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 56EXPL: 0CVE-2020-9247
https://notcve.org/view.php?id=CVE-2020-9247
07 Dec 2020 — There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200729-03-smartphone-en • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-9263
https://notcve.org/view.php?id=CVE-2020-9263
19 Oct 2020 — HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) and HUAWEI P30 version earlier than 10.1.0.160(C00E160R2P11) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with common privilege, successful exploit could cause code execution. HUAWEI Mate 30 versiones anteriores a 10.1.0.150(C00E136R5P3) y HUAWEI P30 versiones anterior a 10.1.0.160(C00E160R2P11),... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200701-07-smartphone-en • CWE-416: Use After Free •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2020-9106
https://notcve.org/view.php?id=CVE-2020-9106
12 Oct 2020 — HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. The system does not sufficiently validate certain pathname, successful exploit could allow the attacker access files and cause information disclosure. Dispositivos HUAWEI P30 Pro versiones anteriores a 10.1.0.160(C00E160R2P8), presentan una vulnerabilidad de salto de ruta. El sistema no comprueba suficientemente determinado nombre de ruta, una explotación con éxito podría permitir al atacante acceder a arc... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200930-01-pathtraversal-en • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •