41 results (0.012 seconds)

CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0

The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11). La función Bluetooth de algunos smartphones de Huawei presenta una vulnerabilidad DoS. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210707-03-dos-en •

CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0

There is a JavaScript injection vulnerability in certain Huawei smartphones. A module does not verify some inputs sufficiently. Attackers can exploit this vulnerability by sending a malicious application request to launch JavaScript injection. This may compromise normal service. Affected product versions include HUAWEI P30 versions earlier than 10.1.0.165(C01E165R2P11), 11.0.0.118(C635E2R1P3), 11.0.0.120(C00E120R2P5), 11.0.0.138(C10E4R5P3), 11.0.0.138(C185E4R7P3), 11.0.0.138(C432E8R2P3), 11.0.0.138(C461E4R3P3), 11.0.0.138(C605E4R1P3), and 11.0.0.138(C636E4R3P3). • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210331-01-js-en • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

There is an out of bounds write vulnerability in Huawei Smartphone HUAWEI P30 versions 9.1.0.131(C00E130R1P21) when processing a message. An unauthenticated attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of the input parameter, successful exploit can cause the process and the service to be abnormal. Se presenta una vulnerabilidad de escritura fuera de límites en el teléfono inteligente Huawei HUAWEI P30 versiones 9.1.0.131(C00E130R1P21) cuando se procesa un mensaje. Un atacante no autenticado puede explotar esta vulnerabilidad mediante el envío de un mensaje específico al dispositivo de destino. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210331-01-p30-en • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0

There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions 10.0.0.186(C10E7R5P1), 10.0.0.186(C461E4R3P1), 10.0.0.188(C00E85R2P11), 10.0.0.188(C01E88R2P11),10.0.0.188(C605E19R1P3), 10.0.0.190(C185E4R7P1), 10.0.0.190(C431E22R2P5), 10.0.0.190(C432E22R2P5),10.0.0.190(C605E19R1P3), 10.0.0.190(C636E4R3P4), 10.0.0.192(C635E3R2P4). Se presenta una vulnerabilidad de escritura de memoria arbitraria en el teléfono inteligente Huawei cuando se procesa el análisis de archivos. Debido a una validación insuficiente de los archivos de entrada, una explotación con éxito podría causar que determinados servicios sean anormales. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210331-01-smartphone-en • CWE-787: Out-of-bounds Write •

CVSS: 3.3EPSS: 0%CPEs: 14EXPL: 0

There is a resource management errors vulnerability in Huawei P30. Local attackers construct broadcast message for some application, causing this application to send this broadcast message and impact the customer's use experience. Se presenta una vulnerabilidad de errores de administración de recursos en Huawei P30. Los atacantes locales construyen un mensaje de difusión para alguna aplicación, causando que esta aplicación envíe este mensaje de difusión y afecte la experiencia de uso del cliente. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20201230-01-resourcemanagement-en • CWE-400: Uncontrolled Resource Consumption •