CVSS: 9.3EPSS: 0%CPEs: 20EXPL: 0CVE-2017-2729
https://notcve.org/view.php?id=CVE-2017-2729
22 Nov 2017 — The boot loaders in Honor 5A smart phones with software Versions earlier than CAM-TL00C01B193,Versions earlier than CAM-TL00HC00B193,Versions earlier than CAM-UL00C00B193 have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the next system reboot, causing continuous system reboot or arbitrary code execution. Los cargadores de arranque en smartphones Honor 5... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170302-01-smartphone-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2698
https://notcve.org/view.php?id=CVE-2017-2698
22 Nov 2017 — The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege. El controlador ddr_devfreq en versiones anteriores a la GRA-UL00C00B197 tiene una vulnerabilidad de desbordamiento de búfer. Un atacante con el privilegio root del sistema Android puede engañar ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-04-smartphone-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 100EXPL: 0CVE-2017-2692
https://notcve.org/view.php?id=CVE-2017-2692
22 Nov 2017 — The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier versions,ALE-L23C605B190 and earlier versions,ALE-TL00C01B250 and earlier versions,ALE-UL00C00B250 and earlier versions,MT7-L09C605B325 and earlier versions,MT7-L09C900B339 and earlier versions,MT7-TL10C900B339 and earlier versions,CRR... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170125-01-emui-en • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 100EXPL: 0CVE-2017-2693
https://notcve.org/view.php?id=CVE-2017-2693
22 Nov 2017 — ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier versions,ALE-L23C605B190 and earlier versions,ALE-TL00C01B250 and earlier versions,ALE-UL00C00B250 and earlier versions,MT7-L09C605B325 and earlier versions,MT7-L09C900B339 and earlier versions,MT7-TL10C900B339 and earlier versions,CRR-CL00C92B172 and earlier ver... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170125-01-emui-en • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.3EPSS: 0%CPEs: 26EXPL: 0CVE-2017-8150
https://notcve.org/view.php?id=CVE-2017-8150
22 Nov 2017 — The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause arbitrary memory writing in the next system reboot, causing continuous system re... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-02-smartphone-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-8224
https://notcve.org/view.php?id=CVE-2015-8224
20 Sep 2017 — Huawei P8 before GRA-CL00C92B210, before GRA-L09C432B200, before GRA-TL00C01B210, and before GRA-UL00C00B210 allows remote attackers to obtain user equipment (aka UE) measurements of signal strengths. Huawei P8 en versiones anteriores a GRA-CL00C92B210, GRA-L09C432B200, GRA-TL00C01B210 y GRA-UL00C00B210 permite que los atacantes remotos obtengan las mediciones de fuerza del equipo de usuario (UE). • http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-459832.htm • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2015-8223
https://notcve.org/view.php?id=CVE-2015-8223
13 Apr 2017 — Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B85, and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) by leveraging camera permissions and via crafted input to the camera driver. Huawei P7 en versiones anteriores a P7-L00C17B851, P7-L05C00B851 y P7-L09C92B85, y P8 ALE-UL00 en versiones anteriores a ALE-UL00B211 permite a los usuarios locales para provocar una denegación de servicio (caída OS) mediante el aprovechamiento de los permisos de la cámara y... • http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-460489.htm • CWE-275: Permission Issues •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2015-7740
https://notcve.org/view.php?id=CVE-2015-7740
13 Apr 2017 — Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B851 and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) via vectors involving an application that passes crafted input to the GPU driver. Huawei P7 en versiones anteriores a P7-L00C17B851, y P7-L09C92B851 y P8 ALE-UL00 en versiones anteriores a ALE-UL00B211 permite a los usuarios locales para provocar una denegación de servicio (caída OS) a través de vectores que implican una aplicación que pasa la entrad... • http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-460486.htm • CWE-20: Improper Input Validation •
CVSS: 6.4EPSS: 0%CPEs: 6EXPL: 0CVE-2016-8764
https://notcve.org/view.php?id=CVE-2016-8764
02 Apr 2017 — The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an input validation vulnerability, which allows attackers to read and write user-mode memory data anywhere in the TrustZone driver. El controlador TrustZone en teléfonos Huawei P9 con versiones de software anteriores a EVA-AL10C00B352 y P9 Lite con software VNS-L21C185B130 y versiones ant... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161123-01-smartphone-en • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2016-8791
https://notcve.org/view.php?id=CVE-2016-8791
02 Apr 2017 — Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161116-01-smartphone-en • CWE-284: Improper Access Control •