CVSS: 6.3EPSS: 0%CPEs: 62EXPL: 0CVE-2017-17171
https://notcve.org/view.php?id=CVE-2017-17171
01 Jun 2018 — Some Huawei smart phones have the denial of service (DoS) vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and launch attacks using a pre-installed app with specific permissions. Successful exploit could allow the app to send specific parameters to the smart phone driver, which will result in system restart. Algunos smartphones Huawei tienen una vulnerabilidad de denegación de servicio (DoS) debido al procesamiento inco... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180530-01-smartphone • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-17319
https://notcve.org/view.php?id=CVE-2017-17319
20 Mar 2018 — Huawei P9 smartphones with the versions before EVA-AL10C00B399SP02 have an information disclosure vulnerability. The software does not properly protect certain resource which can be accessed by multithreading. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in kernel information disclosure. Los smartphones Huawei P9 con software en versiones anteriores a EVA-AL10C00B399SP02 tienen una vulnerabilidad de divulgación de información. El softwa... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180314-01-smartphone-en • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0CVE-2017-2713
https://notcve.org/view.php?id=CVE-2017-2713
22 Nov 2017 — HUAWEI P9 smartphones with software versions earlier before EVA-L09C432B383, versions earlier before EVA-L09C636B380, versions earlier before VIE-L09C432B370, versions earlier before VIE-L29C636B370 have an insufficient input validation vulnerability. An attacker could exploit this vulnerability to tamper with air interface signaling messages and obtain some communication information. Los smartphones Huawei P9 con versiones de software anteriores a la EVA-AL00C00B365, anteriores a la EVA-L09C636B380, anteri... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-smartphone-en • CWE-20: Improper Input Validation •
CVSS: 4.6EPSS: 0%CPEs: 10EXPL: 0CVE-2017-2727
https://notcve.org/view.php?id=CVE-2017-2727
22 Nov 2017 — Huawei P9 smart phones with software versions earlier before EVA-AL00C00B365, versions earlier before EVA-AL10C00B365,Versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a privilege escalation vulnerability. An unauthenticated attacker can bypass phone activation to user management page of the phone and create a new user. Successful exploit could allow the attacker operate part function of the phone. Los smartphones Huawei P9 con ver... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170209-01-smartphone-en •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2017-2691
https://notcve.org/view.php?id=CVE-2017-2691
22 Nov 2017 — Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass vulnerability. An unauthenticated attacker could force the phone to the fastboot mode and delete the user's password file during the reboot process, then login the phone without screen lock password after reboot. Huawei P9 en versiones anteriores a la EVA-AL10C00B373, anteriores a la EVA-CL00C92B373, anteriores ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-01-smartphone-en •
CVSS: 7.2EPSS: 0%CPEs: 16EXPL: 0CVE-2017-2703
https://notcve.org/view.php?id=CVE-2017-2703
22 Nov 2017 — Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier before EVA-AL10C00B373,Versions earlier before EVA-CL10C00B373,Versions earlier before EVA-DL10C00B373,Versions earlier before EVA-TL10C00B373 can be bypass. An attacker can bypass the Phone Finder by special steps and enter the System Setting. Puede eludirse Phone Finder en versiones anteriores a la MHA-AL00BC00B... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-05-smartphone-en •
CVSS: 2.4EPSS: 0%CPEs: 10EXPL: 0CVE-2017-2705
https://notcve.org/view.php?id=CVE-2017-2705
22 Nov 2017 — Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass vulnerability. Successful exploit could allow an unauthenticated attacker to bypass phone activation to settings page of the phone. Los smartphones Huawei P9 con versiones de software anteriores a la EVA-AL10C00B365, anteriores a la EVA-AL00... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-02-smartphone-en •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2017-8148
https://notcve.org/view.php?id=CVE-2017-8148
22 Nov 2017 — Audio driver in P9 smartphones with software The versions before EVA-AL10C00B389 has a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and the race condition cause null pointer accessing during the application access shared resource, which make the system reboot. El controlador de audio en los smartphones P9 con versiones de software anteriores a EVA-AL10C00B389 tiene una vulnerabilidad de denegación de servicio (DoS). Un atacante ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170802-01-smartphone-en • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.3EPSS: 0%CPEs: 26EXPL: 0CVE-2017-8150
https://notcve.org/view.php?id=CVE-2017-8150
22 Nov 2017 — The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause arbitrary memory writing in the next system reboot, causing continuous system re... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170816-02-smartphone-en • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 44EXPL: 0CVE-2017-8214
https://notcve.org/view.php?id=CVE-2017-8214
22 Nov 2017 — Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions earlier than KNT-AL10C00B391, versions earlier than KNT-AL20C00B391, versions earlier than KNT-UL10C00B391, versions earlier than KNT-TL10C00B391, versions earlier than Stanford-AL00C00B175, versions earlier than Stanford-AL10C00B175, versions earlier than Stanford-TL00C01B175, versions earlier than Duke-AL20C00B1... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170807-01-smartphone-en • CWE-287: Improper Authentication •