Lucene search

K

ALP-AL00B, ALP-AL00B-RSC, BLA-TL00B, Charlotte-AL00A, Emily-AL00A, Security Vulnerabilities

packetstorm

0.5AI Score

2019-09-03 12:00 AM
296
packetstorm

0.3AI Score

2019-09-03 12:00 AM
269
packetstorm

0.5AI Score

2019-09-03 12:00 AM
231
packetstorm

0.4AI Score

2019-09-03 12:00 AM
280
packetstorm

1.1AI Score

0.945EPSS

2019-08-28 12:00 AM
208
huawei
huawei

Security Advisory - Key Negotiation of Bluetooth (KNOB) Vulnerability

The KNOB (Key Negotiation of Bluetooth) vulnerability exists in the encryption key negotiation process between two Bluetooth BR/EDR devices. The negotiation process is not encrypted and no authentication is performed. An unauthenticated, adjacent attacker can initiate a man-in-the-middle attack to....

8.1CVSS

8.4AI Score

0.001EPSS

2019-08-28 12:00 AM
100
exploitpack
exploitpack

Cisco UCS Director_ Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple Vulnerabilities

Cisco UCS Director_ Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple...

9.8CVSS

0.4AI Score

0.945EPSS

2019-08-21 12:00 AM
38
huawei
huawei

Security Advisory - Null Pointer Reference Vulnerability in Some Huawei Smart Phones

There is a null pointer reference vulnerability in some Huawei smart phones. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal. (Vulnerability ID: HWPSIRT-2019-05097) This vulnerability....

5.3CVSS

5.3AI Score

0.001EPSS

2019-08-21 12:00 AM
44
huawei
huawei

Security Advisory - Out of Bounds Read Vulnerability on Several Smartphones

There is an out of bounds read vulnerability on several smartphones, the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause out of bounds read and...

5.5CVSS

5AI Score

0.001EPSS

2019-08-21 12:00 AM
33
huawei
huawei

Security Advisory - Buffer Overflow Vulnerability on Several Smartphones

There is a buffer overflow vulnerability on several smartphones, the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution....

7.8CVSS

7.8AI Score

0.001EPSS

2019-08-21 12:00 AM
37
cve
cve

CVE-2019-9506

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary...

8.1CVSS

8.8AI Score

0.001EPSS

2019-08-14 05:15 PM
402
3
prion
prion

Code injection

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary...

8.1CVSS

8.5AI Score

0.001EPSS

2019-08-14 05:15 PM
14
huawei
huawei

Two Denial of Service Vulnerabilities on Some Huawei Smartphones

There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause an...

5.3CVSS

5.7AI Score

0.001EPSS

2019-08-14 12:00 AM
64
cve
cve

CVE-2019-5299

Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature verification bypass vulnerability. Attackers can induce users to install malicious applications. Due to a defect in the signature verification logic, the malicious applications can invoke specific...

7.8CVSS

7.7AI Score

0.001EPSS

2019-08-13 09:15 PM
25
nvd
nvd

CVE-2019-5236

Huawei smart phones Emily-L29C with versions of 8.1.0.132a(C432), 8.1.0.135(C782), 8.1.0.154(C10), 8.1.0.154(C461), 8.1.0.154(C635), 8.1.0.156(C185), 8.1.0.156(C605), 8.1.0.159(C636) have a double free vulnerability. An attacker can trick a user to click a URL to exploit this vulnerability....

6.3CVSS

6.3AI Score

0.001EPSS

2019-08-08 05:15 PM
cve
cve

CVE-2019-5236

Huawei smart phones Emily-L29C with versions of 8.1.0.132a(C432), 8.1.0.135(C782), 8.1.0.154(C10), 8.1.0.154(C461), 8.1.0.154(C635), 8.1.0.156(C185), 8.1.0.156(C605), 8.1.0.159(C636) have a double free vulnerability. An attacker can trick a user to click a URL to exploit this vulnerability....

6.3CVSS

6.2AI Score

0.001EPSS

2019-08-08 05:15 PM
25
prion
prion

Double free

Huawei smart phones Emily-L29C with versions of 8.1.0.132a(C432), 8.1.0.135(C782), 8.1.0.154(C10), 8.1.0.154(C461), 8.1.0.154(C635), 8.1.0.156(C185), 8.1.0.156(C605), 8.1.0.159(C636) have a double free vulnerability. An attacker can trick a user to click a URL to exploit this vulnerability....

6.3CVSS

6.2AI Score

0.001EPSS

2019-08-08 05:15 PM
1
cvelist
cvelist

CVE-2019-5236

Huawei smart phones Emily-L29C with versions of 8.1.0.132a(C432), 8.1.0.135(C782), 8.1.0.154(C10), 8.1.0.154(C461), 8.1.0.154(C635), 8.1.0.156(C185), 8.1.0.156(C605), 8.1.0.159(C636) have a double free vulnerability. An attacker can trick a user to click a URL to exploit this vulnerability....

6.3AI Score

0.001EPSS

2019-08-08 04:26 PM
atlassian
atlassian

Macro browser breaks https secure connection

h3. Issue Summary Macro browser loads http insecure resources including a data:image/png and a testing mocking resource [http://example.com/bla-bla-bla] h3. Environment (Optional - If Applicable) * * h3. Steps to Reproduce # Create a page # Open macro browser h3. Expected Results Connection...

-0.1AI Score

2019-08-01 04:01 AM
87
wired
wired

Browser Extensions Scraped Data From Millions of People

Slack passwords, NSO spyware, and more of the week's top security...

1.7AI Score

2019-07-20 01:00 PM
96
nvd
nvd

CVE-2019-5222

There is an information disclosure vulnerability on Secure Input of certain Huawei smartphones in Versions earlier than Tony-AL00B 9.1.0.216(C00E214R2P1). The Secure Input does not properly limit certain system privilege. An attacker tricks the user to install a malicious application and...

5.5CVSS

5AI Score

0.001EPSS

2019-07-17 10:15 PM
cve
cve

CVE-2019-5222

There is an information disclosure vulnerability on Secure Input of certain Huawei smartphones in Versions earlier than Tony-AL00B 9.1.0.216(C00E214R2P1). The Secure Input does not properly limit certain system privilege. An attacker tricks the user to install a malicious application and...

5.5CVSS

5AI Score

0.001EPSS

2019-07-17 10:15 PM
19
prion
prion

Information disclosure

There is an information disclosure vulnerability on Secure Input of certain Huawei smartphones in Versions earlier than Tony-AL00B 9.1.0.216(C00E214R2P1). The Secure Input does not properly limit certain system privilege. An attacker tricks the user to install a malicious application and...

5.5CVSS

5AI Score

0.001EPSS

2019-07-17 10:15 PM
3
cvelist
cvelist

CVE-2019-5222

There is an information disclosure vulnerability on Secure Input of certain Huawei smartphones in Versions earlier than Tony-AL00B 9.1.0.216(C00E214R2P1). The Secure Input does not properly limit certain system privilege. An attacker tricks the user to install a malicious application and...

5AI Score

0.001EPSS

2019-07-17 09:38 PM
huawei
huawei

Security Advisory - Information Disclosure Vulnerability on Secure Input

There is an information disclosure vulnerability on Secure Input of certain Huawei smartphones. The Secure Input does not properly limit certain system privilege, an attacker tricks the user to install a malicious application, successful exploit could result in information disclosure....

5.5CVSS

4.8AI Score

0.001EPSS

2019-07-17 12:00 AM
200
wired
wired

Palantir Manual Shows How Law Enforcement Tracks Families

An Apple Watch bug, a hackable hair straightener, and more security news this...

1AI Score

2019-07-13 01:00 PM
155
nvd
nvd

CVE-2019-5220

There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step of setup wizard. Successful exploit could allow the attacker bypass the FRP protection. Affected...

4.6CVSS

4.7AI Score

0.001EPSS

2019-07-10 06:15 PM
1
cve
cve

CVE-2019-5220

There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step of setup wizard. Successful exploit could allow the attacker bypass the FRP protection. Affected...

4.6CVSS

4.7AI Score

0.001EPSS

2019-07-10 06:15 PM
110
prion
prion

Design/Logic Flaw

There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step of setup wizard. Successful exploit could allow the attacker bypass the FRP protection. Affected...

4.6CVSS

4.7AI Score

0.001EPSS

2019-07-10 06:15 PM
4
cvelist
cvelist

CVE-2019-5220

There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step of setup wizard. Successful exploit could allow the attacker bypass the FRP protection. Affected...

4.7AI Score

0.001EPSS

2019-07-10 05:38 PM
huawei
huawei

Security Advisory - FRP Bypass Vulnerability on Several Smartphones

There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step of setup wizard. Successful exploit could allow the attacker bypass the FRP protection....

4.6CVSS

4.9AI Score

0.001EPSS

2019-06-26 12:00 AM
168
wired
wired

Hackers Used Two Firefox Zero Days to Hit a Crypto Exchange

A ransomware haul, a border security leak, and more of the week's top security...

7AI Score

2019-06-22 01:00 PM
170
wired
wired

Security News This Week: Telegram Says China Is Behind DDoS

Voting machine security gets a boost, Have I Been Pwned is for sale, and more of the week's top security...

7AI Score

2019-06-15 01:00 PM
174
cve
cve

CVE-2019-5305

The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159(C185) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a...

5.5CVSS

5.5AI Score

0.001EPSS

2019-06-06 03:29 PM
48
cve
cve

CVE-2019-5216

There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8), Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8) and Honor Play smartphones versions earlier than Cornell-AL00A...

7CVSS

6.8AI Score

0.001EPSS

2019-06-06 03:29 PM
53
nvd
nvd

CVE-2019-5214

There is a use after free vulnerability on certain driver component in Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.167(C00E85R2P20T8). An attacker tricks the user into installing a malicious application, which make the software to reference memory after it has been freed....

5.5CVSS

5.5AI Score

0.001EPSS

2019-06-06 03:29 PM
nvd
nvd

CVE-2019-5216

There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8), Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8) and Honor Play smartphones versions earlier than Cornell-AL00A...

7CVSS

6.8AI Score

0.001EPSS

2019-06-06 03:29 PM
1
nvd
nvd

CVE-2019-5305

The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159(C185) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a...

5.5CVSS

5.5AI Score

0.001EPSS

2019-06-06 03:29 PM
cve
cve

CVE-2019-5214

There is a use after free vulnerability on certain driver component in Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.167(C00E85R2P20T8). An attacker tricks the user into installing a malicious application, which make the software to reference memory after it has been freed....

5.5CVSS

5.5AI Score

0.001EPSS

2019-06-06 03:29 PM
43
nvd
nvd

CVE-2019-5219

There is a double free vulnerability on certain drivers of Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.181(C00E87R2P20T8). An attacker tricks the user into installing a malicious application, which makes multiple processes operate the same resource at the same time. Successful.....

5.5CVSS

5.5AI Score

0.001EPSS

2019-06-06 03:29 PM
cve
cve

CVE-2019-5219

There is a double free vulnerability on certain drivers of Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.181(C00E87R2P20T8). An attacker tricks the user into installing a malicious application, which makes multiple processes operate the same resource at the same time. Successful.....

5.5CVSS

5.5AI Score

0.001EPSS

2019-06-06 03:29 PM
62
prion
prion

Double free

The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159(C185) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a...

5.5CVSS

5.5AI Score

0.001EPSS

2019-06-06 03:29 PM
6
prion
prion

Design/Logic Flaw

There is a use after free vulnerability on certain driver component in Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.167(C00E85R2P20T8). An attacker tricks the user into installing a malicious application, which make the software to reference memory after it has been freed....

5.5CVSS

5.5AI Score

0.001EPSS

2019-06-06 03:29 PM
6
prion
prion

Race condition

There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8), Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8) and Honor Play smartphones versions earlier than Cornell-AL00A...

7CVSS

6.7AI Score

0.001EPSS

2019-06-06 03:29 PM
4
prion
prion

Double free

There is a double free vulnerability on certain drivers of Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.181(C00E87R2P20T8). An attacker tricks the user into installing a malicious application, which makes multiple processes operate the same resource at the same time. Successful.....

5.5CVSS

5.4AI Score

0.001EPSS

2019-06-06 03:29 PM
3
cvelist
cvelist

CVE-2019-5219

There is a double free vulnerability on certain drivers of Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.181(C00E87R2P20T8). An attacker tricks the user into installing a malicious application, which makes multiple processes operate the same resource at the same time. Successful.....

5.5AI Score

0.001EPSS

2019-06-06 02:41 PM
cvelist
cvelist

CVE-2019-5305

The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159(C185) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a...

5.5AI Score

0.001EPSS

2019-06-06 02:35 PM
Total number of security vulnerabilities2152