There is a race condition vulnerability on Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.156(C00E156R2P14T8), Honor 10 smartphones versions earlier than Columbia-AL10B 9.0.0.156(C00E156R1P20T8) and Honor Play smartphones versions earlier than Cornell-AL00A...
6.8AI Score
0.001EPSS
There is a use after free vulnerability on certain driver component in Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.167(C00E85R2P20T8). An attacker tricks the user into installing a malicious application, which make the software to reference memory after it has been freed....
5.5AI Score
0.001EPSS
There is Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions earlier than Emily-AL00A 9.0.0.167 (C00E81R1P21T8). When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Talkback mode and can...
4.6CVSS
4.7AI Score
0.001EPSS
Emily-L29C Huawei phones versions earlier than 9.0.0.159 (C185E2R1P12T8) have a Factory Reset Protection (FRP) bypass security vulnerability. Before the FRP account is verified and activated during the reset process, the attacker can perform some special operations to bypass the FRP function and...
4.6CVSS
4.7AI Score
0.001EPSS
Emily-L29C Huawei phones versions earlier than 9.0.0.159 (C185E2R1P12T8) have a Factory Reset Protection (FRP) bypass security vulnerability. Before the FRP account is verified and activated during the reset process, the attacker can perform some special operations to bypass the FRP function and...
4.6CVSS
4.7AI Score
0.001EPSS
There is Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions earlier than Emily-AL00A 9.0.0.167 (C00E81R1P21T8). When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Talkback mode and can...
4.6CVSS
4.7AI Score
0.001EPSS
There is a DoS vulnerability in RTSP module of Leland-AL00A Huawei smart phones versions earlier than Leland-AL00A 9.1.0.111(C00E111R2P10T8). Remote attackers could trick the user into opening a malformed RTSP media stream to exploit this vulnerability. Successful exploit could cause the affected.....
6.5CVSS
6.3AI Score
0.002EPSS
There is a DoS vulnerability in RTSP module of Leland-AL00A Huawei smart phones versions earlier than Leland-AL00A 9.1.0.111(C00E111R2P10T8). Remote attackers could trick the user into opening a malformed RTSP media stream to exploit this vulnerability. Successful exploit could cause the affected.....
6.5CVSS
6.4AI Score
0.002EPSS
There is a DoS vulnerability in RTSP module of Leland-AL00A Huawei smart phones versions earlier than Leland-AL00A 9.1.0.111(C00E111R2P10T8). Remote attackers could trick the user into opening a malformed RTSP media stream to exploit this vulnerability. Successful exploit could cause the affected.....
6.5CVSS
6.3AI Score
0.002EPSS
Emily-L29C Huawei phones versions earlier than 9.0.0.159 (C185E2R1P12T8) have a Factory Reset Protection (FRP) bypass security vulnerability. Before the FRP account is verified and activated during the reset process, the attacker can perform some special operations to bypass the FRP function and...
4.6CVSS
4.7AI Score
0.001EPSS
There is Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions earlier than Emily-AL00A 9.0.0.167 (C00E81R1P21T8). When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Talkback mode and can...
4.6CVSS
4.7AI Score
0.001EPSS
There is a DoS vulnerability in RTSP module of Leland-AL00A Huawei smart phones versions earlier than Leland-AL00A 9.1.0.111(C00E111R2P10T8). Remote attackers could trick the user into opening a malformed RTSP media stream to exploit this vulnerability. Successful exploit could cause the affected.....
6.4AI Score
0.002EPSS
There is Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions earlier than Emily-AL00A 9.0.0.167 (C00E81R1P21T8). When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Talkback mode and can...
4.7AI Score
0.001EPSS
There is a Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions before Emily-AL00A 9.0.0.167(C00E81R1P21T8). When re-configuring the mobile phone using the FRP function, an attacker can delete the activation lock after a series of operations. As a...
4.6CVSS
4.7AI Score
0.001EPSS
There is a Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions before Emily-AL00A 9.0.0.167(C00E81R1P21T8). When re-configuring the mobile phone using the FRP function, an attacker can delete the activation lock after a series of operations. As a...
4.6CVSS
4.7AI Score
0.001EPSS
There is a Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions before Emily-AL00A 9.0.0.167(C00E81R1P21T8). When re-configuring the mobile phone using the FRP function, an attacker can delete the activation lock after a series of operations. As a...
4.6CVSS
4.7AI Score
0.001EPSS
Emily-L29C Huawei phones versions earlier than 9.0.0.159 (C185E2R1P12T8) have a Factory Reset Protection (FRP) bypass security vulnerability. Before the FRP account is verified and activated during the reset process, the attacker can perform some special operations to bypass the FRP function and...
4.7AI Score
0.001EPSS
There is a Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions before Emily-AL00A 9.0.0.167(C00E81R1P21T8). When re-configuring the mobile phone using the FRP function, an attacker can delete the activation lock after a series of operations. As a...
4.7AI Score
0.001EPSS
Security News This Week: A Teen Waltzed Into Mar-a-Lago
Google's ad-blocking backlash, a privacy lawsuit against Apple, and more of the week's top security...
0.9AI Score
In August 2018, FireEye Threat Intelligence released a report exposing what we assessed to be an Iranian influence operation leveraging networks of inauthentic news sites and social media accounts aimed at audiences around the world. We identified inauthentic social media accounts posing as...
0.2AI Score
Snapchat Employees Reportedly Spied on Private Snaps
Baltimore ransomware, a Trump golf hack, and more of the week's top security...
1.2AI Score
Security Advisory - DoS Vulnerability in RTSP Module of Huawei Smart Phones
There is a DoS vulnerability in RTSP module of some Huawei smart phones. Remote attacker could trick the user into opening a malformed RTSP media stream to exploit this vulnerability. Successful exploit could cause the affected phone abnormal, leading to a DoS condition. (Vulnerability ID:...
6.5CVSS
6.2AI Score
0.002EPSS
Security Advisory - MITM Vulnerability on Huawei Share
There is a man-in-the-middle(MITM) vulnerability on Huawei Share of certain smartphones. When users establish connection and transfer data through Huawei Share, an attacker could sniffer, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle...
6.8CVSS
6AI Score
0.001EPSS
Putin Will Put Russia Behind an Internet Curtain
Hacking big companies, building a better voting machine, and more security news this...
2.7AI Score
Hackers Found a Freaky New Way to Kill Your Car
Mueller report fallout, a biometrics database, and more of the week's top security...
1.8AI Score
Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones
There is Factory Reset Protection (FRP) bypass security vulnerability in some Huawei smart phones. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Talkback mode and can perform some operations to access the setting page. As a...
4.6CVSS
4.9AI Score
0.001EPSS
Trump’s Homeland Security Purge Worries Cybersecurity Experts
A leadership void at DHS means the White House is calling the shots where it wants to, cybersecurity experts warn, and other agencies can muscle in where it...
1.4AI Score
Facebook Won't Stop Being Sketchy, and More Security News This Week
Plus: Mar-a-Lago mishaps, Airbnb's creepy camera problem, tax-season phishing scams, and...
1.7AI Score
Google Play Store’s Malware Problem, and More Security News This Week
Plus, Russia cracks down on VPNs, Microsoft cracks down on Iranian hackers, and more of the week's top security...
3.1AI Score
openSUSE Security Update : the Linux Kernel (openSUSE-2019-597)
The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-5390 aka 'SegmentSmack': A remote attacker even with relatively low bandwidth could have caused lots of CPU usage by triggering the worst case scenario...
7.5CVSS
8.2AI Score
0.783EPSS
How Zello Became a Lifeline for Venezuelans Under Maduro
A dedicated community of Zello moderators uses the voice-chat app to bring news and coordinate aid amid the country's political and economic...
3AI Score
Kushner Used WhatsApp, a Very Bad Database Leak, and More Security News This Week
The president's daughter and son-in-law used private messaging against the rules, and more security news this...
0.3AI Score
Security Advisory - Signature Verification Bypass Vulnerability in Some Huawei Mobile Phones
Some Huawei mobile phones have a signature verification bypass vulnerability. Attackers can induce users to install malicious applications. Due to a defect in the signature verification logic, the malicious applications can invoke specific interface to execute malicious code. A successful exploit.....
7.8CVSS
7.6AI Score
0.001EPSS
US Tracks Journalists, Chelsea Manning Goes to Jail, and More Security News This Week
A surprisingly common password, an NSA spy program winds down, and more security news this...
2AI Score
Security Advisory - FRP Bypass Vulnerability on Some Huawei Smartphones
Some Huawei phones have a Factory Reset Protection (FRP) bypass security vulnerability. Before the FRP account is verified and activated during the reset process, the attacker can perform some special operations to bypass the FRP function and obtain the right to use the mobile phone....
4.6CVSS
4.9AI Score
0.001EPSS
Trump's North Korea Summit Inspires Spearphishing
Plus: cryptocurrency dust problems for #DeleteCoinbase, leaked financial watch lists, and more of the week's top security...
2.5AI Score
Security Advisory - FRP Bypass Vulnerability on Some Huawei Smartphones
There is a Factory Reset Protection (FRP) bypass security vulnerability in some Huawei smart phones. When re-configuring the mobile phone using the FRP function, an attacker can delete the activation lock after a series of operation, As a result, the FRP function is bypassed and the attacker gains....
4.6CVSS
4.9AI Score
0.001EPSS
Security Advisory - Double Free Vulnerability on Bastet Module of Some Huawei Smartphones
There is a double free vulnerability on Bastet module of some Huawei smartphones. An attacker tricks the user into installing a malicious application, which frees on the same memory address twice. Successful exploit could result in malicious code execution. (Vulnerability ID: HWPSIRT-2018-12500)...
7.8CVSS
7.5AI Score
0.001EPSS
Chinese Surveillance, Facebook Tracking, and More Security News This Week
3-D printed rifles, Iran missile hacking, and more of the week's top security...
1.3AI Score
Don’t Get Your Valentine an Internet-Connected Sex Toy
Mozilla expands its “Privacy Not Included” gift guide to the bedroom: It’s all sexy fun and games until someone hacks a WiFi-enabled butt...
1.2AI Score
Google Chrome announces plans to improve URL display, website identity
“Unreadable gobbledygook” is one way to describe URLs today as we know them, and Google has been attempting to redo their look for years. In their latest move to improve how Chrome—and of course, how the company hopes other browsers would follow suit—displays the URL in its omnibox (the address...
-0.7AI Score
Security Advisory - Authorization Bypass Vulnerability on Some Huawei Smartphone
Some Huawei smart phones have an authorization bypass vulnerability. Due to improper authorization implementation logic, attackers can bypass certain authorization scopes of smart phones by performing specific operations. This vulnerability can be exploited to perform operations beyond the scope...
6.4CVSS
6.2AI Score
0.001EPSS
Facebook Hires Up Three of Its Biggest Privacy Critics
Can a trio of privacy advocates effect change from within Facebook—or will they be stifled by corporate...
1.6AI Score
Security Advisory - Double Free Vulnerability on Smartphones
There is a double free vulnerability on certain driver of smartphones. An attacker tricks the user into installing a malicious application, which makes multiple processes to operate the same resource at the same time. Successful exploit could cause a denial of service condition. (Vulnerability ID:....
5.5CVSS
5.5AI Score
0.001EPSS
The image processing module of some Huawei smart phones has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a system crash. (Vulnerability ID:...
5.5CVSS
5.4AI Score
0.001EPSS
A Six Flags Fingerprints Ruling, Supply Chain Hacks, and More Security News This Week
Google's elite security team, police scanner encryption, and more of the week's top security...
0.8AI Score
Carbon Black TAU & ThreatSight Analysis: GandCrab and Ursnif Campaign
Summary (Analysis conducted by Andrew Costis, Cathy Cramer, Emily Miner and Jared Myers.) The Carbon Black ThreatSight team observed an interesting campaign over the last month. ThreatSight worked with the Threat Analysis Unit (TAU) to research the campaign. This report is being released to help...
7.3AI Score
Security Advisory - FragmentSmack Vulnerability in Linux Kernel
There is a DoS vulnerability in the Linux Kernel versions 3.9+ known as a FragmentSmack attack. Remote attackers could send fragmented IPv4 or IPv6 packets to the affected device to trigger time and calculation reassembly algorithms that could consume excessive CPU resources, resulting in a DoS...
7.5CVSS
6.7AI Score
0.016EPSS
Security Advisory - Race Condition Vulnerability on Several Smartphones
There is a race condition vulnerability on certain driver of smartphone. An attacker tricks the user into installing a malicious application, which make multiple processes to operate the same variate at the same time. Successful exploit could cause execution of malicious code. (Vulnerability ID:...
7CVSS
6.6AI Score
0.001EPSS
Ring Security Cam Snooping, Location Tracking, and More Security News This Week
A German hack confession, unencrypted government sites, and more security news this...
7AI Score