Security Advisory - Use after Free Vulnerability in Huawei Product
There is a use after free vulnerability on Huawei smartphones. A module does not deal with specific message properly, which makes a function refer to memory after it has been freed. Attackers can exploit this vulnerability by running a crafted application with common privilege. This would...
5.5CVSS
5.5AI Score
0.001EPSS
There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a...
7.8CVSS
7.9AI Score
0.001EPSS
There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a...
7.8CVSS
7.9AI Score
0.001EPSS
There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a...
7.8CVSS
7.9AI Score
0.001EPSS
Taurus-AL00A version 10.0.0.1(C00E1R1P1) has an out-of-bounds read vulnerability in XFRM module. An authenticated, local attacker may perform a specific operation to exploit this vulnerability. Due to insufficient validation of the parameters, which may be exploited to cause information...
5.5CVSS
5.2AI Score
0.0004EPSS
Taurus-AL00A version 10.0.0.1(C00E1R1P1) has an out-of-bounds read vulnerability in XFRM module. An authenticated, local attacker may perform a specific operation to exploit this vulnerability. Due to insufficient validation of the parameters, which may be exploited to cause information...
5.5CVSS
5.1AI Score
0.0004EPSS
Taurus-AL00A version 10.0.0.1(C00E1R1P1) has an out-of-bounds read vulnerability in XFRM module. An authenticated, local attacker may perform a specific operation to exploit this vulnerability. Due to insufficient validation of the parameters, which may be exploited to cause information...
5.2AI Score
0.0004EPSS
openSUSE Security Update : the Linux Kernel (openSUSE-2020-1655)
The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-25212: Fixed nfs getxattr kernel panic and memory overflow that could lead to crashes or privilege escalations (bsc#1176381). CVE-2020-14381: Fixed...
7.8CVSS
8.1AI Score
0.001EPSS
openSUSE Security Update : the Linux Kernel (openSUSE-2020-1586)
The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-0404: In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local ...
7.8CVSS
8AI Score
EPSS
Security Advisory - Use-after-free Vulnerability in Some Huawei Smart Phone
There is a use-after-free (UAF) vulnerability in some Huawei smart phone. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and make information leak. (Vulnerability ID:...
6.7CVSS
6AI Score
0.0004EPSS
buro247.my Improper Access Control vulnerability OBB-1356280
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence....
0.1AI Score
Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions earlier than 8.0.0.123(C567),versions earlier than 8.0.0.123(C797);BLA-TL00B versions earlier than 8.1.0.326(C01);Berkeley-L09 versions earlier than 8.0.0.163(C10),versions earlier than 8.0.0.163(C432),Versions earlier than...
5.5CVSS
5.4AI Score
0.0004EPSS
Security Advisory - Improper Authorization Vulnerability in some Huawei Smartphones
There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. (Vulnerability ID: HWPSIRT-2019-12144) This vulnerability has....
6.1AI Score
EPSS