There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device.....
5.3CVSS
4.6AI Score
0.001EPSS
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device.....
6.3AI Score
0.001EPSS
There are two denial of service vulnerabilities on some Huawei smartphones. An attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices. Due to insufficient input validation of two values when parsing the messages, successful exploit may cause device.....
4.4AI Score
0.001EPSS
Huawei smartphones Taurus-AL00B with versions earlier than 10.0.0.205(C00E201R7P2) have an improper authentication vulnerability. The software insufficiently validate the user's identity when a user wants to do certain operation. An attacker can trick user into installing a malicious application...
5.5CVSS
5.2AI Score
0.001EPSS
Huawei smartphones Taurus-AL00B with versions earlier than 10.0.0.205(C00E201R7P2) have an improper authentication vulnerability. The software insufficiently validate the user's identity when a user wants to do certain operation. An attacker can trick user into installing a malicious application...
5.5CVSS
5.2AI Score
0.001EPSS
Huawei smartphones Taurus-AL00B with versions earlier than 10.0.0.205(C00E201R7P2) have an improper authentication vulnerability. The software insufficiently validate the user's identity when a user wants to do certain operation. An attacker can trick user into installing a malicious application...
5.5CVSS
5.2AI Score
0.001EPSS
Huawei smartphones Taurus-AL00B with versions earlier than 10.0.0.205(C00E201R7P2) have an improper authentication vulnerability. The software insufficiently validate the user's identity when a user wants to do certain operation. An attacker can trick user into installing a malicious application...
5.3AI Score
0.001EPSS
Security Advisory - Improper Authentication Vulnerability in Several Smartphones
There is an improper authentication vulnerability in several smartphones. Certain function interface in the system does not sufficiently validate the caller's identity in certain share scenario, successful exploit could cause information disclosure. (Vulnerability ID: HWPSIRT-2020-01073) This...
5.5CVSS
5.3AI Score
0.001EPSS
3esafety.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1132801 Security Researcher geeknik Helped patch 8908 vulnerabilities Received 8 Coordinated Disclosure badges Received 21 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting 3esafety.com website and...
0.2AI Score
archersgear.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1131411 Security Researcher DakkarKey Helped patch 407 vulnerabilities Received 6 Coordinated Disclosure badges Received 14 recommendations , a holder of 6 badges for responsible and coordinated disclosure, found a security vulnerability affecting archersgear.com website...
0.2AI Score
Welcoming a more diverse workforce into cybersecurity: expanding the pipeline
Despite much focus on increasing the number of women in cybersecurity, as an industry we are still falling short. For many companies the problem starts with the tech pipeline—there just aren’t enough resumes from qualified female candidates. But I think the real problem is that our definition of...
-0.7AI Score
tri-lakesrv.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1129382 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
0.7AI Score
alp-bnb.ch Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1126310 Security Researcher g0bl1nsec Helped patch 3768 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting alp-bnb.ch website and...
0.1AI Score
Huawei smart phone Taurus-AL00B with versions earlier than 10.0.0.203(C00E201R7P2) have a use-after-free (UAF) vulnerability. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may tamper with the information to affect the...
5.5CVSS
5.3AI Score
0.0004EPSS
Huawei smart phone Taurus-AL00B with versions earlier than 10.0.0.203(C00E201R7P2) have a use-after-free (UAF) vulnerability. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may tamper with the information to affect the...
5.5CVSS
5.3AI Score
0.0004EPSS
Huawei smart phone Taurus-AL00B with versions earlier than 10.0.0.203(C00E201R7P2) have a use-after-free (UAF) vulnerability. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may tamper with the information to affect the...
5.5CVSS
5.3AI Score
0.0004EPSS
Huawei smart phone Taurus-AL00B with versions earlier than 10.0.0.203(C00E201R7P2) have a use-after-free (UAF) vulnerability. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may tamper with the information to affect the...
5.3AI Score
0.0004EPSS
Security Advisory - Use-after-free Vulnerability in Some Huawei Smart Phone
There is a use-after-free (UAF) vulnerability in some Huawei smart phone. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may tamper with the information to affect the availability. (Vulnerability ID: HWPSIRT-2019-12405) This.....
5.5CVSS
5.2AI Score
0.0004EPSS
dienthoaivivo.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1123170 Security Researcher g0bl1nsec Helped patch 3768 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting dienthoaivivo.com website.....
0.1AI Score
Security Advisory - Improper Authentication Vulnerability in Several Smartphones
There is an improper authentication vulnerability in several smartphones. The applock does not perform a sufficient authentication in certain scenarios, successful exploit could allow the attacker to gain certain data of the application which is locked. (Vulnerability ID: HWPSIRT-2019-12128 and...
4.6CVSS
5.7AI Score
0.001EPSS
Security Advisory - Information Leakage Vulnerability in Motion Sensor
Motion sensor in some Huawei smart phones has an information leakage vulnerability. An attacker may exploit this vulnerability to obtain specific information from the motion sensor through an APP installed on the smart phone and track the user. Successful exploit may cause information leak....
3.3CVSS
6.3AI Score
0.0004EPSS
remodelingtips.org Cross Site Scripting vulnerability
Security Researcher geeknik Helped patch 8544 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting remodelingtips.org website and its users. Following...
0.2AI Score
feriasbrasil.com.br Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1093642 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
AI Score
Security Advisory - Improper Authorization Vulnerability in Several Huawei Smart Phones
Some Huawei mobile phones have an improper authorization vulnerability. Due to improper authorization of some function, attackers can bypass the authorization to perform some operations. (Vulnerability ID: HWPSIRT-2019-08002) This vulnerability has been assigned a Common Vulnerabilities and...
4.6CVSS
5.1AI Score
0.001EPSS
Security Advisory - FragmentSmack Vulnerability in Linux Kernel
Products Switches Routers WLAN Storage See All Solutions Cloud Data Center Enterprise Networking Intelligent Computing Solutions by Industry See All Services Training and Certification Industry Cloud Enablement Service Improvement Service Customer Support Service See All Partner Find a Partner...
7.5CVSS
1.8AI Score
0.016EPSS
Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones
There is a Factory Reset Protection (FRP) bypass security vulnerability in some Huawei smart phones. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. As.....
4.6CVSS
5AI Score
0.001EPSS
Security Advisory - Page-Cache Side-Channel Vulnerability
There is a vlunerability in the mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13. An attacker could exploit this vulnerability to conduct a page-cache side-channel attack, allowing the attacker to view page-cache access patterns of other processes on the system. A...
5.5CVSS
6.4AI Score
0.0004EPSS
vandamrhenen.nl Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1062228 Security Researcher Hackerclaus Helped patch 69 vulnerabilities Received 3 Coordinated Disclosure badges Received 1 recommendations , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affecting vandamrhenen.nl website...
0.1AI Score
samuraibuyer.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1059840 Security Researcher passc0de Helped patch 22 vulnerabilities Received 1 Coordinated Disclosure badges , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting samuraibuyer.com website and its users. Following...
0.3AI Score
Security Advisory - Denial of Service Vulnerability in Several Smartphones
There is a denial of service vulnerability in several smartphones. The system does not properly check the status of certain module during certain operations, an attacker should trick the user into installing a malicious application, successful exploit could cause reboot of the smartphone....
5.5CVSS
5.3AI Score
0.001EPSS
Security Advisory - Integer Overflow Vulnerability in the Linux Kernel (SACK Panic)
An integer overflow vulnerability was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. A remote attacker could use this to cause a denial of service. (Vulnerability ID: HWPSIRT-2019-06130) This vulnerability has been assigned a Common....
7.5CVSS
1.7AI Score
0.972EPSS
Security Advisory - Insufficient Input Validation Vulnerability in Some Huawei Products
There is an insufficient input validation vulnerability in some Huawei products. Due to incorrect input validation logic, a high-privilege attacker should bypass the device security detection mechanism, then modify the memory of the device by doing a series of operations. Successful exploit may...
9.8CVSS
8.9AI Score
0.002EPSS
agorasecuritestrasbourg.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1048875 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
0.7AI Score
Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone...
8.8CVSS
8.8AI Score
0.001EPSS
Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone...
8.8CVSS
8.6AI Score
0.001EPSS
Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone...
8.8CVSS
8.7AI Score
0.001EPSS
Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C00E220R2P1) have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone...
8.8AI Score
0.001EPSS
estory.io Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1047377 Security Researcher devl00p Helped patch 2581 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting estory.io website and...
0.1AI Score
torrentz2eu.in Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1045566 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
-0.2AI Score
gear4music.se Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1043779 Security Researcher metamorfosec Helped patch 1963 vulnerabilities Received 9 Coordinated Disclosure badges Received 31 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting gear4music.se website.....
0.3AI Score
Security Advisory - Buffer Overflow Vulnerability in Some Huawei Smart Phones
There is a buffer overflow vulnerability in some Huawei smart phones. An attacker may intercept and tamper with the packet in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal. (Vulnerability ID: HWPSIRT-2019-09447) This...
8.8CVSS
8.2AI Score
0.001EPSS
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be...
5.3CVSS
5.2AI Score
0.001EPSS
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be...
5.3CVSS
5.2AI Score
0.001EPSS
Security Advisory - Information Disclosure Vulnerability in Several Smartphones
There is an information disclosure vulnerability in certain Huawei smartphones. The software does not properly handle certain information of application locked by applock in a rare condition, successful exploit could cause information disclosure. (Vulnerability ID: HWPSIRT-2018-08142) This...
4.6CVSS
4.4AI Score
0.001EPSS
Security Advisory - Denial of Service Vulnerability on Some Huawei Smartphones
There is a denial of service vulnerability on some Huawei smartphones. Due to insufficient input validation of specific value when parsing the messages, an attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices to exploit this vulnerability....
6.5CVSS
6.1AI Score
0.001EPSS
-0.6AI Score
7.4AI Score
-0.3AI Score
Security Advisory - Improper Authentication Vulnerability in Smartphones
There is an improper authentication vulnerability in smartphones. The applock does not perform a sufficient authentication in a rare condition, successful exploit could allow the attacker to use the application locked by applock in an instant. (Vulnerability ID: HWPSIRT-2019-04103) This...
3.5CVSS
4.7AI Score
0.001EPSS
Security Advisory - Path Traversal Vulnerability in Several Smartphones
There is a path traversal vulnerability in several smartphones. The system does not sufficiently validate certain pathname from the application, an attacker should trick the user into installing, backing up and restoring a malicious application, successful exploit could cause information...
5.5CVSS
5.1AI Score
0.001EPSS