Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones
There is Factory Reset Protection (FRP) bypass security vulnerability in some Huawei smart phones. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Gaode Map and can perform some operations to update the Google.....
4.6CVSS
4.9AI Score
0.001EPSS
16-Year-Old Teen Hacked Apple Servers, Stole 90GB of Secure Files
Well, there's something quite embarrassing for Apple fans. Though Apple servers are widely believed to be unhackable, a 16-year-old high school student proved that nothing is impossible. The teenager from Melbourne, Australia, managed to break into Apple servers and downloaded some 90GB of...
AI Score
HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulnerability on mediaserver component. An attacker tricks the user install a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause...
7.8CVSS
7.7AI Score
0.001EPSS
Huawei smartphones with software Victoria-AL00 8.0.0.336a(C00) have an information leakage vulnerability. Because an interface does not verify authorization correctly, attackers can exploit an application with the authorization of phone state to obtain user location...
3.3CVSS
4AI Score
0.0004EPSS
HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulnerability on mediaserver component. An attacker tricks the user install a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause...
7.8CVSS
7.8AI Score
0.001EPSS
Huawei smartphones with software Victoria-AL00 8.0.0.336a(C00) have an information leakage vulnerability. Because an interface does not verify authorization correctly, attackers can exploit an application with the authorization of phone state to obtain user location...
3.3CVSS
3.8AI Score
0.0004EPSS
Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific....
3.9CVSS
4.4AI Score
0.0004EPSS
Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific....
3.9CVSS
4.3AI Score
0.0004EPSS
Huawei smartphones with software Victoria-AL00 8.0.0.336a(C00) have an information leakage vulnerability. Because an interface does not verify authorization correctly, attackers can exploit an application with the authorization of phone state to obtain user location...
3.3CVSS
3.8AI Score
0.0004EPSS
HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulnerability on mediaserver component. An attacker tricks the user install a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause...
7.8CVSS
7.7AI Score
0.001EPSS
Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific....
3.9CVSS
4.3AI Score
0.0004EPSS
HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulnerability on mediaserver component. An attacker tricks the user install a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause...
7.8AI Score
0.001EPSS
Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific....
4.3AI Score
0.0004EPSS
Huawei smartphones with software Victoria-AL00 8.0.0.336a(C00) have an information leakage vulnerability. Because an interface does not verify authorization correctly, attackers can exploit an application with the authorization of phone state to obtain user location...
3.8AI Score
0.0004EPSS
Security Advisory - Authentication Bypass Vulnerability in Some Huawei Mobile Phones
There is an authentication bypass vulnerability in some Huawei mobile phones. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific function. Successful exploit may cause some....
3.9CVSS
4.7AI Score
0.0004EPSS
Security Advisory - Use After Free Vulnerability on Smartphone
There is a use after free vulnerability on mediaserver component in smartphone. An attacker tricks the user install a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause execution of arbitrary code. (Vulnerability ID:...
7.8CVSS
7.6AI Score
0.001EPSS
Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. An attacker gets some user's smart phone and performs some special operations in the guide function. The attacker may exploit the vulnerability to...
6.8CVSS
6.5AI Score
0.001EPSS
Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. An attacker gets some user's smart phone and performs some special operations in the guide function. The attacker may exploit the vulnerability to...
6.8CVSS
6.5AI Score
0.001EPSS
Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. An attacker gets some user's smart phone and performs some special operations in the guide function. The attacker may exploit the vulnerability to...
6.8CVSS
6.5AI Score
0.001EPSS
Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. An attacker gets some user's smart phone and performs some special operations in the guide function. The attacker may exploit the vulnerability to...
6.5AI Score
0.001EPSS
Security Advisory - Information Leakage Vulnerability on Huawei Smart Phone
There is an information leakage vulnerability. Because an interface does not verify authorization correctly, attackers can exploit an application with the authorization of phone state to obtain user location additionally. (Vulnerability ID: HWPSIRT-2018-03117) This vulnerability has been assigned.....
3.3CVSS
4.1AI Score
0.0004EPSS
Security Advisory - FRP Bypass Vulnerability in Some Huawei Smart Phones
There is Factory Reset Protection (FRP) bypass vulnerability in some Huawei smart phones. An attacker gets some user's smart phone and performs some special operations in the guide function. The attacker may exploit the vulnerability to bypass FRP function and use the phone normally....
6.8CVSS
6.4AI Score
0.001EPSS
Threat Outbreak Alert RuleID32929: Email Messages Distributing Malicious Software on June 11, 2018
Medium Alert ID: 58146 First Published: 2018 June 11 21:02 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID32929) may contain the following...
0.5AI Score
Some Huawei smart phones with the versions before Berlin-L21HNC185B381; the versions before Prague-AL00AC00B223; the versions before Prague-AL00BC00B223; the versions before Prague-AL00CC00B223; the versions before Prague-L31C432B208; the versions before Prague-TL00AC01B223; the versions before...
4.6CVSS
4.7AI Score
0.001EPSS
Security Advisory - Information Exposure Vulnerability in Some Smart Phones
There is an information exposure vulnerability in some Huawei smart phones. When the user's smart phone connects to the malicious device for charging, an unauthenticated attacker may activate some specific function by sending some specially crafted messages. Due to insufficient input validation of....
4.6CVSS
5AI Score
0.001EPSS
More industry awards for our portfolio
Wallarm is pleased to have been selected as a finalist in the Cyber Security Startup of the Year and Innovative Product of the Year- Cloud Based categories for the 2018 Cyber Security Awards. The Cyber Security Awards were established in 2014, to reward the best individuals, teams and companies...
-0.4AI Score
Metamorfo Campaigns Targeting Brazilian Users
FireEye Labs recently identified several widespread malspam (malware spam) campaigns targeting Brazilian companies with the goal of delivering banking Trojans. We are referring to these campaigns as Metamorfo. Across the stages of these campaigns, we have observed the use of several tactics and...
7.3AI Score
Metamorfo Campaigns Targeting Brazilian Users
FireEye Labs recently identified several widespread malspam (malware spam) campaigns targeting Brazilian companies with the goal of delivering banking Trojans. We are referring to these campaigns as Metamorfo. Across the stages of these campaigns, we have observed the use of several tactics and...
AI Score
urapcenter.org IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-594582 Description| Value ---|--- Affected Website:| urapcenter.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
AI Score
The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow...
7.8CVSS
7.9AI Score
0.001EPSS
Security Advisory - Integer overflow Vulnerability in Bdat Driver of Huawei Smart Phone
The Bdat driver of some Huawei smart phones has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can send a specific parameter to the driver of the smart phone, causing.....
7.8CVSS
7.8AI Score
0.001EPSS
Huawei smartphones with software of MHA-AL00AC00B125 have an integer overflow vulnerability. The software does not process certain variable properly when handle certain process. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could cause...
5.5CVSS
5.3AI Score
0.001EPSS
Huawei smartphones with software of MHA-AL00AC00B125 have an improper resource management vulnerability. The software does not properly manage the resource when do device register operation. An attacker tricks the user who has root privilege to install a crafted application, successful exploit...
5.5CVSS
5.4AI Score
0.001EPSS
scanlanhs.edu XSS vulnerability
Open Bug Bounty ID: OBB-565502 Description| Value ---|--- Affected Website:| scanlanhs.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79 CVSSv3 Score:| 6.1...
6.3AI Score
Some huawei smartphones with software BTV-DL09C233B350, Berlin-L21HNC432B360, Berlin-L22HNC636B360, Berlin-L24HNC567B360, Berlin-L21C10B130, Berlin-L21C185B132, Berlin-L21C464B130, Berlin-L22C346B140, Berlin-L22C636B160, Berlin-L23C605B131, Berlin-L23DOMC109B160, MHA-AL00AC00B125 have a DoS...
5.5CVSS
5.6AI Score
0.001EPSS
Some Huawei smart phones with software of NXT-AL10C00B386, NXT-CL00C92B386, NXT-DL00C17B386, NXT-TL00C01B386SP01, NTS-AL00C00B535 have a DoS vulnerability due to insufficient input validation. An unauthenticated attacker could send malformed System Information(SI) messages to the smart phone...
6.5CVSS
6.4AI Score
0.001EPSS
Huawei smartphones with software of TAG-AL00C92B168 have an information disclosure vulnerability. An attacker tricks the user to install a crafted application, this application simulate click action to back up data in a non-encrypted way using an Android assist function. Successful exploit could...
5.5CVSS
5AI Score
0.001EPSS
The Flp Driver in some Huawei smartphones of the software Vicky-AL00AC00B124D, Vicky-AL00AC00B157D, Vicky-AL00AC00B167 has a double free vulnerability. An attacker can trick a user to install a malicious application which has a high privilege to exploit this vulnerability. Successful exploitation.....
5.5CVSS
5.3AI Score
0.001EPSS
Security Advisory - Fingerprint Unlocking Vulnerability on Smartphones
There is a fingerprint unlocking vulnerability on smartphones. If there are crackles on the fingerprint collector cover, the software would consider and learn the crackles as fingerprint feature when user press his finger on the cover to unlock the phone. So after lots of normal fingerprint...
3.7CVSS
4.4AI Score
0.001EPSS
Security Advisory - DoS Vulnerability in Some Huawei Products
There is a DoS vulnerability in some Huawei products. Due to insufficient input validation, an attacker could trick a user to execute a malicious application, which could be exploited by attacker to launch DoS attacks. (Vulnerability ID: HWPSIRT-2017-05107) This vulnerability has been assigned a...
5.5CVSS
5.7AI Score
0.001EPSS
The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B 8.0.0.334(C00), and before LON-AL00B 8.0.0.334(C00) have a stack overflow vulnerability due to the lack of...
8.8CVSS
8.9AI Score
0.009EPSS
The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B 8.0.0.334(C00), and before LON-AL00B 8.0.0.334(C00) have a stack overflow vulnerability due to the lack of...
8.8CVSS
9AI Score
0.009EPSS
The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B 8.0.0.334(C00), and before LON-AL00B 8.0.0.334(C00) have a stack overflow vulnerability due to the lack of...
8.8CVSS
9AI Score
0.009EPSS
Security Advisory - DoS Vulnerability in Some Huawei Smart Phones
Some Huawei smart phones have a DoS vulnerability due to insufficient input validation. An unauthenticated attacker could send malformed System Information(SI) messages to the smart phone within radio range by special wireless device. Successful exploit could make the smart phone restart....
6.5CVSS
6.3AI Score
0.001EPSS
Security Advisory - Integer Overflow Vulnerability on Smartphones
There is an integer overflow vulnerability on smartphones. The software does not process certain variable properly when handle certain process. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could cause information disclosure. (Vulnerability....
5.5CVSS
5.4AI Score
0.001EPSS
Security Advisory - Improper Resource Management Vulnerability on Huawei Smartphones
There is an improper resource management vulnerability on Huawei smartphones. The software does not properly manage the resource when do device register operation. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could cause certain service...
5.5CVSS
5.4AI Score
0.001EPSS
Security Advisory - Information Disclosure Vulnerability on Huawei Smartphones
There is an information disclosure vulnerability on Huawei smartphones. An attacker tricks the user to install a crafted application, this application simulate click action to back up data in a non-encrypted way using an Android assist function. Successful exploit could result in information...
5.5CVSS
4.7AI Score
0.001EPSS
Security Advisory - Double Free Vulnerability in Flp Driver of Some Huawei Smart Phones
The Flp Driver of some Huawei smart phones has a double free vulnerability. An attacker can trick a user to install a malicious application which has a high privilege to exploit this vulnerability. Successful exploitation may cause denial of service (DoS) attack. (Vulnerability ID:...
5.5CVSS
5.4AI Score
0.001EPSS
Kaspersky Security Bulletin: Story of the year 2017
Download the Kaspersky Security Bulletin: Story of the year 2017 Introduction: what we learned in 2017 In 2017, the ransomware threat suddenly and spectacularly evolved. Three unprecedented outbreaks transformed the landscape for ransomware, probably forever. The attacks targeted businesses and...
6.9AI Score
The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B 8.0.0.334(C00), and before LON-AL00B 8.0.0.334(C00) have a stack overflow vulnerability due to the lack of...
9AI Score
0.009EPSS