WordPress Smart phone field for Gravity Forms plugin <= 2.1.6 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Smart phone field for Gravity Forms versions = 2.1.6...

EUVD-2018-19652

Malware in sbrugna...

EUVD-2019-14893

Malware in sbrugna...

CVE-2020-9065

Huawei smart phone Taurus-AL00B with versions earlier than 10.0.0.203C00E201R7P2 have a use-after-free UAF vulnerability. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may tamper with the information to affect the...

Input validation

There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions 10.0.0.186C10E7R5P1,...

CVE-2021-22327

This CVE (CVE-2021-22327) is associated with Huawei P30 smartphones. The issue is an arbitrary memory write vulnerability that occurs when processing file parsing due to insufficient validation of input files, potentially causing a service abnormality. Affected Huawei P30 variants include multipl...

Security Advisory - Arbitrary Memory Write Vulnerability in Huawei Smart Phone

There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Vulnerability ID: HWPSIRT-2020-04031 This vulnerability has been assigned a Common...

Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer Gang

The leader of Mexicos Green Party has been removed from office following allegations that he received money from a Romanian ATM skimmer gang that stole hundreds of millions of dollars from tourists visiting Mexicos top tourist destinations over the past five years. The scandal is the latest fallo...

Security Advisory - Use-after-free Vulnerability in Some Huawei Smart Phone

There is a use-after-free UAF vulnerability in some Huawei smart phone. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and make information leak. Vulnerability ID:...

Security Advisory - Out-of-Bounds Read Vulnerability in Some Huawei Smart Phone

There is an out-of-bounds read vulnerability in XFRM module of some Huawei smart phone. An authenticated, local attacker may perform a specific operation to exploit this vulnerability. Due to insufficient validation of the parameters, which may be exploited to cause information leak. Vulnerabilit...

Security Advisory - Insufficient Authentication Vulnerabilities in Some Huawei Smart Phone Product

There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the service. Vulnerability ID: HWPSIRT-2019-12302 Th...

Security Advisory - Stack Overflow Vulnerability in Huawei Smart Phone Product

There is a stack overflow vulnerability in some Huawei smart phone. An attacker can craft specific packet to exploit this vulnerability. Due to insufficient verification, this could be exploited to tamper with the information to affect the availability. Vulnerability ID: HWPSIRT-2019-11030 This...

Security Advisory - Use-after-free Vulnerability in Some Huawei Smart Phone

There is a use-after-free UAF vulnerability in some Huawei smart phone. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may tamper with the information to affect the availability. Vulnerability ID: HWPSIRT-2019-12405 This...

Integer overflow

P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193C00E190R2P1 have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs specific parameters ...

CVE-2019-5287

CVE-2019-5287 affects Huawei P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193 (C00E190R2P1). The issue is an integer overflow caused by insufficient parameter validation in the camera program, potentially allowing an attacker who tricks the user into installing a malicious app with...

CVE-2017-17224

Some Huawei smart phones with versions earlier than Harry-AL00C 9.1.0.206C00E205R3P1 have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal...

CVE-2018-7961

There is a smart SMS verification code vulnerability in some Huawei smart phones. An attacker should trick a user to access malicious Website or malicious App and register. Due to incorrect processing of the smart SMS verification code, successful exploitation can cause sensitive information leak...

CVE-2018-7944

Huawei smart phones Emily-AL00A with software 8.1.0.106SP2C00 and 8.1.0.107SP5C00 have a Factory Reset Protection FRP bypass vulnerability. An attacker gets some user's smart phone and performs some special operations in the guide function. The attacker may exploit the vulnerability to bypass FRP...

Security Advisory - Information Leakage Vulnerability on Huawei Smart Phone

There is an information leakage vulnerability. Because an interface does not verify authorization correctly, attackers can exploit an application with the authorization of phone state to obtain user location additionally. Vulnerability ID: HWPSIRT-2018-03117 This vulnerability has been assigned a...

Memory corruption

Due to insufficient parameters verification GPU driver of Mate 9 Pro Huawei smart phones with the versions before LON-AL00B 8.0.0.356C00 has an arbitrary memory free vulnerability. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter t...