Lucene search

K

11 matches found

CVE
CVE
added 2020/02/13 3:15 p.m.146 views

CVE-2020-0022

In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidV...

8.8CVSS8.7AI score0.13415EPSS
CVE
CVE
added 2020/04/10 3:15 p.m.104 views

CVE-2020-1801

There is an improper authentication vulnerability in several smartphones. Certain function interface in the system does not sufficiently validate the caller's identity in certain share scenario, successful exploit could cause information disclosure. Affected product versions include:Mate 30 Pro ver...

5.5CVSS5.4AI score0.00105EPSS
CVE
CVE
added 2020/12/24 4:15 p.m.57 views

CVE-2020-9119

There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user's privilege promotion.

6.2CVSS6.6AI score0.0003EPSS
CVE
CVE
added 2020/07/06 7:15 p.m.48 views

CVE-2020-9261

HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a type confusion vulnerability. The system does not properly check and transform the type of certain variable, the attacker tricks the user into installing then running a crafted application, successful exploit could cause code ...

7.8CVSS7.7AI score0.00196EPSS
CVE
CVE
added 2020/10/19 8:15 p.m.48 views

CVE-2020-9263

HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) and HUAWEI P30 version earlier than 10.1.0.160(C00E160R2P11) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running ...

7.8CVSS7.8AI score0.00318EPSS
CVE
CVE
added 2020/08/10 8:15 p.m.42 views

CVE-2020-9243

HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successful exploit could cause a denial of service c...

5.5CVSS5.6AI score0.00077EPSS
CVE
CVE
added 2020/07/06 7:15 p.m.35 views

CVE-2020-9262

HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with high privilege, successful ex...

7.8CVSS7.7AI score0.00318EPSS
CVE
CVE
added 2020/06/18 2:15 p.m.31 views

CVE-2020-1835

HUAWEI Mate 30 with versions earlier than 10.1.0.126(C00E125R5P3) have an information disclosure vulnerability. A logic judgment error occurs when the system handling Bluetooth connections, an attacker could craft as an authenticated Bluetooth peer to launch the attack. Successful exploit could cau...

6.5CVSS6AI score0.00044EPSS
CVE
CVE
added 2020/11/13 3:15 p.m.31 views

CVE-2020-9129

HUAWEI Mate 30 versions earlier than 10.1.0.159(C00E159R7P2) have a vulnerability of improper buffer operation. Due to improper restrictions, local attackers with high privileges can exploit the vulnerability to cause system heap overflow.

6.7CVSS6.4AI score0.00033EPSS
CVE
CVE
added 2020/07/06 7:15 p.m.30 views

CVE-2020-1839

HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a race condition vulnerability. There is a timing window exists in which certain pointer members can be modified by another process that is operating concurrently, an attacker should trick the user into running a crafted applica...

6.3CVSS6.4AI score0.00021EPSS
CVE
CVE
added 2020/12/29 6:15 p.m.29 views

CVE-2020-9125

There is an out-of-bound read vulnerability in huawei smartphone Mate 30 versions earlier than 10.1.0.156 (C00E155R7P2). An attacker with specific permission can exploit this vulnerability by sending crafted packet with specific parameter to the target device. Due to insufficient validation of the ...

6.7CVSS6.3AI score0.00011EPSS