Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
HuaweiVmall*

3 matches found

cve
cveadded 2017/11/22 7:29 p.m.39 views

CVE-2017-2694

The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call. An attacker can construct a malicious application to call it. Consequently, alert music will be played suddenly, compromising user experience.

4.3CVSS4AI score0.0007EPSS
cve
cveadded 2017/11/22 7:29 p.m.38 views

CVE-2017-2739

The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 versions is transferred through HTTP. A man in the middle (MITM) can tamper with the upgrade package of Huawei Vmall APP, and to implant the malicious applications.

3.1CVSS4.2AI score0.00021EPSS
cve
cveadded 2017/11/22 7:29 p.m.33 views

CVE-2017-8153

Huawei VMall (for Android) with the versions before 1.5.8.5 have a privilege elevation vulnerability due to improper design. An attacker can trick users into installing a malicious app which can send out HTTP requests and execute JavaScript code in web pages without obtaining the Internet access pe...

7.1CVSS6.9AI score0.00085EPSS