Total
16 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-0022 | 2 Google, Huawei | 43 Android, Honor 8a, Honor 8a Firmware and 40 more | 2024-02-02 | 8.3 HIGH | 8.8 HIGH |
| In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715 | |||||
| CVE-2021-22364 | 1 Huawei | 4 Mate 30, Mate 30 5g, Mate 30 5g Firmware and 1 more | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| There is a denial of service vulnerability in the versions 10.1.0.126(C00E125R5P3) of HUAWEI Mate 30 and 10.1.0.152(C00E136R7P2) of HUAWEI Mate 30 (5G) . A module does not verify certain parameters sufficiently and it leads to some exceptions. Successful exploit could cause a denial of service condition. | |||||
| CVE-2021-22305 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2023-12-10 | 2.1 LOW | 3.3 LOW |
| There is a buffer overflow vulnerability in Mate 30 10.1.0.126(C00E125R5P3). A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause buffer overflow, compromising normal service. | |||||
| CVE-2020-9119 | 1 Huawei | 10 Mate 10, Mate 10 Firmware, Mate 30 and 7 more | 2023-12-10 | 4.6 MEDIUM | 6.2 MEDIUM |
| There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user's privilege promotion. | |||||
| CVE-2020-9129 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
| HUAWEI Mate 30 versions earlier than 10.1.0.159(C00E159R7P2) have a vulnerability of improper buffer operation. Due to improper restrictions, local attackers with high privileges can exploit the vulnerability to cause system heap overflow. | |||||
| CVE-2021-22307 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| There is a weak algorithm vulnerability in Mate 3010.0.0.203(C00E201R7P2). The protection is insufficient for the modules that should be protected. Local attackers can exploit this vulnerability to affect the integrity of certain module. | |||||
| CVE-2020-9125 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
| There is an out-of-bound read vulnerability in huawei smartphone Mate 30 versions earlier than 10.1.0.156 (C00E155R7P2). An attacker with specific permission can exploit this vulnerability by sending crafted packet with specific parameter to the target device. Due to insufficient validation of the parameter, successful exploit can cause the device to behave abnormally. | |||||
| CVE-2020-9263 | 1 Huawei | 4 Mate 30, Mate 30 Firmware, P30 and 1 more | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) and HUAWEI P30 version earlier than 10.1.0.160(C00E160R2P11) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with common privilege, successful exploit could cause code execution. | |||||
| CVE-2021-22301 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
| Mate 30 10.0.0.203(C00E201R7P2) have a buffer overflow vulnerability. After obtaining the root permission, an attacker can exploit the vulnerability to cause buffer overflow. | |||||
| CVE-2021-22306 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2023-12-10 | 2.1 LOW | 4.6 MEDIUM |
| There is an out-of-bound read vulnerability in Mate 30 10.0.0.182(C00E180R6P2). A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause out-of-bound, compromising normal service. | |||||
| CVE-2020-9243 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successful exploit could cause a denial of service condition. | |||||
| CVE-2020-1839 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2023-12-10 | 3.7 LOW | 6.3 MEDIUM |
| HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a race condition vulnerability. There is a timing window exists in which certain pointer members can be modified by another process that is operating concurrently, an attacker should trick the user into running a crafted application with high privilege, successful exploit could cause code execution. | |||||
| CVE-2020-9262 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with high privilege, successful exploit could cause code execution. | |||||
| CVE-2020-9261 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a type confusion vulnerability. The system does not properly check and transform the type of certain variable, the attacker tricks the user into installing then running a crafted application, successful exploit could cause code execution. | |||||
| CVE-2020-1801 | 1 Huawei | 4 Mate 30, Mate 30 Firmware, Mate 30 Pro and 1 more | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is an improper authentication vulnerability in several smartphones. Certain function interface in the system does not sufficiently validate the caller's identity in certain share scenario, successful exploit could cause information disclosure. Affected product versions include:Mate 30 Pro versions Versions earlier than 10.0.0.205(C00E202R7P2);Mate 30 versions Versions earlier than 10.0.0.205(C00E201R7P2). | |||||
| CVE-2020-1835 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2023-12-10 | 3.3 LOW | 6.5 MEDIUM |
| HUAWEI Mate 30 with versions earlier than 10.1.0.126(C00E125R5P3) have an information disclosure vulnerability. A logic judgment error occurs when the system handling Bluetooth connections, an attacker could craft as an authenticated Bluetooth peer to launch the attack. Successful exploit could cause information disclosure. | |||||