Filtered by vendor Huawei
Subscribe
Total
1915 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-9258 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 1.9 LOW | 5.5 MEDIUM |
| HUAWEI P30 smartphone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper input verification vulnerability. An attribution in a module is not set correctly and some verification is lacked. Attackers with local access can exploit this vulnerability by injecting malicious fragment. This may lead to user information leak. | |||||
| CVE-2020-9257 | 1 Huawei | 2 P30 Pro, P30 Pro Firmware | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution. | |||||
| CVE-2020-9256 | 1 Huawei | 2 Mate 30 Pro, Mate 30 Pro Firmware | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Huawei Mate 30 Pro smartphones with versions earlier than 10.1.0.150(C00E136R5P3) have an improper authorization vulnerability. The system does not properly restrict the use of system service by applications, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of audio service. | |||||
| CVE-2020-9255 | 1 Huawei | 2 Honor 10, Honor 10 Firmware | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Huawei Honor 10 smartphones with versions earlier than 10.0.0.178(C00E178R1P4) have a denial of service vulnerability. Certain service in the system does not sufficiently validate certain parameter which is received, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of service condition. | |||||
| CVE-2020-9254 | 1 Huawei | 2 P30 Pro, P30 Pro Firmware | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution. | |||||
| CVE-2020-9252 | 1 Huawei | 8 Magic2, Magic2 Firmware, Mate 20 and 5 more | 2024-11-21 | 2.1 LOW | 2.3 LOW |
| HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8), HUAWEI Mate 20 X versions earlier than 10.1.0.135(C00E135R2P8), HUAWEI Mate 20 RS versions earlier than 10.1.0.160(C786E160R3P8), and Honor Magic2 smartphones versions earlier than 10.1.0.160(C00E160R2P11) have a path traversal vulnerability. The system does not sufficiently validate certain pathname from certain process, successful exploit could allow the attacker write files to a crafted path. | |||||
| CVE-2020-9251 | 1 Huawei | 2 Mate 20, P30 Firmware | 2024-11-21 | 2.1 LOW | 2.4 LOW |
| HUAWEI Mate 20 smartphones with versions earlier than 10.1.0.160(C00E160R2P11) have an improper authorization vulnerability. The software does not properly restrict certain operation in certain scenario, the attacker should do certain configuration before the user turns on student mode function. Successful exploit could allow the attacker to bypass the limit of student mode function. Affected product versions include: HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8). | |||||
| CVE-2020-9249 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| HUAWEI P30 smartphones with versions earlier than 10.1.0.160(C00E160R2P11) have a denial of service vulnerability. A module does not deal with mal-crafted messages and it leads to memory leak. Attackers can exploit this vulnerability to make the device denial of service.Affected product versions include: HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11). | |||||
| CVE-2020-9248 | 1 Huawei | 1 Fusioncompute | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| Huawei FusionComput 8.0.0 have an improper authorization vulnerability. A module does not verify some input correctly and authorizes files with incorrect access. Attackers can exploit this vulnerability to launch privilege escalation attack. This can compromise normal service. | |||||
| CVE-2020-9247 | 1 Huawei | 26 Hima-l29c, Hima-l29c Firmware, Honor 20 Pro and 23 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B. | |||||
| CVE-2020-9246 | 1 Huawei | 1 Fusioncompute | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| FusionCompute 8.0.0 has an information leak vulnerability. A module does not launch strict access control and information protection. Attackers with low privilege can get some extra information. This can lead to information leak. | |||||
| CVE-2020-9245 | 1 Huawei | 4 P30, P30 Firmware, P30 Pro and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of PHONE function. | |||||
| CVE-2020-9244 | 1 Huawei | 20 Honor 20, Honor 20 Firmware, Honor 20 Pro and 17 more | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged | |||||
| CVE-2020-9243 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successful exploit could cause a denial of service condition. | |||||
| CVE-2020-9242 | 1 Huawei | 1 Fusioncompute | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently validate certain parameters post from user, successful exploit could allow an authenticated attacker to launch a command injection attack. | |||||
| CVE-2020-9241 | 1 Huawei | 2 E6878-370, E6878-370 Firmware | 2024-11-21 | 6.8 MEDIUM | 7.0 HIGH |
| Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233) have an improper authorization vulnerability. The device does not restrict certain data received from WAN port. Successful exploit could allow an attacker at WAN side to manage certain service of the device. | |||||
| CVE-2020-9240 | 1 Huawei | 2 Taurus-an00b, Taurus-an00b Firmware | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buffer overflow vulnerability. A function in a module does not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected device. | |||||
| CVE-2020-9239 | 1 Huawei | 26 Berkeley-l09, Berkeley-l09 Firmware, Bla-a09 and 23 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions earlier than 8.0.0.123(C567),versions earlier than 8.0.0.123(C797);BLA-TL00B versions earlier than 8.1.0.326(C01);Berkeley-L09 versions earlier than 8.0.0.163(C10),versions earlier than 8.0.0.163(C432),Versions earlier than 8.0.0.163(C636),Versions earlier than 8.0.0.172(C10);Duke-L09 versions Duke-L09C10B187, versions Duke-L09C432B189, versions Duke-L09C636B189;HUAWEI P20 versions earlier than 8.0.1.16(C00);HUAWEI P20 Pro versions earlier than 8.1.0.152(C00);Jimmy-AL00A versions earlier than Jimmy-AL00AC00B172;LON-L29D versions LON-L29DC721B192;NEO-AL00D versions earlier than 8.1.0.172(C786);Stanford-AL00 versions Stanford-AL00C00B123;Toronto-AL00 versions earlier than Toronto-AL00AC00B225;Toronto-AL00A versions earlier than Toronto-AL00AC00B225;Toronto-TL10 versions earlier than Toronto-TL10C01B225 have an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerab | |||||
| CVE-2020-9238 | 1 Huawei | 2 Taurus-an00b, Taurus-an00b Firmware | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buffer overflow vulnerability. A function in a module does not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected device. | |||||
| CVE-2020-9237 | 1 Huawei | 2 Taurus-al00b, Taurus-al00b Firmware | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| Huawei smartphone Taurus-AL00B with versions earlier than 10.1.0.126(C00E125R5P3) have a user after free vulnerability. A module is lack of lock protection. Attackers can exploit this vulnerability by launching specific request. This could compromise normal service of the affected device. | |||||