Vulnerabilities (CVE)

Filtered by vendor Huawei Subscribe
Filtered by product Mate 10
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-9119 1 Huawei 10 Mate 10, Mate 10 Firmware, Mate 30 and 7 more 2024-02-28 4.6 MEDIUM 6.2 MEDIUM
There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user's privilege promotion.
CVE-2020-1809 1 Huawei 2 Mate 10, Mate 10 Firmware 2024-02-28 2.1 LOW 4.6 MEDIUM
HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E143R2P4) have an information disclosure vulnerability. The attacker could wake up voice assistant then do a series of crafted voice operation, successful exploit could allow the attacker read certain files without unlock the phone leading to information disclosure.
CVE-2019-5264 1 Huawei 20 Changxiang 7s, Changxiang 7s Firmware, Changxiang 8 Plus and 17 more 2024-02-28 2.1 LOW 4.6 MEDIUM
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure.
CVE-2019-5305 1 Huawei 2 Mate 10, Mate 10 Firmware 2024-02-28 7.1 HIGH 5.5 MEDIUM
The image processing module of some Huawei Mate 10 smartphones versions before ALP-L29 9.0.0.159(C185) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which could trigger double free and cause a system crash.
CVE-2019-5219 1 Huawei 2 Mate 10, Mate 10 Firmware 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
There is a double free vulnerability on certain drivers of Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.181(C00E87R2P20T8). An attacker tricks the user into installing a malicious application, which makes multiple processes operate the same resource at the same time. Successful exploit could cause a denial of service condition.
CVE-2019-5214 1 Huawei 2 Mate 10, Mate 10 Firmware 2024-02-28 7.1 HIGH 5.5 MEDIUM
There is a use after free vulnerability on certain driver component in Huawei Mate10 smartphones versions earlier than ALP-AL00B 9.0.0.167(C00E85R2P20T8). An attacker tricks the user into installing a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause a denial of service condition.
CVE-2018-7993 1 Huawei 2 Mate 10, Mate 10 Firmware 2024-02-28 9.3 HIGH 7.8 HIGH
HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulnerability on mediaserver component. An attacker tricks the user install a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause execution of arbitrary code.
CVE-2017-17227 1 Huawei 2 Mate 10, Mate 10 Firmware 2024-02-28 9.3 HIGH 7.8 HIGH
GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The versions before ALP-L09 8.0.0.127(C900); The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) has a out-of-bounds memory access vulnerability due to the input parameters validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can call the driver with special parameter and cause accessing out-of-bounds memory. Successful exploit may result in phone crash or arbitrary code execution.
CVE-2017-15311 1 Huawei 8 Mate 10, Mate 10 Firmware, Mate 10 Pro and 5 more 2024-02-28 5.8 MEDIUM 8.8 HIGH
The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B 8.0.0.334(C00), and before LON-AL00B 8.0.0.334(C00) have a stack overflow vulnerability due to the lack of parameter validation. An attacker could send malicious packets to the smart phones within radio range by special wireless device, which leads stack overflow when the baseband module handles these packets. The attacker could exploit this vulnerability to perform a denial of service attack or remote code execution in baseband module.