Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-9237 | 1 Huawei | 2 Taurus-al00b, Taurus-al00b Firmware | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
Huawei smartphone Taurus-AL00B with versions earlier than 10.1.0.126(C00E125R5P3) have a user after free vulnerability. A module is lack of lock protection. Attackers can exploit this vulnerability by launching specific request. This could compromise normal service of the affected device. | |||||
CVE-2020-9070 | 1 Huawei | 2 Taurus-al00b, Taurus-al00b Firmware | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
Huawei smartphones Taurus-AL00B with versions earlier than 10.0.0.205(C00E201R7P2) have an improper authentication vulnerability. The software insufficiently validate the user's identity when a user wants to do certain operation. An attacker can trick user into installing a malicious application to exploit this vulnerability. Successful exploit may cause some information disclosure. | |||||
CVE-2020-9065 | 1 Huawei | 2 Taurus-al00b, Taurus-al00b Firmware | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
Huawei smart phone Taurus-AL00B with versions earlier than 10.0.0.203(C00E201R7P2) have a use-after-free (UAF) vulnerability. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may tamper with the information to affect the availability. | |||||
CVE-2019-5233 | 1 Huawei | 2 Taurus-al00b, Taurus-al00b Firmware | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
Huawei smartphones with versions earlier than Taurus-AL00B 10.0.0.41(SP2C00E41R3P2) have an improper authentication vulnerability. Successful exploitation may cause the attacker to access specific components. |