Vendor CVEs
Huawei
All CVEs
2,254 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-8205 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the… | ||
| CVE-2017-8204 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the… | ||
| CVE-2017-8203 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with software of Versions earlier than BAC-AL00C00B173,Versions earlier than PIC-AL00C00B173 has a use after free (UAF) vulnerability. An attacker can convince a user to install a malicious application which has a high… | ||
| CVE-2017-8192 | Hig | 0.51 | 7.8 | 0.00 | Nov 22, 2017 | FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privilege escalation. | ||
| CVE-2017-8185 | Hig | 0.51 | 7.8 | 0.00 | Nov 22, 2017 | ME906s-158 earlier than ME906S_Installer_13.1805.10.3 versions has a privilege elevation vulnerability. An attacker could exploit this vulnerability to modify the configuration information containing malicious files and trick users into executing the files, resulting in the… | ||
| CVE-2017-8181 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a arbitrary memory write vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has… | ||
| CVE-2017-8180 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special… | ||
| CVE-2017-8179 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special… | ||
| CVE-2017-8170 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to… | ||
| CVE-2017-8169 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to… | ||
| CVE-2017-8160 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The Madapt Driver of some Huawei smart phones with software Earlier than Vicky-AL00AC00B172 versions,Vicky-AL00CC768B122,Vicky-TL00AC01B167,Earlier than Victoria-AL00AC00B172 versions,Victoria-TL00AC00B123,Victoria-TL00AC01B167 has a use after free (UAF) vulnerability. An… | ||
| CVE-2017-8159 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type… | ||
| CVE-2017-8150 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the lack of parameter… | ||
| CVE-2017-8142 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The Trusted Execution Environment (TEE) module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use after free (UAF) vulnerability. An attacker tricks a user into installing a… | ||
| CVE-2017-8141 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The Touch Panel (TP) driver in P10 Plus smart phones with software versions earlier than VKY-AL00C00B153 has a memory double free vulnerability. An attacker with the root privilege of the Android system tricks a user into installing a malicious application, and the application… | ||
| CVE-2017-8140 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE-AL10BC00B353 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can start multiple threads and try to free specific… | ||
| CVE-2017-8137 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. An attacker could exploit this vulnerability to tamper with the DLL file, leading to DLL hijacking. | ||
| CVE-2017-2729 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The boot loaders in Honor 5A smart phones with software Versions earlier than CAM-TL00C01B193,Versions earlier than CAM-TL00HC00B193,Versions earlier than CAM-UL00C00B193 have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a… | ||
| CVE-2017-2725 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The… | ||
| CVE-2017-2716 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The camerafs driver in Mate 9 Versions earlier than MHA-AL00BC00B173 has buffer overflow vulnerability. An attacker tricks a user into installing a malicious application which has the system privilege of the Android system and sends a specific parameter to the driver of the… | ||
| CVE-2017-2715 | Hig | 0.51 | 7.8 | 0.00 | Nov 22, 2017 | The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. An unauthorized attacker could access sensitive database information and may crack users' Safe… | ||
| CVE-2017-2699 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. An attacker could exploit this vulnerability to upload theme packs containing malicious files and… | ||
| CVE-2017-2698 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to… | ||
| CVE-2017-2697 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier… | ||
| CVE-2017-2696 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The emerg_data driver in CAM-L21C10B130 and earlier versions, CAM-L21C185B141 and earlier versions has a buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and… | ||
| CVE-2017-2693 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier versions,ALE-L23C605B190 and… | ||
| CVE-2017-2692 | Hig | 0.51 | 7.8 | 0.01 | Nov 22, 2017 | The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier… | ||
| CVE-2015-8089 | Hig | 0.51 | 7.8 | 0.00 | May 23, 2017 | The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C17B851, P7-L05 before P7-L05C00B851, and P7-L09 before P7-L09C92B851 allows local users to read or write to arbitrary kernel memory locations and consequently cause a denial of service (system crash) or gain… | ||
| CVE-2016-8768 | Hig | 0.51 | 7.8 | 0.01 | Apr 2, 2017 | Huawei Honor 6, Honor 6 Plus, Honor 7 phones with software versions earlier than 6.9.16 could allow attackers to disable the PXN defense mechanism by invoking related drive code to crash the system or escalate privilege. | ||
| CVE-2016-8763 | Hig | 0.51 | 7.8 | 0.01 | Apr 2, 2017 | The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an improper resource release vulnerability, which allows… | ||
| CVE-2016-8761 | Hig | 0.51 | 7.8 | 0.01 | Apr 2, 2017 | Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege. | ||
| CVE-2016-8760 | Hig | 0.51 | 7.8 | 0.01 | Apr 2, 2017 | Touchscreen driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a heap overflow vulnerability, which allows attackers to crash the system or escalate user privilege. | ||
| CVE-2016-8759 | Hig | 0.51 | 7.8 | 0.01 | Apr 2, 2017 | Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege. | ||
| CVE-2016-8274 | Hig | 0.51 | 7.8 | 0.00 | Apr 2, 2017 | Huawei PC client software HiSuite 4.0.5.300_OVE has a dynamic link library (DLL) hijack vulnerability; an attacker can make the system load malicious DLL files to execute arbitrary code. | ||
| CVE-2016-8273 | Hig | 0.51 | 7.8 | 0.00 | Apr 2, 2017 | Huawei PC client software HiSuite 4.0.5.300_OVE uses insecure HTTP for upgrade software package download and does not check the integrity of the software package before installing; an attacker can launch an MITM attack to interrupt or replace the downloaded software package and… | ||
| CVE-2016-6193 | Hig | 0.51 | 7.8 | 0.01 | Aug 2, 2016 | Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6192. | ||
| CVE-2016-5821 | Hig | 0.51 | 7.8 | 0.00 | Jul 13, 2016 | Huawei HiSuite before 4.0.4.204_ove (Out of China) and before 4.0.4.301 (China) use a weak ACL (FILE_WRITE_DATA for BUILTIN\Users) for the HiSuite service directory, which allows local users to gain SYSTEM privileges via a Trojan horse (1) SspiCli.dll or (2) USERENV.dll file or… | ||
| CVE-2016-5231 | Hig | 0.51 | 7.8 | 0.01 | Jun 30, 2016 | Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to bypass permission checks and delete user data via a crafted app. | ||
| CVE-2016-5723 | Hig | 0.51 | 7.8 | 0.00 | Jun 24, 2016 | Huawei FusionInsight HD before V100R002C60SPC200 allows local users to gain root privileges via unspecified vectors. | ||
| CVE-2016-3681 | Hig | 0.51 | 7.8 | 0.01 | May 26, 2016 | Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain privileges via a crafted… | ||
| CVE-2016-3680 | Hig | 0.51 | 7.8 | 0.01 | May 26, 2016 | Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain privileges via a crafted… | ||
| CVE-2016-2855 | Hig | 0.51 | 7.8 | 0.00 | May 23, 2016 | The Huawei Mobile Broadband HL Service 22.001.25.00.03 and earlier uses a weak ACL for the MobileBrServ program data directory, which allows local users to gain SYSTEM privileges by modifying VERSION.dll. | ||
| CVE-2016-2780 | Hig | 0.51 | 7.8 | 0.00 | Apr 13, 2016 | Untrusted search path vulnerability in Huawei UTPS before UTPS-V200R003B015D15SP00C983 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in an unspecified directory. | ||
| CVE-2016-1495 | Hig | 0.51 | 7.8 | 0.01 | Apr 13, 2016 | Integer overflow in the graphics drivers in Huawei Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a… | ||
| CVE-2015-8304 | Hig | 0.51 | 7.8 | 0.01 | Apr 13, 2016 | Integer overflow in Huawei P7 phones with software before P7-L07 V100R001C01B606 allows remote attackers to gain privileges via a crafted application with the system or camera permission. | ||
| CVE-2015-8681 | Hig | 0.51 | 7.8 | 0.01 | Apr 7, 2016 | The ovisp driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before… | ||
| CVE-2015-8680 | Hig | 0.51 | 7.8 | 0.01 | Apr 7, 2016 | The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00… | ||
| CVE-2015-8319 | Hig | 0.51 | 7.8 | 0.01 | Apr 7, 2016 | Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones… | ||
| CVE-2015-8318 | Hig | 0.51 | 7.8 | 0.01 | Apr 7, 2016 | Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones… | ||
| CVE-2015-8307 | Hig | 0.51 | 7.8 | 0.01 | Apr 7, 2016 | The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00… |
- risk 0.51cvss 7.8epss 0.01
The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the…
- risk 0.51cvss 7.8epss 0.01
The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the…
- risk 0.51cvss 7.8epss 0.01
The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with software of Versions earlier than BAC-AL00C00B173,Versions earlier than PIC-AL00C00B173 has a use after free (UAF) vulnerability. An attacker can convince a user to install a malicious application which has a high…
- risk 0.51cvss 7.8epss 0.00
FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privilege escalation.
- risk 0.51cvss 7.8epss 0.00
ME906s-158 earlier than ME906S_Installer_13.1805.10.3 versions has a privilege elevation vulnerability. An attacker could exploit this vulnerability to modify the configuration information containing malicious files and trick users into executing the files, resulting in the…
- risk 0.51cvss 7.8epss 0.01
The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a arbitrary memory write vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has…
- risk 0.51cvss 7.8epss 0.01
The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special…
- risk 0.51cvss 7.8epss 0.01
The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special…
- risk 0.51cvss 7.8epss 0.01
Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to…
- risk 0.51cvss 7.8epss 0.01
Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to…
- risk 0.51cvss 7.8epss 0.01
The Madapt Driver of some Huawei smart phones with software Earlier than Vicky-AL00AC00B172 versions,Vicky-AL00CC768B122,Vicky-TL00AC01B167,Earlier than Victoria-AL00AC00B172 versions,Victoria-TL00AC00B123,Victoria-TL00AC01B167 has a use after free (UAF) vulnerability. An…
- risk 0.51cvss 7.8epss 0.01
Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program initializes a variable using one type, but it later accesses that variable using a type that is different with the original type…
- risk 0.51cvss 7.8epss 0.01
The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an arbitrary memory write vulnerability due to the lack of parameter…
- risk 0.51cvss 7.8epss 0.01
The Trusted Execution Environment (TEE) module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use after free (UAF) vulnerability. An attacker tricks a user into installing a…
- risk 0.51cvss 7.8epss 0.01
The Touch Panel (TP) driver in P10 Plus smart phones with software versions earlier than VKY-AL00C00B153 has a memory double free vulnerability. An attacker with the root privilege of the Android system tricks a user into installing a malicious application, and the application…
- risk 0.51cvss 7.8epss 0.01
The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE-AL10BC00B353 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can start multiple threads and try to free specific…
- risk 0.51cvss 7.8epss 0.01
HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. An attacker could exploit this vulnerability to tamper with the DLL file, leading to DLL hijacking.
- risk 0.51cvss 7.8epss 0.01
The boot loaders in Honor 5A smart phones with software Versions earlier than CAM-TL00C01B193,Versions earlier than CAM-TL00HC00B193,Versions earlier than CAM-UL00C00B193 have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a…
- risk 0.51cvss 7.8epss 0.01
Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The…
- risk 0.51cvss 7.8epss 0.01
The camerafs driver in Mate 9 Versions earlier than MHA-AL00BC00B173 has buffer overflow vulnerability. An attacker tricks a user into installing a malicious application which has the system privilege of the Android system and sends a specific parameter to the driver of the…
- risk 0.51cvss 7.8epss 0.00
The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. An unauthorized attacker could access sensitive database information and may crack users' Safe…
- risk 0.51cvss 7.8epss 0.01
The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. An attacker could exploit this vulnerability to upload theme packs containing malicious files and…
- risk 0.51cvss 7.8epss 0.01
The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to…
- risk 0.51cvss 7.8epss 0.01
The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and earlier versions,CAM-L21C10B130 and earlier versions,CAM-L21C185B141 and earlier…
- risk 0.51cvss 7.8epss 0.01
The emerg_data driver in CAM-L21C10B130 and earlier versions, CAM-L21C185B141 and earlier versions has a buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and…
- risk 0.51cvss 7.8epss 0.01
ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier versions,ALE-L23C605B190 and…
- risk 0.51cvss 7.8epss 0.01
The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150 and earlier versions,ALE-L21C636B200 and earlier…
- risk 0.51cvss 7.8epss 0.00
The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C17B851, P7-L05 before P7-L05C00B851, and P7-L09 before P7-L09C92B851 allows local users to read or write to arbitrary kernel memory locations and consequently cause a denial of service (system crash) or gain…
- risk 0.51cvss 7.8epss 0.01
Huawei Honor 6, Honor 6 Plus, Honor 7 phones with software versions earlier than 6.9.16 could allow attackers to disable the PXN defense mechanism by invoking related drive code to crash the system or escalate privilege.
- risk 0.51cvss 7.8epss 0.01
The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an improper resource release vulnerability, which allows…
- risk 0.51cvss 7.8epss 0.01
Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege.
- risk 0.51cvss 7.8epss 0.01
Touchscreen driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a heap overflow vulnerability, which allows attackers to crash the system or escalate user privilege.
- risk 0.51cvss 7.8epss 0.01
Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege.
- risk 0.51cvss 7.8epss 0.00
Huawei PC client software HiSuite 4.0.5.300_OVE has a dynamic link library (DLL) hijack vulnerability; an attacker can make the system load malicious DLL files to execute arbitrary code.
- risk 0.51cvss 7.8epss 0.00
Huawei PC client software HiSuite 4.0.5.300_OVE uses insecure HTTP for upgrade software package download and does not check the integrity of the software package before installing; an attacker can launch an MITM attack to interrupt or replace the downloaded software package and…
- risk 0.51cvss 7.8epss 0.01
Buffer overflow in the Wi-Fi driver in Huawei P8 smartphones with software before GRA-CL00C92B363 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2016-6192.
- risk 0.51cvss 7.8epss 0.00
Huawei HiSuite before 4.0.4.204_ove (Out of China) and before 4.0.4.301 (China) use a weak ACL (FILE_WRITE_DATA for BUILTIN\Users) for the HiSuite service directory, which allows local users to gain SYSTEM privileges via a Trojan horse (1) SspiCli.dll or (2) USERENV.dll file or…
- risk 0.51cvss 7.8epss 0.01
Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to bypass permission checks and delete user data via a crafted app.
- risk 0.51cvss 7.8epss 0.00
Huawei FusionInsight HD before V100R002C60SPC200 allows local users to gain root privileges via unspecified vectors.
- risk 0.51cvss 7.8epss 0.01
Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain privileges via a crafted…
- risk 0.51cvss 7.8epss 0.01
Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain privileges via a crafted…
- risk 0.51cvss 7.8epss 0.00
The Huawei Mobile Broadband HL Service 22.001.25.00.03 and earlier uses a weak ACL for the MobileBrServ program data directory, which allows local users to gain SYSTEM privileges by modifying VERSION.dll.
- risk 0.51cvss 7.8epss 0.00
Untrusted search path vulnerability in Huawei UTPS before UTPS-V200R003B015D15SP00C983 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in an unspecified directory.
- risk 0.51cvss 7.8epss 0.01
Integer overflow in the graphics drivers in Huawei Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a…
- risk 0.51cvss 7.8epss 0.01
Integer overflow in Huawei P7 phones with software before P7-L07 V100R001C01B606 allows remote attackers to gain privileges via a crafted application with the system or camera permission.
- risk 0.51cvss 7.8epss 0.01
The ovisp driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before…
- risk 0.51cvss 7.8epss 0.01
The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00…
- risk 0.51cvss 7.8epss 0.01
Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones…
- risk 0.51cvss 7.8epss 0.01
Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones…
- risk 0.51cvss 7.8epss 0.01
The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00…
Page 3 of 46