cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2020-9089,https://securityvulnerability.io/vulnerability/CVE-2020-9089,Information Exposure Vulnerability in Huawei Smartphones,"An information exposure vulnerability exists in certain Huawei smartphones where a specific function within a module can be invoked without proper access verification. This weakness allows attackers who already possess user access to potentially exploit the flaw and access sensitive information. The absence of strict access controls may lead to unintentional information disclosure, posing risks to user privacy and security. It is crucial for users of affected devices to remain vigilant and apply security updates provided by Huawei to mitigate this vulnerability.",Huawei,Huawei P30 Pro,3.3,LOW,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-27T09:44:20.785Z,0
CVE-2020-9081,https://securityvulnerability.io/vulnerability/CVE-2020-9081,Improper Authorization in Huawei Smartphones,"An improper authorization vulnerability exists in certain models of Huawei smartphones. This security flaw allows an attacker to execute a series of operations under specific conditions, potentially leading to the ability to bypass app locks. By exploiting this vulnerability, unauthorized access to locked applications could be achieved, compromising user privacy and data security.",Huawei,"Huawei Mate 20,Huawei P30,Huawei P30 Pro,Princeton-al10d,Yale-al00a,Yale-al50a,Yalep-al10b",6.8,MEDIUM,0.0005300000193528831,false,,false,false,false,,false,false,false,,2024-12-27T09:34:40.332Z,0
CVE-2021-22399,https://securityvulnerability.io/vulnerability/CVE-2021-22399,,"The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Affected product versions include: HUAWEI P30 10.0.0.195(C432E22R2P5), 10.0.0.200(C00E85R2P11), 10.0.0.200(C461E6R3P1), 10.0.0.201(C10E7R5P1), 10.0.0.201(C185E4R7P1), 10.0.0.206(C605E19R1P3), 10.0.0.209(C636E6R3P4), 10.0.0.210(C635E3R2P4), and versions earlier than 10.1.0.165(C01E165R2P11).",Huawei,Huawei P30,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-07-13T11:37:25.000Z,0
CVE-2021-22331,https://securityvulnerability.io/vulnerability/CVE-2021-22331,,"There is a JavaScript injection vulnerability in certain Huawei smartphones. A module does not verify some inputs sufficiently. Attackers can exploit this vulnerability by sending a malicious application request to launch JavaScript injection. This may compromise normal service. Affected product versions include HUAWEI P30 versions earlier than 10.1.0.165(C01E165R2P11), 11.0.0.118(C635E2R1P3), 11.0.0.120(C00E120R2P5), 11.0.0.138(C10E4R5P3), 11.0.0.138(C185E4R7P3), 11.0.0.138(C432E8R2P3), 11.0.0.138(C461E4R3P3), 11.0.0.138(C605E4R1P3), and 11.0.0.138(C636E4R3P3).",Huawei,Huawei P30,7.5,HIGH,0.000910000002477318,false,,false,false,false,,,false,false,,2021-04-28T12:19:09.000Z,0
CVE-2021-22330,https://securityvulnerability.io/vulnerability/CVE-2021-22330,,"There is an out of bounds write vulnerability in Huawei Smartphone HUAWEI P30 versions 9.1.0.131(C00E130R1P21) when processing a message. An unauthenticated attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of the input parameter, successful exploit can cause the process and the service to be abnormal.",Huawei,Huawei P30,6.5,MEDIUM,0.0006200000061653554,false,,false,false,false,,,false,false,,2021-04-28T11:49:31.000Z,0
CVE-2021-22327,https://securityvulnerability.io/vulnerability/CVE-2021-22327,,"There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions 10.0.0.186(C10E7R5P1), 10.0.0.186(C461E4R3P1), 10.0.0.188(C00E85R2P11), 10.0.0.188(C01E88R2P11),10.0.0.188(C605E19R1P3), 10.0.0.190(C185E4R7P1), 10.0.0.190(C431E22R2P5), 10.0.0.190(C432E22R2P5),10.0.0.190(C605E19R1P3), 10.0.0.190(C636E4R3P4), 10.0.0.192(C635E3R2P4).",Huawei,Huawei P30,6.5,MEDIUM,0.0009299999801442027,false,,false,false,false,,,false,false,,2021-04-28T11:19:52.000Z,0
CVE-2020-9203,https://securityvulnerability.io/vulnerability/CVE-2020-9203,,"There is a resource management errors vulnerability in Huawei P30. Local attackers construct broadcast message for some application, causing this application to send this broadcast message and impact the customer's use experience.",Huawei,Huawei P30,3.3,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-01-13T22:01:34.000Z,0
CVE-2020-9247,https://securityvulnerability.io/vulnerability/CVE-2020-9247,,"There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B.",Huawei,"Honor 20 Pro,Huawei Mate 20,Huawei Mate 20 Pro,Huawei Mate 20 X,Huawei P30,Huawei P30 Pro,Hima-l29c,Laya-al00ep,Princeton-al10b,Tony-al00b,Yale-l61a,Yale-tl00b,Yalep-al10b",7.8,HIGH,0.0010900000343099236,false,,false,false,false,,,false,false,,2020-12-07T12:49:00.000Z,0
CVE-2020-9263,https://securityvulnerability.io/vulnerability/CVE-2020-9263,,"HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) and HUAWEI P30 version earlier than 10.1.0.160(C00E160R2P11) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with common privilege, successful exploit could cause code execution.",Huawei,Huawei Mate 30;huawei P30,7.8,HIGH,0.0008500000112690032,false,,false,false,false,,,false,false,,2020-10-19T19:57:15.000Z,0
CVE-2020-9106,https://securityvulnerability.io/vulnerability/CVE-2020-9106,,"HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. The system does not sufficiently validate certain pathname, successful exploit could allow the attacker access files and cause information disclosure.",Huawei,Huawei P30 Pro,4.6,MEDIUM,0.0009599999757483602,false,,false,false,false,,,false,false,,2020-10-12T13:43:54.000Z,0
CVE-2020-9123,https://securityvulnerability.io/vulnerability/CVE-2020-9123,,HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution.,Huawei,Huawei P30 Pro,7.8,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-10-12T13:41:48.000Z,0
CVE-2020-9109,https://securityvulnerability.io/vulnerability/CVE-2020-9109,,"There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful exploit could cause information disclosure.Affected product versions include:HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI Mate 20 X versions earlier than 10.1.0.160(C00E160R2P8),versions earlier than 10.1.0.160(C01E160R2P8);HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8);Laya-AL00EP versions earlier than 10.1.0.160(C786E160R3P8);Tony-AL00B versions earlier than 10.1.0.160(C00E160R2P11);Tony-TL00B versions earlier than 10.1.0.160(C01E160R2P11).",Huawei,Huawei Mate 20;huawei Mate 20 X;huawei P30 Pro;laya-al00ep;tony-al00b;tony-tl00b,4.6,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2020-10-12T13:39:33.000Z,0
CVE-2020-9107,https://securityvulnerability.io/vulnerability/CVE-2020-9107,,"HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.",Huawei,Huawei P30 Pro,5.5,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2020-10-12T13:33:25.000Z,0
CVE-2020-9108,https://securityvulnerability.io/vulnerability/CVE-2020-9108,,"HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot.",Huawei,Huawei P30 Pro,5.5,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2020-10-12T13:27:20.000Z,0
CVE-2020-9095,https://securityvulnerability.io/vulnerability/CVE-2020-9095,,HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause integer overflow. This can compromise normal service.,Huawei,Huawei P30 Pro,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-08-21T13:26:27.000Z,0
CVE-2020-9096,https://securityvulnerability.io/vulnerability/CVE-2020-9096,,HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause out-of-bound read. This can compromise normal service.,Huawei,Huawei P30 Pro,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-08-21T13:20:40.000Z,0
CVE-2020-9104,https://securityvulnerability.io/vulnerability/CVE-2020-9104,,"HUAWEI P30 smartphones with Versions earlier than 10.1.0.123(C431E22R2P5),Versions earlier than 10.1.0.123(C432E22R2P5),Versions earlier than 10.1.0.126(C10E7R5P1),Versions earlier than 10.1.0.126(C185E4R7P1),Versions earlier than 10.1.0.126(C461E7R3P1),Versions earlier than 10.1.0.126(C605E19R1P3),Versions earlier than 10.1.0.126(C636E7R3P4),Versions earlier than 10.1.0.128(C635E3R2P4),Versions earlier than 10.1.0.160(C00E160R2P11),Versions earlier than 10.1.0.160(C01E160R2P11) have a denial of service vulnerability. In specific scenario, due to the improper resource management and memory leak of some feature, the attacker could exploit this vulnerability to cause the device reset.",Huawei,Huawei P30,4.3,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2020-08-21T13:16:29.000Z,0
CVE-2020-9244,https://securityvulnerability.io/vulnerability/CVE-2020-9244,,"HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged",Huawei,Huawei Mate 20;huawei Mate 20 Pro;huawei Mate 20 X;huawei P30;huawei P30 Pro;huawei Mate 20 Rs;honormagic2;honor20;honor20 Pro;honormagic2;honorv20,6.8,MEDIUM,0.000699999975040555,false,,false,false,false,,,false,false,,2020-08-11T18:46:13.000Z,0
CVE-2020-9245,https://securityvulnerability.io/vulnerability/CVE-2020-9245,,"HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of PHONE function.",Huawei,"Huawei P30, Huawei P30 Pro",5.5,MEDIUM,0.0005499999970197678,false,,false,false,false,,,false,false,,2020-08-10T19:28:04.000Z,0
CVE-2020-9249,https://securityvulnerability.io/vulnerability/CVE-2020-9249,,HUAWEI P30 smartphones with versions earlier than 10.1.0.160(C00E160R2P11) have a denial of service vulnerability. A module does not deal with mal-crafted messages and it leads to memory leak. Attackers can exploit this vulnerability to make the device denial of service.Affected product versions include: HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11).,Huawei,Huawei P30,6.5,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2020-07-31T12:22:15.000Z,0
CVE-2020-9077,https://securityvulnerability.io/vulnerability/CVE-2020-9077,,HUAWEI P30 smart phones with versions earlier than 10.1.0.160(C00E160R2P11) have an information exposure vulnerability. The system does not properly authenticate the application that access a specified interface. Attackers can trick users into installing malicious software to exploit this vulnerability and obtain some information about the device. Successful exploit may cause information disclosure.,Huawei,Huawei P30,3.3,LOW,0.000539999979082495,false,,false,false,false,,,false,false,,2020-07-27T12:07:33.000Z,0
CVE-2020-9257,https://securityvulnerability.io/vulnerability/CVE-2020-9257,,"HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.",Huawei,Huawei P30 Pro,8.8,HIGH,0.002859999891370535,false,,false,false,false,,,false,false,,2020-07-17T23:15:00.000Z,0
CVE-2020-9254,https://securityvulnerability.io/vulnerability/CVE-2020-9254,,"HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.",Huawei,Huawei P30 Pro,7.8,HIGH,0.0006799999973736703,false,,false,false,false,,,false,false,,2020-07-17T23:15:00.000Z,0
CVE-2020-9258,https://securityvulnerability.io/vulnerability/CVE-2020-9258,,HUAWEI P30 smartphone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper input verification vulnerability. An attribution in a module is not set correctly and some verification is lacked. Attackers with local access can exploit this vulnerability by injecting malicious fragment. This may lead to user information leak.,Huawei,Huawei P30,5.5,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2020-07-10T13:11:21.000Z,0
CVE-2020-9260,https://securityvulnerability.io/vulnerability/CVE-2020-9260,,"HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E22R2P5) and versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain WI-FI function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure.",Huawei,Huawei P30;huawei P30 Pro,6.5,MEDIUM,0.000699999975040555,false,,false,false,false,,,false,false,,2020-07-10T13:08:18.000Z,0