cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2017-17176,https://securityvulnerability.io/vulnerability/CVE-2017-17176,,"The hardware security module of Mate 9 and Mate 9 Pro Huawei smart phones with the versions earlier before MHA-AL00BC00B156, versions earlier before MHA-CL00BC00B156, versions earlier before MHA-DL00BC00B156, versions earlier before MHA-TL00BC00B156, versions earlier before LON-AL00BC00B156, versions earlier before LON-CL00BC00B156, versions earlier before LON-DL00BC00B156, versions earlier before LON-TL00BC00B156 has a arbitrary memory read/write vulnerability due to the input parameters validation. An attacker with the root privilege of the Android system could exploit this vulnerability to read and write memory data anywhere or execute arbitrary code in the TrustZone.",McAfee,"Mate 9, Mate 9 Pro",6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2018-10-17T15:00:00.000Z,0
CVE-2018-7992,https://securityvulnerability.io/vulnerability/CVE-2018-7992,,"Mdapt Driver of Huawei MediaPad M3 BTV-W09C128B353CUSTC128D001; Mate 9 Pro versions earlier than 8.0.0.356(C00); P10 Plus versions earlier than 8.0.0.357(C00) has a buffer overflow vulnerability. The driver does not sufficiently validate the input, an attacker could trick the user to install a malicious application which would send crafted parameters to the driver. Successful exploit could cause a denial of service condition.",McAfee,Mediapad M3; Mate 9 Pro; P10 Plus,5.5,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2018-07-31T14:00:00.000Z,0
CVE-2017-17175,https://securityvulnerability.io/vulnerability/CVE-2017-17175,,"Short Message Service (SMS) module of Mate 9 Pro Huawei smart phones with the versions before LON-AL00B 8.0.0.354(C00) has a Denial of Service (DoS) vulnerability. An unauthenticated attacker may set up a pseudo base station, and send special malware text message to the phone, causing the mobile phone to fail to make calls and send and receive text messages.",McAfee,Mate 9 Pro,6.5,MEDIUM,0.0006399999838322401,false,,false,false,false,,,false,false,,2018-07-02T13:00:00.000Z,0
CVE-2017-17173,https://securityvulnerability.io/vulnerability/CVE-2017-17173,,"Due to insufficient parameters verification GPU driver of Mate 9 Pro Huawei smart phones with the versions before LON-AL00B 8.0.0.356(C00) has an arbitrary memory free vulnerability. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to driver to release special kernel memory resource. Successful exploit may result in phone crash or arbitrary code execution.",McAfee,Mate 9 Pro,7.8,HIGH,0.0007200000109151006,false,,false,false,false,,,false,false,,2018-06-14T14:00:00.000Z,0
CVE-2018-7930,https://securityvulnerability.io/vulnerability/CVE-2018-7930,,"The Near Field Communication (NFC) module in Mate 9 Huawei mobile phones with the versions before MHA-L29B 8.0.0.366(C567) has an information leak vulnerability due to insufficient validation on data transfer requests. When an affected mobile phone sends files to an attacker's mobile phone using the NFC function, the attacker can obtain arbitrary files from the mobile phone, causing information leaks.",McAfee,Mate 9,5.7,MEDIUM,0.0007200000109151006,false,,false,false,false,,,false,false,,2018-04-11T17:00:00.000Z,0
CVE-2017-17320,https://securityvulnerability.io/vulnerability/CVE-2017-17320,,"Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188 have a memory double free vulnerability. The system does not manage the memory properly, that frees on the same memory address twice. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in malicious code execution.",McAfee,Mate 9 Pro,7.8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2018-03-20T15:00:00.000Z,0
CVE-2017-17279,https://securityvulnerability.io/vulnerability/CVE-2017-17279,,"The soundtrigger module in Huawei Mate 9 Pro smart phones with software of the versions before LON-AL00B 8.0.0.343(C00) has an authentication bypass vulnerability due to the improper design of the module. An attacker tricks a user into installing a malicious application, and the application can exploit the vulnerability and make attacker bypass the authentication, the attacker can control the phone to sent short messages and make call within audio range to the phone.",McAfee,Mate 9 Pro,5.5,MEDIUM,0.0006799999973736703,false,,false,false,false,,,false,false,,2018-03-09T17:00:00.000Z,0
CVE-2017-17225,https://securityvulnerability.io/vulnerability/CVE-2017-17225,,The Near Field Communication (NFC) module in Huawei Mate 9 Pro mobile phones with the versions before LON-AL00B 8.0.0.340a(C00) has a buffer overflow vulnerability due to the lack of input validation. An attacker may use an NFC card reader or another device to inject malicious data into a target mobile phone. Successful exploit could lead to system restart or arbitrary code execution.,McAfee,Mate 9 Pro,8.8,HIGH,0.0011399999493733048,false,,false,false,false,,,false,false,,2018-03-09T17:00:00.000Z,0
CVE-2017-17326,https://securityvulnerability.io/vulnerability/CVE-2017-17326,,Huawei Mate 9 Pro Smartphones with software of LON-AL00BC00B139D; LON-AL00BC00B229 have an activation lock bypass vulnerability. The smartphone is supposed to be activated by the former account after reset if find my phone function is on. The software does not have a sufficient protection of activation lock. Successful exploit could allow an attacker to bypass the activation lock and activate the smartphone by a new account after a series of operation.,McAfee,Mate 9 Pro,4.6,MEDIUM,0.0006799999973736703,false,,false,false,false,,,false,false,,2018-03-09T17:00:00.000Z,0
CVE-2017-17324,https://securityvulnerability.io/vulnerability/CVE-2017-17324,,"Huawei Mate 9 Pro smartphones with software LON-AL00BC00B139D; LON-AL00BC00B229 have an integer overflow vulnerability. The camera driver does not validate the external input parameters and causes an integer overflow, which in the after processing results in a buffer overflow. An attacker tricks the user to install a crafted application, successful exploit could cause malicious code execution.",McAfee,Mate 9 Pro,7.8,HIGH,0.001069999998435378,false,,false,false,false,,,false,false,,2018-03-09T17:00:00.000Z,0
CVE-2017-17139,https://securityvulnerability.io/vulnerability/CVE-2017-17139,,Huawei Mate 9 and Mate 9 pro smart phones with software the versions before MHA-AL00B 8.0.0.334(C00); the versions before LON-AL00B 8.0.0.334(C00) have a information leak vulnerability in the date service proxy implementation. An attacker may trick a user into installing a malicious application and application can exploit the vulnerability to get kernel date which may cause sensitive information leak.,McAfee,Mate 9; Mate 9 Pro,5.5,MEDIUM,0.0007200000109151006,false,,false,false,false,,,false,false,,2018-03-05T19:29:00.000Z,0
CVE-2017-15347,https://securityvulnerability.io/vulnerability/CVE-2017-15347,,"Huawei Mate 9 Pro mobile phones with software of versions earlier than LON-AL00BC00B235 have a use after free (UAF) vulnerability. An attacker tricks a user into installing a malicious application, and the application can riggers access memory after free it. A local attacker may exploit this vulnerability to cause the mobile phone to crash.",McAfee,Mate 9 Pro,5.5,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2018-02-15T16:00:00.000Z,0
CVE-2017-15316,https://securityvulnerability.io/vulnerability/CVE-2017-15316,,"The GPU driver of Mate 9 Huawei smart phones with software before MHA-AL00B 8.0.0.334(C00) and Mate 9 Pro Huawei smart phones with software before LON-AL00B 8.0.0.334(C00) has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can call special API, which triggers double free and causes a system crash or arbitrary code execution.",McAfee,"Mate 9,Mate 9 Pro",7.8,HIGH,0.0009500000160187483,false,,false,false,false,,,false,false,,2017-12-22T17:29:00.000Z,0
CVE-2017-15311,https://securityvulnerability.io/vulnerability/CVE-2017-15311,,"The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B 8.0.0.334(C00), and before LON-AL00B 8.0.0.334(C00) have a stack overflow vulnerability due to the lack of parameter validation. An attacker could send malicious packets to the smart phones within radio range by special wireless device, which leads stack overflow when the baseband module handles these packets. The attacker could exploit this vulnerability to perform a denial of service attack or remote code execution in baseband module.",McAfee,"Mate 10,Mate 10 Pro,Mate 9,Mate 9 Pro",8.8,HIGH,0.006279999855905771,false,,false,false,false,,,false,false,,2017-12-22T17:29:00.000Z,0
CVE-2017-2702,https://securityvulnerability.io/vulnerability/CVE-2017-2702,,Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass. An attacker can bypass the Phone Finder by special steps and obtain the owner of the phone.,McAfee,Mate 9,6.8,MEDIUM,0.0007800000021234155,false,,false,false,false,,,false,false,,2017-11-22T19:29:00.000Z,0
CVE-2017-2707,https://securityvulnerability.io/vulnerability/CVE-2017-2707,,"Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. An attacker tricks a user to save a rich media into message on the smart phone, which could be exploited to cause the attacker to delete message or fake user to send message.",McAfee,Mate 9,7.1,HIGH,0.0006099999882280827,false,,false,false,false,,,false,false,,2017-11-22T19:29:00.000Z,0
CVE-2017-2706,https://securityvulnerability.io/vulnerability/CVE-2017-2706,,"Mate 9 smartphones with software MHA-AL00AC00B125 have a directory traversal vulnerability in Push module. Since the system does not verify the file name during decompression, system directories are traversed. It could be exploited to cause the attacker to replace files and impact the service.",McAfee,Mate 9,7.1,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2017-11-22T19:29:00.000Z,0
CVE-2017-2703,https://securityvulnerability.io/vulnerability/CVE-2017-2703,,"Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier before EVA-AL10C00B373,Versions earlier before EVA-CL10C00B373,Versions earlier before EVA-DL10C00B373,Versions earlier before EVA-TL10C00B373 can be bypass. An attacker can bypass the Phone Finder by special steps and enter the System Setting.",McAfee,"Mate 9, P9",6.8,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2017-11-22T19:29:00.000Z,0
CVE-2017-2701,https://securityvulnerability.io/vulnerability/CVE-2017-2701,,"Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application. Since the system does not verify the broadcasting message from the application, it could be exploited to cause some functions of system unavailable.",McAfee,Mate 9,3.3,LOW,0.0006300000241026282,false,,false,false,false,,,false,false,,2017-11-22T19:29:00.000Z,0
CVE-2017-8142,https://securityvulnerability.io/vulnerability/CVE-2017-8142,,"The Trusted Execution Environment (TEE) module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use after free (UAF) vulnerability. An attacker tricks a user into installing a malicious application, and the application can start multiple threads and try to create and free specific memory, which could triggers access memory after free it and causes a system crash or arbitrary code execution.",McAfee,"Mate 9, Mate 9 Pro",7.8,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2017-11-22T19:29:00.000Z,0
CVE-2017-2716,https://securityvulnerability.io/vulnerability/CVE-2017-2716,,"The camerafs driver in Mate 9 Versions earlier than MHA-AL00BC00B173 has buffer overflow vulnerability. An attacker tricks a user into installing a malicious application which has the system privilege of the Android system and sends a specific parameter to the driver of the smart phone, causing a system crash or privilege escalation.",McAfee,Mate 9,7.8,HIGH,0.000910000002477318,false,,false,false,false,,,false,false,,2017-11-22T19:29:00.000Z,0
CVE-2017-8165,https://securityvulnerability.io/vulnerability/CVE-2017-8165,,Mate 9 Huawei smart phones with versions earlier than MHA-AL00BC00B233 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Successful exploitation may cause sensitive information leak.,McAfee,Mate 9,5.5,MEDIUM,0.0007200000109151006,false,,false,false,false,,,false,false,,2017-11-17T00:00:00.000Z,0