Skip to main content

Princeton Al10B Firmware

6 CVEs product

Monthly

CVE-2020-9247 HIGH This Week

There is a buffer overflow vulnerability in several Huawei products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei Honor 20 Pro Firmware Mate 20 Firmware +11
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-9235 MEDIUM This Month

Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Huawei Information Disclosure Honor 20 Pro Firmware Honor View 20 Firmware Oxfords An00A Firmware +7
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-0069 HIGH KEV THREAT This Week

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Mediatek Buffer Overflow Privilege Escalation Memory Corruption Google +29
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2019-5235 MEDIUM This Month

Some Huawei smart phones have a null pointer dereference vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Huawei Denial Of Service Alp Al00B Firmware Alp Tl00B Firmware +48
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2019-2215 HIGH POC KEV PATCH THREAT Act Now

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Linux Information Disclosure Memory Corruption Android +76
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
72.1%
CVE-2019-9506 HIGH This Week

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection Android Iphone Os Mac Os X Tvos +143
NVD
CVSS 3.1
8.1
EPSS
2.7%
EPSS 1% CVSS 7.8
HIGH This Week

There is a buffer overflow vulnerability in several Huawei products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei +13
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Huawei Information Disclosure Honor 20 Pro Firmware +9
NVD
EPSS 1% CVSS 7.8
HIGH KEV THREAT This Week

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Mediatek Buffer Overflow Privilege Escalation +31
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Some Huawei smart phones have a null pointer dereference vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Huawei Denial Of Service +50
NVD
EPSS 72% CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Linux Information Disclosure +78
NVD Exploit-DB
EPSS 3% CVSS 8.1
HIGH This Week

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection Android Iphone Os +145
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy