Skip to main content

Tony Al00B Firmware

9 CVEs product

Monthly

CVE-2021-22440 MEDIUM This Month

There is a path traversal vulnerability in some Huawei products. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Path Traversal Mate 20 Firmware Mate 20 Pro Firmware Hima L29C Firmware +3
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2020-9247 HIGH This Week

There is a buffer overflow vulnerability in several Huawei products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei Honor 20 Pro Firmware Mate 20 Firmware +11
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-9109 MEDIUM This Month

There is an information disclosure vulnerability in several smartphones. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Information Disclosure Mate 20 Firmware Mate 20 X Firmware +4
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2020-9235 MEDIUM This Month

Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Huawei Information Disclosure Honor 20 Pro Firmware Honor View 20 Firmware Oxfords An00A Firmware +7
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-9076 MEDIUM This Month

HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Authentication Bypass P30 Firmware P30 Pro Firmware Tony Al00B Firmware
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2020-0069 HIGH KEV THREAT This Week

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Mediatek Buffer Overflow Privilege Escalation Memory Corruption Google +29
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2019-5235 MEDIUM This Month

Some Huawei smart phones have a null pointer dereference vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Huawei Denial Of Service Alp Al00B Firmware Alp Tl00B Firmware +48
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2019-2215 HIGH POC KEV PATCH THREAT Act Now

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Linux Information Disclosure Memory Corruption Android +76
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
72.1%
CVE-2019-9506 HIGH This Week

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection Android Iphone Os Mac Os X Tvos +143
NVD
CVSS 3.1
8.1
EPSS
2.7%
EPSS 0% CVSS 4.6
MEDIUM This Month

There is a path traversal vulnerability in some Huawei products. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Path Traversal Mate 20 Firmware +5
NVD
EPSS 1% CVSS 7.8
HIGH This Week

There is a buffer overflow vulnerability in several Huawei products. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei +13
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

There is an information disclosure vulnerability in several smartphones. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Information Disclosure +6
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Huawei Information Disclosure Honor 20 Pro Firmware +9
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Authentication Bypass P30 Firmware +2
NVD
EPSS 1% CVSS 7.8
HIGH KEV THREAT This Week

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Mediatek Buffer Overflow Privilege Escalation +31
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Some Huawei smart phones have a null pointer dereference vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Huawei Denial Of Service +50
NVD
EPSS 72% CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Linux Information Disclosure +78
NVD Exploit-DB
EPSS 3% CVSS 8.1
HIGH This Week

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection Android Iphone Os +145
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy