Skip to main content

Tony Tl00B Firmware

5 CVEs product

Monthly

CVE-2020-9109 MEDIUM This Month

There is an information disclosure vulnerability in several smartphones. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Information Disclosure Mate 20 Firmware Mate 20 X Firmware +4
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2020-0069 HIGH KEV THREAT This Week

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Mediatek Buffer Overflow Privilege Escalation Memory Corruption Google +29
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2019-5235 MEDIUM This Month

Some Huawei smart phones have a null pointer dereference vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Huawei Denial Of Service Alp Al00B Firmware Alp Tl00B Firmware +48
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2019-2215 HIGH POC KEV PATCH THREAT Act Now

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Linux Information Disclosure Memory Corruption Android +76
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
72.1%
CVE-2019-9506 HIGH This Week

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection Android Iphone Os Mac Os X Tvos +143
NVD
CVSS 3.1
8.1
EPSS
2.7%
EPSS 0% CVSS 4.6
MEDIUM This Month

There is an information disclosure vulnerability in several smartphones. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Information Disclosure +6
NVD
EPSS 1% CVSS 7.8
HIGH KEV THREAT This Week

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Mediatek Buffer Overflow Privilege Escalation +31
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Some Huawei smart phones have a null pointer dereference vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Huawei Denial Of Service +50
NVD
EPSS 72% CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Linux Information Disclosure +78
NVD Exploit-DB
EPSS 3% CVSS 8.1
HIGH This Week

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection Android Iphone Os +145
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy