Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-5252 | 1 Huawei | 12 Enjoy 8 Plus, Enjoy 8 Plus Firmware, Honor 8x and 9 more | 2019-12-26 | 3.6 LOW | 3.5 LOW |
There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant. | |||||
CVE-2017-17140 | 1 Huawei | 4 Enjoy 5s, Enjoy 5s Firmware, Y6 Pro and 1 more | 2018-03-27 | 4.3 MEDIUM | 5.5 MEDIUM |
Huawei Enjoy 5s and Y6 Pro smartphones with software the versions before TAG-AL00C92B170; the versions before TIT-L01C576B121 have an information leak vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious application on the smart phone and the application can read some sensitive information in kernel memory which may cause sensitive information leak. | |||||
CVE-2017-2735 | 1 Huawei | 2 Y6 Pro, Y6 Pro Firmware | 2017-12-11 | 5.8 MEDIUM | 7.1 HIGH |
TIT-AL00 smartphones with software versions earlier before TIT-AL00C583B214 have a exposed system interface vulnerability. The software provides a system interface for interaction with external applications, but calling the interface is not properly restricted. An attacker could trick the user into installing a malicious application to call the interface and modify the system properties. |