Vulnerabilities (CVE)

Filtered by vendor Huawei Subscribe
Filtered by product Yalep-al10b
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-9247 1 Huawei 26 Hima-l29c, Hima-l29c Firmware, Honor 20 Pro and 23 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B.
CVE-2020-0069 2 Google, Huawei 57 Android, Berkeley-l09, Berkeley-l09 Firmware and 54 more 2024-11-21 7.2 HIGH 7.8 HIGH
In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754
CVE-2019-9506 8 Apple, Blackberry, Canonical and 5 more 274 Iphone Os, Mac Os X, Tvos and 271 more 2024-11-21 4.8 MEDIUM 8.1 HIGH
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.