Nova 3 Firmware

nova_3_firmware

Vendor: Huawei • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-0069 2Google Huawei 29Android Berkeley L09 FirmwareColumbia Al10b Firmware+26 more Oct 23, 2025 Mar 10, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privileg...Show more In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754Show less
CVE-2020-0022 2Google Huawei 22Android Honor 8a FirmwareHonor 8x Firmware+19 more Nov 21, 2024 Feb 13, 2020 N/A· v4 8.8 HIGH· v3 8.3 HIGH· v2 In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privi...Show more In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715Show less
CVE-2019-2215 5Canonical DebianGoogle+2 more 77A220 Firmware A320 FirmwareA800 Firmware+74 more Oct 24, 2025 Oct 11, 2019 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installat...Show more A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095Show less
CVE-2019-9506 7Apple CanonicalDebian+4 more 147Alp Al00b Firmware AndroidAres Al00b Firmware+144 more Nov 21, 2024 Aug 14, 2019 N/A· v4 8.1 HIGH· v3 4.8 MEDIUM· v2 The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-...Show more The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.Show less
CVE-2018-7956 1Huawei 4Mate 20 Firmware Nova 3 FirmwareNova 3i Firmware+1 more Nov 21, 2024 Dec 4, 2018 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability in versions before 4.0.5 that attackers can conduct bruteforce to the VIP App Web Services...Show more Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability in versions before 4.0.5 that attackers can conduct bruteforce to the VIP App Web Services to get user information.Show less