Files
by Huawei
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-2715 | Hig | 0.51 | 7.8 | 0.00 | Nov 22, 2017 | The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. An unauthorized attacker could access sensitive database information and may crack users' Safe… | ||
| CVE-2017-2723 | Med | 0.44 | 6.7 | 0.00 | Nov 22, 2017 | The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. An attacker with the root privilege of an Android system could forge the Safe to read users' plaintext Safe passwords, leading to… | ||
| CVE-2026-26002 | 0.00 | — | 0.01 | Mar 4, 2026 | Open OnDemand is an open-source high-performance computing portal. The Files application in OnDemand versions prior to 4.0.9 and 4.1.3 is susceptible to malicious input when navigating to a directory. This has been patched in versions 4.0.9 and 4.1.3. Versions below this remain… | |||
| CVE-2023-2112 | 0.00 | — | 0.00 | Apr 20, 2023 | Desktop component service allows lateral movement between sessions in M-Files before 23.4.12455.0. |
- risk 0.51cvss 7.8epss 0.00
The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. An unauthorized attacker could access sensitive database information and may crack users' Safe…
- risk 0.44cvss 6.7epss 0.00
The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. An attacker with the root privilege of an Android system could forge the Safe to read users' plaintext Safe passwords, leading to…
- CVE-2026-26002Mar 4, 2026risk 0.00cvss —epss 0.01
Open OnDemand is an open-source high-performance computing portal. The Files application in OnDemand versions prior to 4.0.9 and 4.1.3 is susceptible to malicious input when navigating to a directory. This has been patched in versions 4.0.9 and 4.1.3. Versions below this remain…
- CVE-2023-2112Apr 20, 2023risk 0.00cvss —epss 0.00
Desktop component service allows lateral movement between sessions in M-Files before 23.4.12455.0.