VYPR

Vendor CVEs

Huawei

All CVEs

2,254 total · sorted by risk
  • CVE-2026-34860MedApr 13, 2026
    risk 0.27cvss 4.1epss 0.00

    Access control vulnerability in the memo module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

  • CVE-2025-49599MedJun 6, 2025
    risk 0.27cvss 4.1epss 0.00

    Huawei EG8141A5 devices through V5R019C00S100, EG8145V5 devices through V5R019C00S100, and EG8145V5-V2 devices through V5R021C00S184 allow the Epuser account to disable ONT firewall functionality, e.g., to remove the default blocking of the SSH and TELNET TCP ports, aka…

  • CVE-2017-17171MedJun 1, 2018
    risk 0.27cvss 4.2epss 0.00

    Some Huawei smart phones have the denial of service (DoS) vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and launch attacks using a pre-installed app with specific permissions. Successful…

  • CVE-2017-8196MedNov 22, 2017
    risk 0.27cvss 4.2epss 0.00

    FusionSphere V100R006C00SPC102(NFV) has an incorrect authorization vulnerability. An authenticated attacker could execute commands that he/she should have had no permission to perform, thereby querying, modifying, and deleting certain service data and making the service…

  • CVE-2025-66329MedDec 8, 2025
    risk 0.26cvss 4.0epss 0.00

    Permission control vulnerability in the window management module. Impact: Successful exploitation of this vulnerability may affect availability.

  • CVE-2015-8303MedJan 8, 2016
    risk 0.26cvss 4.0epss 0.00

    Huawei Document Security Management (DSM) with software before V100R002C05SPC661 does not clear the clipboard when closing a secure file, which allows local users to obtain sensitive information by pasting the contents to another file.

  • CVE-2018-7947LowJul 31, 2018
    risk 0.25cvss 3.9epss 0.00

    Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to…

  • CVE-2017-17149LowMar 9, 2018
    risk 0.25cvss 3.9epss 0.00

    Huawei HiWallet App with the versions before 8.0.4 has an arbitrary lock pattern change vulnerability. It needs to verify the user's Huawei ID during lock pattern change. An attacker with root privilege who gets a user's smart phone may bypass Huawei ID verification by special…

  • CVE-2017-17317LowJul 2, 2018
    risk 0.24cvss 3.7epss 0.01

    Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace…

  • CVE-2017-17314LowApr 30, 2018
    risk 0.24cvss 3.7epss 0.01

    Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find…

  • CVE-2017-17325LowMar 9, 2018
    risk 0.24cvss 3.7epss 0.01

    Huawei video applications HiCinema with software of 8.0.3.308; 8.0.4.300 have a permission control vulnerability. Due to improper verification of specific interface, an attacker who is on the same network with the user can obtain some information through a man-in-the-middle…

  • CVE-2017-17141LowMar 5, 2018
    risk 0.24cvss 3.7epss 0.01

    Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T;…

  • CVE-2017-15353LowFeb 15, 2018
    risk 0.24cvss 3.7epss 0.01

    Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50,…

  • CVE-2017-15339LowFeb 15, 2018
    risk 0.24cvss 3.7epss 0.01

    The SIP module in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00,…

  • CVE-2017-15338LowFeb 15, 2018
    risk 0.24cvss 3.7epss 0.01

    The SIP module in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00,…

  • CVE-2017-15337LowFeb 15, 2018
    risk 0.24cvss 3.7epss 0.01

    The SIP module in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00,…

  • CVE-2017-15321LowDec 22, 2017
    risk 0.24cvss 3.7epss 0.01

    Huawei FusionSphere OpenStack V100R006C000SPC102 (NFV) has an information leak vulnerability due to the use of a low version transmission protocol by default. An attacker could intercept packets transferred by a target device. Successful exploit could cause an information leak.

  • CVE-2015-8224LowSep 20, 2017
    risk 0.24cvss 3.7epss 0.01

    Huawei P8 before GRA-CL00C92B210, before GRA-L09C432B200, before GRA-TL00C01B210, and before GRA-UL00C00B210 allows remote attackers to obtain user equipment (aka UE) measurements of signal strengths.

  • CVE-2016-5233LowJun 10, 2016
    risk 0.24cvss 3.7epss 0.01

    Huawei Mate 8 smartphones with software NXT-AL10 before NXT-AL10C00B182, NXT-CL00 before NXT-CL00C92B182, NXT-DL00 before NXT-DL00C17B182, and NXT-TL00 before NXT-TL00C01B182 allow remote base stations to obtain sensitive subscriber signal strength information via vectors…

  • CVE-2026-41974LowJun 9, 2026
    risk 0.23cvss 3.6epss 0.00

    Permission control vulnerability in service notifications. Impact: Successful exploitation of this vulnerability may affect availability.

  • CVE-2017-17280LowMar 9, 2018
    risk 0.23cvss 3.5epss 0.00

    NFC (Near Field Communication) module in Huawei mobile phones with software LON-AL00BC00 has an information leak vulnerability. The attacker has to trick a user to do some specific operations and then craft the NFC message to exploit this vulnerability. Successful exploit will…

  • CVE-2017-2730LowNov 22, 2017
    risk 0.23cvss 3.5epss 0.00

    HUAWEI HiLink APP (for IOS) versions earlier before 5.0.25.306 and HUAWEI Tech Support APP (for IOS) versions earlier before 5.0.0 have an information leak vulnerability. When an iPhone with these APPs installed access the Wi-Fi hotpot built by attacker, the attacker can collect…

  • CVE-2018-7938LowSep 4, 2018
    risk 0.21cvss 3.3epss 0.01

    P10 Huawei smartphones with the versions before Victoria-AL00AC00B217 have an information leak vulnerability due to the lack of permission validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can read some hardware…

  • CVE-2018-7957LowJul 31, 2018
    risk 0.21cvss 3.3epss 0.00

    Huawei smartphones with software Victoria-AL00 8.0.0.336a(C00) have an information leakage vulnerability. Because an interface does not verify authorization correctly, attackers can exploit an application with the authorization of phone state to obtain user location additionally.

  • CVE-2017-17330LowMar 9, 2018
    risk 0.21cvss 3.3epss 0.00

    Huawei AR3200 V200R005C32; V200R006C10; V200R006C11; V200R007C00; V200R007C01; V200R007C02; V200R008C00; V200R008C10; V200R008C20; V200R008C30; NGFW Module V500R001C00; V500R001C20; V500R002C00 have a memory leak vulnerability. The software does not release allocated memory…

  • CVE-2017-17329LowMar 9, 2018
    risk 0.21cvss 3.3epss 0.00

    Huawei ViewPoint 8660 V100R008C03 have a memory leak vulnerability. The software does not release allocated memory properly when parse XML Schema data. An authenticated attacker could upload a crafted XML file, successful exploit could cause the system service abnormal since run…

  • CVE-2017-17321LowMar 9, 2018
    risk 0.21cvss 3.3epss 0.00

    Huawei eNSP software with software of versions earlier than V100R002C00B510 has a buffer overflow vulnerability. Due to the improper validation of specific command line parameter, a local attacker could exploit this vulnerability to cause the software process abnormal.

  • CVE-2017-17302LowFeb 15, 2018
    risk 0.21cvss 3.3epss 0.00

    Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability. An authenticated, local attacker may craft and load…

  • CVE-2017-17294LowFeb 15, 2018
    risk 0.21cvss 3.3epss 0.00

    Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01,…

  • CVE-2017-17293LowFeb 15, 2018
    risk 0.21cvss 3.3epss 0.00

    Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01,…

  • CVE-2017-17292LowFeb 15, 2018
    risk 0.21cvss 3.3epss 0.00

    Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01,…

  • CVE-2017-17289LowFeb 15, 2018
    risk 0.21cvss 3.3epss 0.00

    Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability. The software does not release…

  • CVE-2017-2701LowNov 22, 2017
    risk 0.21cvss 3.3epss 0.00

    Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application. Since the system does not verify the broadcasting message from the application, it could be exploited to cause some functions of…

  • CVE-2017-2694LowNov 22, 2017
    risk 0.21cvss 3.3epss 0.01

    The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call. An attacker can construct a malicious application to call it. Consequently, alert music will be played suddenly,…

  • CVE-2016-8757LowApr 2, 2017
    risk 0.21cvss 3.3epss 0.01

    ION memory management module in Huawei P9 phones with software EVA-AL10C00B192 and earlier versions, EVA-DL10C00B192 and earlier versions, EVA-TL10C00B192 and earlier versions, EVA-CL10C00B192 and earlier versions allows attackers to obtain sensitive information from…

  • CVE-2015-2246LowApr 2, 2017
    risk 0.21cvss 3.3epss 0.00

    The MeWidget module on Huawei P7 smartphones with software P7-L10 V100R001C00B136 and earlier versions could lead to the disclosure of contact information.

  • CVE-2014-8571LowApr 2, 2017
    risk 0.21cvss 3.3epss 0.00

    Apps on Huawei Ascend P6 mobile phones with software EDGE-U00 V100R001C17B508SP01 and earlier versions before V100R001C17B508SP02; EDGE-T00 V100R001C01B508SP01 and earlier versions before V100R001C01B508SP02; EDGE-C00 V100R001C92B508SP02 and earlier versions before…

  • CVE-2017-17282LowMar 9, 2018
    risk 0.20cvss 3.1epss 0.00

    SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer…

  • CVE-2017-15352LowFeb 15, 2018
    risk 0.20cvss 3.1epss 0.00

    Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5500 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5600 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5800 V3, V300R003C00, V300R003C10,…

  • CVE-2017-2739LowNov 22, 2017
    risk 0.20cvss 3.1epss 0.00

    The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 versions is transferred through HTTP. A man in the middle (MITM) can tamper with the upgrade package of Huawei Vmall APP, and to implant the malicious applications.

  • CVE-2026-41986LowJun 9, 2026
    risk 0.16cvss 2.4epss 0.00

    Logic bypass vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability.

  • CVE-2026-34849LowApr 13, 2026
    risk 0.16cvss 2.5epss 0.00

    UAF vulnerability in the screen management module. Impact: Successful exploitation of this vulnerability may affect availability.

  • CVE-2017-2705LowNov 22, 2017
    risk 0.16cvss 2.4epss 0.00

    Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a phone activation bypass…

  • CVE-2017-15307LowDec 22, 2017
    risk 0.15cvss 2.3epss 0.00

    Huawei Honor 8 smartphone with software versions earlier than FRD-L04C567B389 and earlier than FRD-L14C567B389 have a permission control vulnerability due to improper authorization configuration on specific device information.

  • CVE-2017-8118LowNov 22, 2017
    risk 0.15cvss 2.3epss 0.00

    The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak.

  • CVE-2026-34851LowApr 13, 2026
    risk 0.14cvss 2.2epss 0.00

    Race condition vulnerability in the event notification module. Impact: Successful exploitation of this vulnerability may affect availability.

  • CVE-2026-34850LowApr 13, 2026
    risk 0.12cvss 1.9epss 0.00

    Race condition vulnerability in the notification service. Impact: Successful exploitation of this vulnerability may affect availability.

  • CVE-2015-7254Nov 7, 2015
    risk 0.05cvss epss 0.28

    Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote attackers to read arbitrary files via a .. (dot dot) in an icon/ URI.

  • CVE-2014-9418Dec 24, 2014
    risk 0.03cvss epss 0.01

    The eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei eSpace Desktop before V200R001C03 allows local users to cause a denial of service (memory overflow) via unspecified vectors.

  • CVE-2014-9417Dec 24, 2014
    risk 0.03cvss epss 0.01

    The Meeting component in Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted image.

Page 12 of 46