VYPR

Vendor CVEs

Huawei

All CVEs

2,254 total · sorted by risk
  • CVE-2016-8794HigApr 2, 2017
    risk 0.46cvss 7.1epss 0.01

    Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before…

  • CVE-2016-8792HigApr 2, 2017
    risk 0.46cvss 7.1epss 0.01

    Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before…

  • CVE-2016-8791HigApr 2, 2017
    risk 0.46cvss 7.1epss 0.01

    Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before…

  • CVE-2016-6179HigSep 7, 2016
    risk 0.46cvss 7.0epss 0.00

    The WiFi driver in Huawei Honor 6 smartphones with software H60-L01 before H60-L01C00B850, H60-L11 before H60-L11C00B850, H60-L21 before H60-L21C00B850, H60-L02 before H60-L02C00B850, H60-L12 before H60-L12C00B850, and H60-L03 before H60-L03C01B850 allows attackers to cause a…

  • CVE-2016-6184HigSep 7, 2016
    risk 0.46cvss 7.0epss 0.00

    The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted…

  • CVE-2016-6183HigSep 7, 2016
    risk 0.46cvss 7.0epss 0.00

    The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted…

  • CVE-2016-6182HigSep 7, 2016
    risk 0.46cvss 7.0epss 0.01

    The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted…

  • CVE-2016-6181HigSep 7, 2016
    risk 0.46cvss 7.0epss 0.00

    The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted…

  • CVE-2016-6180HigSep 7, 2016
    risk 0.46cvss 7.0epss 0.00

    The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted…

  • CVE-2015-8333HigJan 11, 2016
    risk 0.46cvss 7.1epss 0.01

    The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 allows remote authenticated users to change the IP address of the media server via crafted packets.

  • CVE-2026-28553MedApr 13, 2026
    risk 0.45cvss 6.9epss 0.00

    Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

  • CVE-2026-34864MedApr 13, 2026
    risk 0.44cvss 6.8epss 0.00

    Boundary-unlimited vulnerability in the application read module. Impact: Successful exploitation of this vulnerability may affect availability.

  • CVE-2026-34863MedApr 13, 2026
    risk 0.44cvss 6.7epss 0.00

    Out-of-bounds write vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability.

  • CVE-2022-22259MedJun 13, 2022
    risk 0.44cvss 6.8epss 0.00

    There is an improper authentication vulnerability in FLMG-10 10.0.1.0(H100SP22C00). Successful exploitation of this vulnerability may lead to a control of the victim device.

  • CVE-2021-37101MedSep 9, 2021
    risk 0.44cvss 6.8epss 0.00

    There is an improper authorization vulnerability in AIS-BW50-00 9.0.6.2(H100SP10C00) and 9.0.6.2(H100SP15C00). Due to improper authorization mangement, an attakcer can exploit this vulnerability by physical accessing the device and implant malicious code. Successfully exploit…

  • CVE-2021-37028MedAug 13, 2021
    risk 0.44cvss 6.7epss 0.00

    There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands.

  • CVE-2021-22397MedAug 2, 2021
    risk 0.44cvss 6.7epss 0.00

    There is a privilege escalation vulnerability in Huawei ManageOne 8.0.0. External parameters of some files are lack of verification when they are be called. Attackers can exploit this vulnerability by performing these files to cause privilege escalation attack. This can…

  • CVE-2021-22316MedJun 3, 2021
    risk 0.44cvss 6.8epss 0.00

    There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Attackers with physical access to the device can thereby exploit this vulnerability. A successful exploitation of this vulnerability can compromise the device's data security and…

  • CVE-2020-9206MedMar 22, 2021
    risk 0.44cvss 6.7epss 0.00

    The eUDC660 product has a resource management vulnerability. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper resource management of the device, as a result, the key file can be obtained and…

  • CVE-2021-22301MedFeb 6, 2021
    risk 0.44cvss 6.7epss 0.00

    Mate 30 10.0.0.203(C00E201R7P2) have a buffer overflow vulnerability. After obtaining the root permission, an attacker can exploit the vulnerability to cause buffer overflow.

  • CVE-2020-9209MedJan 13, 2021
    risk 0.44cvss 6.7epss 0.00

    There is a privilege escalation vulnerability in SMC2.0 product. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this vulnerability by crafting malicious file to launch privilege escalation. This can…

  • CVE-2020-9125MedDec 29, 2020
    risk 0.44cvss 6.7epss 0.00

    There is an out-of-bound read vulnerability in huawei smartphone Mate 30 versions earlier than 10.1.0.156 (C00E155R7P2). An attacker with specific permission can exploit this vulnerability by sending crafted packet with specific parameter to the target device. Due to…

  • CVE-2020-9137MedDec 24, 2020
    risk 0.44cvss 6.7epss 0.00

    There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected…

  • CVE-2020-9129MedNov 13, 2020
    risk 0.44cvss 6.7epss 0.00

    HUAWEI Mate 30 versions earlier than 10.1.0.159(C00E159R7P2) have a vulnerability of improper buffer operation. Due to improper restrictions, local attackers with high privileges can exploit the vulnerability to cause system heap overflow.

  • CVE-2020-9127MedNov 13, 2020
    risk 0.44cvss 6.7epss 0.00

    Some Huawei products have a command injection vulnerability. Due to insufficient input validation, an attacker with high privilege may inject some malicious codes in some files of the affected products. Successful exploit may cause command injection.Affected product versions…

  • CVE-2020-9105MedOct 9, 2020
    risk 0.44cvss 6.7epss 0.00

    Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to access and modify the memory of the device by doing a series of…

  • CVE-2020-9199MedSep 3, 2020
    risk 0.44cvss 6.8epss 0.01

    B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the LAN. Due to insufficient input validation of some parameters, the attacker can…

  • CVE-2020-9237MedAug 17, 2020
    risk 0.44cvss 6.7epss 0.00

    Huawei smartphone Taurus-AL00B with versions earlier than 10.1.0.126(C00E125R5P3) have a user after free vulnerability. A module is lack of lock protection. Attackers can exploit this vulnerability by launching specific request. This could compromise normal service of the…

  • CVE-2020-9244MedAug 11, 2020
    risk 0.44cvss 6.8epss 0.00

    HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier…

  • CVE-2020-9248MedJul 31, 2020
    risk 0.44cvss 6.7epss 0.00

    Huawei FusionComput 8.0.0 have an improper authorization vulnerability. A module does not verify some input correctly and authorizes files with incorrect access. Attackers can exploit this vulnerability to launch privilege escalation attack. This can compromise normal service.

  • CVE-2020-9076MedJun 15, 2020
    risk 0.44cvss 6.8epss 0.01

    HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11); versions earlier than 10.1.0.135(C00E135R2P8), versions earlier than 10.1.0.135 have an improper authentication vulnerability. Due to the identity of the message sender not…

  • CVE-2020-1813MedJun 15, 2020
    risk 0.44cvss 6.8epss 0.00

    HUAWEI P30 smart phone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. Due to improper authentication of specific interface, in specific scenario attackers could access specific interface without authentication. Successful…

  • CVE-2020-9072MedApr 27, 2020
    risk 0.44cvss 6.7epss 0.00

    Huawei OSD product with versions earlier than OSD_uwp_9.0.32.0 have a local privilege escalation vulnerability. An authenticated, local attacker can constructs a specific file path to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher…

  • CVE-2020-1842MedFeb 18, 2020
    risk 0.44cvss 6.8epss 0.00

    Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version 1.0.0.71(SP1); and OSCA-550AX and OSCA-550X version 1.0.0.71(SP2) have an insufficient authentication vulnerability. An attacker can access the device physically and perform specific operations to exploit this…

  • CVE-2020-1843MedFeb 18, 2020
    risk 0.44cvss 6.8epss 0.00

    Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit…

  • CVE-2020-1789MedFeb 18, 2020
    risk 0.44cvss 6.8epss 0.00

    Huawei OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X products with version 1.0.1.21(SP3) have an insufficient authentication vulnerability. The software does not require a strong credential when the user trying to do certain operations. Successful exploit could allow an…

  • CVE-2019-5300MedJun 4, 2019
    risk 0.44cvss 6.7epss 0.00

    There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the…

  • CVE-2019-5298MedJun 4, 2019
    risk 0.44cvss 6.8epss 0.00

    There is an improper authentication vulnerability in some Huawei AP products before version V200R009C00SPC800. Due to the improper implementation of authentication for the serial port, an attacker could exploit this vulnerability by connecting to the affected products and…

  • CVE-2019-5215MedJun 4, 2019
    risk 0.44cvss 6.8epss 0.00

    There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei…

  • CVE-2018-7925MedNov 13, 2018
    risk 0.44cvss 6.8epss 0.00

    The radio module of some Huawei smartphones Emily-AL00A The versions before 8.1.0.171(C00) have a lock-screen bypass vulnerability. An unauthenticated attacker could start third-part input method APP through certain operations to bypass lock-screen by exploit this vulnerability.

  • CVE-2018-7910MedNov 13, 2018
    risk 0.44cvss 6.8epss 0.00

    Some Huawei smartphones ALP-AL00B 8.0.0.118D(C00), ALP-TL00B 8.0.0.118D(C01), BLA-AL00B 8.0.0.118D(C00), BLA-L09C 8.0.0.127(C432), 8.0.0.128(C432), 8.0.0.137(C432), BLA-L29C 8.0.0.129(C432), 8.0.0.137(C432) have an authentication bypass vulnerability. When the attacker obtains…

  • CVE-2017-17176MedOct 17, 2018
    risk 0.44cvss 6.7epss 0.00

    The hardware security module of Mate 9 and Mate 9 Pro Huawei smart phones with the versions earlier before MHA-AL00BC00B156, versions earlier before MHA-CL00BC00B156, versions earlier before MHA-DL00BC00B156, versions earlier before MHA-TL00BC00B156, versions earlier before…

  • CVE-2018-7929MedSep 18, 2018
    risk 0.44cvss 6.8epss 0.00

    Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.167(C786) have a lock-screen bypass vulnerability. An attacker could unlock and use the phone through certain operations.

  • CVE-2018-7944MedJul 5, 2018
    risk 0.44cvss 6.8epss 0.00

    Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. An attacker gets some user's smart phone and performs some special operations in the guide function. The attacker may exploit the…

  • CVE-2017-17161MedFeb 15, 2018
    risk 0.44cvss 6.8epss 0.00

    The 'Find Phone' function in some Huawei smart phones with software earlier than Duke-L09C10B186 versions, earlier than Duke-L09C432B187 versions, earlier than Duke-L09C636B186 versions has an authentication bypass vulnerability. Due to improper authentication realization in the…

  • CVE-2017-15351MedFeb 15, 2018
    risk 0.44cvss 6.8epss 0.00

    The 'Find Phone' function in Huawei Honor V9 play smart phones with versions earlier than Jimmy-AL00AC00B135 has an authentication bypass vulnerability. Due to improper authentication realization in the 'Find Phone' function. An attacker may exploit the vulnerability to bypass…

  • CVE-2017-8206MedNov 22, 2017
    risk 0.44cvss 6.8epss 0.00

    HONOR 7 Lite mobile phones with software of versions earlier than NEM-L21C432B352 have an App Lock bypass vulnerability. An attacker could perform specific operations to bypass the App Lock to use apps on a target mobile phone temporarily.

  • CVE-2017-8190MedNov 22, 2017
    risk 0.44cvss 6.7epss 0.00

    FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software.

  • CVE-2017-8166MedNov 22, 2017
    risk 0.44cvss 6.8epss 0.00

    Huawei mobile phones Honor V9 with the software versions before Duke-AL20C00B195 have an App Lock bypass vulnerability. An attacker could perform specific operations to bypass the App Lock to use apps on a target mobile phone.

  • CVE-2017-8156MedNov 22, 2017
    risk 0.44cvss 6.8epss 0.00

    The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on the serial port. An attacker can access the serial port on the circuit board of the outdoor unit and log in to the CPE without authentication. Successful…

Page 21 of 46