Vendor CVEs
Huawei
All CVEs
2,253 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-2723 | Med | 0.44 | 6.7 | 0.00 | Nov 22, 2017 | The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. An attacker with the root privilege of an Android system could forge the Safe to read users' plaintext Safe passwords, leading to… | ||
| CVE-2017-2703 | Med | 0.44 | 6.8 | 0.00 | Nov 22, 2017 | Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier before EVA-AL10C00B373,Versions earlier before EVA-CL10C00B373,Versions earlier… | ||
| CVE-2017-2702 | Med | 0.44 | 6.8 | 0.00 | Nov 22, 2017 | Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass. An attacker can bypass the Phone Finder by special steps and obtain the owner of the phone. | ||
| CVE-2017-2691 | Med | 0.44 | 6.8 | 0.00 | Nov 22, 2017 | Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass vulnerability. An unauthenticated attacker could force the phone to the fastboot… | ||
| CVE-2015-6592 | Med | 0.44 | 6.8 | 0.00 | Sep 25, 2017 | Huawei UAP2105 before V300R012C00SPC160(BootRom) does not require authentication to the serial port or the VxWorks shell. | ||
| CVE-2016-8793 | Med | 0.44 | 6.7 | 0.00 | Apr 2, 2017 | Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before… | ||
| CVE-2016-8775 | Med | 0.44 | 6.7 | 0.00 | Apr 2, 2017 | Touch Panel (TP) driver in Huawei NEM phones with software Versions before NEM-AL10C00B130, Versions before NEM-UL10C17B160, Versions before NEM-UL10C00B160, Versions before NEM-TL00C01B160 allows attackers to get root privilege or crash the system or execute arbitrary code,… | ||
| CVE-2016-8774 | Med | 0.44 | 6.7 | 0.00 | Apr 2, 2017 | The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386, versions before NXT-CL00C92B386, versions before NXT-DL00C17B386, versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368,… | ||
| CVE-2015-8673 | Med | 0.44 | 6.8 | 0.00 | Jan 12, 2016 | Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before V100R001C10SPC100 do not require entry of the old password when changing the password for the Debug account, which allows physically proximate attackers to change the password by… | ||
| CVE-2026-41976 | Med | 0.43 | 6.6 | 0.00 | Jun 9, 2026 | Permission control vulnerability in the audio framework. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||
| CVE-2020-1796 | Med | 0.43 | 6.6 | 0.00 | Mar 20, 2020 | There is an improper authorization vulnerability in several smartphones. The software incorrectly performs an authorization to certain user, successful exploit could allow a low privilege user to do certain operation which the user are supposed not to do.Affected product… | ||
| CVE-2020-1787 | Med | 0.43 | 6.6 | 0.00 | Jan 9, 2020 | HUAWEI Mate 20 smartphones versions earlier than 9.1.0.139(C00E133R3P1) have an improper authentication vulnerability. The system has a logic error under certain scenario, successful exploit could allow the attacker who gains the privilege of guest user to access to the host… | ||
| CVE-2016-6898 | Med | 0.43 | 6.6 | 0.01 | Sep 7, 2016 | XML external entity (XXE) vulnerability in the Hyper Management Module (HMM) in Huawei E9000 rack servers with software before V100R001C00SPC296 allows remote authenticated users to read arbitrary files or cause a denial of service (web service outage) via a crafted XML document. | ||
| CVE-2026-41982 | Med | 0.42 | 6.4 | 0.00 | Jun 9, 2026 | Race condition vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability. | ||
| CVE-2022-48314 | Med | 0.42 | 6.5 | 0.00 | Apr 16, 2023 | The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality. | ||
| CVE-2022-48313 | Med | 0.42 | 6.5 | 0.00 | Apr 16, 2023 | The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality. | ||
| CVE-2022-48355 | Med | 0.42 | 6.5 | 0.00 | Mar 27, 2023 | The Bluetooth module has a heap out-of-bounds read vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to crash. | ||
| CVE-2022-48354 | Med | 0.42 | 6.5 | 0.00 | Mar 27, 2023 | The Bluetooth module has a heap out-of-bounds write vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to crash. | ||
| CVE-2022-48291 | Med | 0.42 | 6.5 | 0.00 | Mar 27, 2023 | The Bluetooth module has an authentication bypass vulnerability in the pairing process. Successful exploitation of this vulnerability may affect confidentiality. | ||
| CVE-2022-48293 | Med | 0.42 | 6.5 | 0.00 | Feb 9, 2023 | The Bluetooth module has an OOM vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | ||
| CVE-2022-48292 | Med | 0.42 | 6.5 | 0.00 | Feb 9, 2023 | The Bluetooth module has an out-of-memory (OOM) vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | ||
| CVE-2022-47974 | Med | 0.42 | 6.5 | 0.00 | Jan 6, 2023 | The Bluetooth AVRCP module has a vulnerability that can lead to DoS attacks.Successful exploitation of this vulnerability may cause the Bluetooth process to restart. | ||
| CVE-2022-46740 | Med | 0.42 | 6.5 | 0.00 | Dec 28, 2022 | There is a denial of service vulnerability in the Wi-Fi module of the HUAWEI WS7100-20 Smart WiFi Router.Successful exploit could cause a denial of service (DoS) condition. | ||
| CVE-2022-33735 | Med | 0.42 | 6.5 | 0.00 | Sep 20, 2022 | There is a password verification vulnerability in WS7200-10 11.0.2.13. Attackers on the LAN may use brute force cracking to obtain passwords, which may cause sensitive system information to be disclosed. | ||
| CVE-2022-34741 | Med | 0.42 | 6.5 | 0.00 | Jul 12, 2022 | The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation. | ||
| CVE-2022-34740 | Med | 0.42 | 6.5 | 0.00 | Jul 12, 2022 | The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation. | ||
| CVE-2021-40016 | Med | 0.42 | 6.5 | 0.00 | Jul 12, 2022 | Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality. | ||
| CVE-2021-40013 | Med | 0.42 | 6.5 | 0.00 | Jul 12, 2022 | Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity. | ||
| CVE-2021-40059 | Med | 0.42 | 6.5 | 0.00 | Mar 10, 2022 | There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect confidentiality. | ||
| CVE-2021-40042 | Med | 0.42 | 6.5 | 0.01 | Jan 31, 2022 | There is a release of invalid pointer vulnerability in some Huawei products, successful exploit may cause the process and service abnormal. Affected product versions include: CloudEngine 12800 V200R019C10SPC800, V200R019C10SPC900; CloudEngine 5800 V200R019C10SPC800,… | ||
| CVE-2021-40007 | Med | 0.42 | 6.5 | 0.01 | Dec 13, 2021 | There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650. The vulnerability is caused by improper log output management. An attacker with the ability to access the log file of device may lead to information disclosure. | ||
| CVE-2021-37039 | Med | 0.42 | 6.5 | 0.00 | Dec 8, 2021 | There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS. | ||
| CVE-2021-39995 | Med | 0.42 | 6.5 | 0.01 | Nov 29, 2021 | Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could lead to a denial of service. Affected product versions include: eCNS280_TD V100R005C10; eSE620X vESS… | ||
| CVE-2021-37023 | Med | 0.42 | 6.5 | 0.01 | Nov 23, 2021 | There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause media files which can be reads and writes in non-distributed directories on any device on the network.. | ||
| CVE-2021-37124 | Med | 0.42 | 6.5 | 0.00 | Oct 27, 2021 | There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport… | ||
| CVE-2021-37122 | Med | 0.42 | 6.5 | 0.00 | Oct 27, 2021 | There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800… | ||
| CVE-2021-22382 | Med | 0.42 | 6.5 | 0.00 | Jun 22, 2021 | Huawei LTE USB Dongle products have an improper permission assignment vulnerability. An attacker can locally access and log in to a PC to induce a user to install a specially crafted application. After successfully exploiting this vulnerability, the attacker can perform… | ||
| CVE-2021-22411 | Med | 0.42 | 6.5 | 0.01 | May 27, 2021 | There is an out-of-bounds write vulnerability in some Huawei products. The code of a module have a bad judgment logic. Attackers can exploit this vulnerability by performing multiple abnormal activities to trigger the bad logic and cause out-of-bounds write. This may compromise… | ||
| CVE-2021-22339 | Med | 0.42 | 6.5 | 0.00 | May 20, 2021 | There is a denial of service vulnerability in some versions of ManageOne. In specific scenarios, due to the insufficient verification of the parameter, an attacker may craft some specific parameter. Successful exploit may cause some services abnormal. | ||
| CVE-2021-22330 | Med | 0.42 | 6.5 | 0.00 | Apr 28, 2021 | There is an out of bounds write vulnerability in Huawei Smartphone HUAWEI P30 versions 9.1.0.131(C00E130R1P21) when processing a message. An unauthenticated attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation… | ||
| CVE-2021-22327 | Med | 0.42 | 6.5 | 0.01 | Apr 28, 2021 | There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions… | ||
| CVE-2021-22312 | Med | 0.42 | 6.5 | 0.01 | Apr 8, 2021 | There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service… | ||
| CVE-2020-9212 | Med | 0.42 | 6.5 | 0.01 | Mar 22, 2021 | There is a vulnerability in some version of USG9500 that the device improperly handles the information when a user logs in to device. The attacker can exploit the vulnerability to perform some operation and can get information and cause information leak. | ||
| CVE-2021-22298 | Med | 0.42 | 6.5 | 0.01 | Feb 6, 2021 | There is a logic vulnerability in Huawei Gauss100 OLTP Product. An attacker with certain permissions could perform specific SQL statement to exploit this vulnerability. Due to insufficient security design, successful exploit can cause service abnormal. Affected product versions… | ||
| CVE-2020-1866 | Med | 0.42 | 6.5 | 0.00 | Jan 13, 2021 | There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions… | ||
| CVE-2020-1865 | Med | 0.42 | 6.5 | 0.00 | Jan 13, 2021 | There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of… | ||
| CVE-2020-9208 | Med | 0.42 | 6.5 | 0.01 | Dec 29, 2020 | There is an information leak vulnerability in iManager NetEco 6000 versions V600R021C00. A module is lack of authentication. Attackers without access to the module can exploit this vulnerability to obtain extra information, leading to information leak. | ||
| CVE-2020-9201 | Med | 0.42 | 6.5 | 0.00 | Dec 24, 2020 | There is an out-of-bounds read vulnerability in some versions of NIP6800, Secospace USG6600 and USG9500. The software reads data past the end of the intended buffer when parsing DHCP messages including crafted parameter. Successful exploit could cause certain service abnormal. | ||
| CVE-2020-9238 | Med | 0.42 | 6.5 | 0.00 | Oct 12, 2020 | Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buffer overflow vulnerability. A function in a module does not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected… | ||
| CVE-2020-9230 | Med | 0.42 | 6.5 | 0.00 | Oct 12, 2020 | WS5800-10 version 10.0.3.25 has a denial of service vulnerability. Due to improper verification of specific message, an attacker may exploit this vulnerability to cause specific function to become abnormal. |
- risk 0.44cvss 6.7epss 0.00
The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. An attacker with the root privilege of an Android system could forge the Safe to read users' plaintext Safe passwords, leading to…
- risk 0.44cvss 6.8epss 0.00
Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier before EVA-AL10C00B373,Versions earlier before EVA-CL10C00B373,Versions earlier…
- risk 0.44cvss 6.8epss 0.00
Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass. An attacker can bypass the Phone Finder by special steps and obtain the owner of the phone.
- risk 0.44cvss 6.8epss 0.00
Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass vulnerability. An unauthenticated attacker could force the phone to the fastboot…
- risk 0.44cvss 6.8epss 0.00
Huawei UAP2105 before V300R012C00SPC160(BootRom) does not require authentication to the serial port or the VxWorks shell.
- risk 0.44cvss 6.7epss 0.00
Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before…
- risk 0.44cvss 6.7epss 0.00
Touch Panel (TP) driver in Huawei NEM phones with software Versions before NEM-AL10C00B130, Versions before NEM-UL10C17B160, Versions before NEM-UL10C00B160, Versions before NEM-TL00C01B160 allows attackers to get root privilege or crash the system or execute arbitrary code,…
- risk 0.44cvss 6.7epss 0.00
The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386, versions before NXT-CL00C92B386, versions before NXT-DL00C17B386, versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368,…
- risk 0.44cvss 6.8epss 0.00
Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before V100R001C10SPC100 do not require entry of the old password when changing the password for the Debug account, which allows physically proximate attackers to change the password by…
- risk 0.43cvss 6.6epss 0.00
Permission control vulnerability in the audio framework. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- risk 0.43cvss 6.6epss 0.00
There is an improper authorization vulnerability in several smartphones. The software incorrectly performs an authorization to certain user, successful exploit could allow a low privilege user to do certain operation which the user are supposed not to do.Affected product…
- risk 0.43cvss 6.6epss 0.00
HUAWEI Mate 20 smartphones versions earlier than 9.1.0.139(C00E133R3P1) have an improper authentication vulnerability. The system has a logic error under certain scenario, successful exploit could allow the attacker who gains the privilege of guest user to access to the host…
- risk 0.43cvss 6.6epss 0.01
XML external entity (XXE) vulnerability in the Hyper Management Module (HMM) in Huawei E9000 rack servers with software before V100R001C00SPC296 allows remote authenticated users to read arbitrary files or cause a denial of service (web service outage) via a crafted XML document.
- risk 0.42cvss 6.4epss 0.00
Race condition vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability.
- risk 0.42cvss 6.5epss 0.00
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.
- risk 0.42cvss 6.5epss 0.00
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.
- risk 0.42cvss 6.5epss 0.00
The Bluetooth module has a heap out-of-bounds read vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to crash.
- risk 0.42cvss 6.5epss 0.00
The Bluetooth module has a heap out-of-bounds write vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to crash.
- risk 0.42cvss 6.5epss 0.00
The Bluetooth module has an authentication bypass vulnerability in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.
- risk 0.42cvss 6.5epss 0.00
The Bluetooth module has an OOM vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
- risk 0.42cvss 6.5epss 0.00
The Bluetooth module has an out-of-memory (OOM) vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
- risk 0.42cvss 6.5epss 0.00
The Bluetooth AVRCP module has a vulnerability that can lead to DoS attacks.Successful exploitation of this vulnerability may cause the Bluetooth process to restart.
- risk 0.42cvss 6.5epss 0.00
There is a denial of service vulnerability in the Wi-Fi module of the HUAWEI WS7100-20 Smart WiFi Router.Successful exploit could cause a denial of service (DoS) condition.
- risk 0.42cvss 6.5epss 0.00
There is a password verification vulnerability in WS7200-10 11.0.2.13. Attackers on the LAN may use brute force cracking to obtain passwords, which may cause sensitive system information to be disclosed.
- risk 0.42cvss 6.5epss 0.00
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
- risk 0.42cvss 6.5epss 0.00
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
- risk 0.42cvss 6.5epss 0.00
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality.
- risk 0.42cvss 6.5epss 0.00
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity.
- risk 0.42cvss 6.5epss 0.00
There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect confidentiality.
- risk 0.42cvss 6.5epss 0.01
There is a release of invalid pointer vulnerability in some Huawei products, successful exploit may cause the process and service abnormal. Affected product versions include: CloudEngine 12800 V200R019C10SPC800, V200R019C10SPC900; CloudEngine 5800 V200R019C10SPC800,…
- risk 0.42cvss 6.5epss 0.01
There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650. The vulnerability is caused by improper log output management. An attacker with the ability to access the log file of device may lead to information disclosure.
- risk 0.42cvss 6.5epss 0.00
There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS.
- risk 0.42cvss 6.5epss 0.01
Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could lead to a denial of service. Affected product versions include: eCNS280_TD V100R005C10; eSE620X vESS…
- risk 0.42cvss 6.5epss 0.01
There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause media files which can be reads and writes in non-distributed directories on any device on the network..
- risk 0.42cvss 6.5epss 0.00
There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport…
- risk 0.42cvss 6.5epss 0.00
There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800…
- risk 0.42cvss 6.5epss 0.00
Huawei LTE USB Dongle products have an improper permission assignment vulnerability. An attacker can locally access and log in to a PC to induce a user to install a specially crafted application. After successfully exploiting this vulnerability, the attacker can perform…
- risk 0.42cvss 6.5epss 0.01
There is an out-of-bounds write vulnerability in some Huawei products. The code of a module have a bad judgment logic. Attackers can exploit this vulnerability by performing multiple abnormal activities to trigger the bad logic and cause out-of-bounds write. This may compromise…
- risk 0.42cvss 6.5epss 0.00
There is a denial of service vulnerability in some versions of ManageOne. In specific scenarios, due to the insufficient verification of the parameter, an attacker may craft some specific parameter. Successful exploit may cause some services abnormal.
- risk 0.42cvss 6.5epss 0.00
There is an out of bounds write vulnerability in Huawei Smartphone HUAWEI P30 versions 9.1.0.131(C00E130R1P21) when processing a message. An unauthenticated attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation…
- risk 0.42cvss 6.5epss 0.01
There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions…
- risk 0.42cvss 6.5epss 0.01
There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service…
- risk 0.42cvss 6.5epss 0.01
There is a vulnerability in some version of USG9500 that the device improperly handles the information when a user logs in to device. The attacker can exploit the vulnerability to perform some operation and can get information and cause information leak.
- risk 0.42cvss 6.5epss 0.01
There is a logic vulnerability in Huawei Gauss100 OLTP Product. An attacker with certain permissions could perform specific SQL statement to exploit this vulnerability. Due to insufficient security design, successful exploit can cause service abnormal. Affected product versions…
- risk 0.42cvss 6.5epss 0.00
There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions…
- risk 0.42cvss 6.5epss 0.00
There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of…
- risk 0.42cvss 6.5epss 0.01
There is an information leak vulnerability in iManager NetEco 6000 versions V600R021C00. A module is lack of authentication. Attackers without access to the module can exploit this vulnerability to obtain extra information, leading to information leak.
- risk 0.42cvss 6.5epss 0.00
There is an out-of-bounds read vulnerability in some versions of NIP6800, Secospace USG6600 and USG9500. The software reads data past the end of the intended buffer when parsing DHCP messages including crafted parameter. Successful exploit could cause certain service abnormal.
- risk 0.42cvss 6.5epss 0.00
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buffer overflow vulnerability. A function in a module does not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected…
- risk 0.42cvss 6.5epss 0.00
WS5800-10 version 10.0.3.25 has a denial of service vulnerability. Due to improper verification of specific message, an attacker may exploit this vulnerability to cause specific function to become abnormal.
Page 22 of 46