Vendor CVEs
Huawei
All CVEs
2,253 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-37082 | Med | 0.38 | 5.9 | 0.00 | Dec 7, 2021 | There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to motionhub crash. | ||
| CVE-2021-22356 | Med | 0.38 | 5.9 | 0.00 | Nov 23, 2021 | There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected… | ||
| CVE-2021-36987 | Med | 0.38 | 5.9 | 0.00 | Oct 28, 2021 | There is a issue that nodes in the linked list being freed for multiple times in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause the system to restart. | ||
| CVE-2019-5253 | Med | 0.38 | 5.9 | 0.01 | Dec 13, 2019 | E5572-855 with versions earlier than 8.0.1.3(H335SP1C233) has an improper authentication vulnerability. The device does not perform a sufficient authentication when doing certain operations, successful exploit could allow an attacker to cause the device to reboot after launch a… | ||
| CVE-2018-7987 | Med | 0.38 | 5.9 | 0.01 | Dec 4, 2018 | There is an out-of-bounds write vulnerability on Huawei P20 smartphones with versions before 8.1.0.171(C00). The software does not handle the response message properly when the user doing certain inquiry operation, an attacker could send crafted message to the device, successful… | ||
| CVE-2018-7959 | Med | 0.38 | 5.9 | 0.01 | Nov 27, 2018 | There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information… | ||
| CVE-2017-17305 | Med | 0.38 | 5.9 | 0.01 | Aug 21, 2018 | Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations. Remote attackers can decrypt IPSEC tunnel ciphertext data by… | ||
| CVE-2017-17174 | Med | 0.38 | 5.9 | 0.01 | Jul 31, 2018 | Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; VP9660 V600R006C10; eSpace U1981 V100R001C20; V200R003C20; V200R003C30; V200R003C50 have a weak algorithm vulnerability. To exploit the vulnerability, a remote, unauthenticated attacker has to capture TLS… | ||
| CVE-2017-17217 | Med | 0.38 | 5.9 | 0.01 | Mar 9, 2018 | Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds… | ||
| CVE-2017-17216 | Med | 0.38 | 5.9 | 0.01 | Mar 9, 2018 | Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds… | ||
| CVE-2017-17200 | Med | 0.38 | 5.9 | 0.01 | Mar 9, 2018 | Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing… | ||
| CVE-2017-17199 | Med | 0.38 | 5.9 | 0.01 | Mar 9, 2018 | Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing… | ||
| CVE-2017-17167 | Med | 0.38 | 5.9 | 0.01 | Mar 9, 2018 | Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerability. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could… | ||
| CVE-2017-17160 | Med | 0.38 | 5.9 | 0.01 | Feb 15, 2018 | Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00,… | ||
| CVE-2017-17152 | Med | 0.38 | 5.9 | 0.01 | Feb 15, 2018 | IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078,… | ||
| CVE-2017-17151 | Med | 0.38 | 5.9 | 0.01 | Feb 15, 2018 | Huawei AR100, AR100-S, AR110-S, AR120, AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR510, DP300, NetEngine16EX, RP200, SRG1300, SRG2300, SRG3300, TE30, TE40, TE50, TE60, TP3106, TP3206, ViewPoint 8660, and ViewPoint 9030 have an… | ||
| CVE-2014-5394 | Med | 0.38 | 5.9 | 0.02 | Jan 8, 2018 | Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal. | ||
| CVE-2017-8191 | Med | 0.38 | 5.9 | 0.01 | Nov 22, 2017 | FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic algorithm vulnerability. Attackers may exploit the vulnerability to crack the cipher text and cause information leak on the transmission links. | ||
| CVE-2017-8157 | Med | 0.38 | 5.9 | 0.01 | Nov 22, 2017 | OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an information leakage vulnerability. Products use TLS1.0 to encrypt. Attackers can exploit TLS1.0's vulnerabilities to decrypt data to obtain sensitive information. | ||
| CVE-2015-2255 | Med | 0.38 | 5.9 | 0.01 | Jun 8, 2017 | Huawei AR1220 routers with software before V200R005SPH006 allow remote attackers to cause a denial of service (board reset) via vectors involving a large amount of traffic from the GE port to the FE port. | ||
| CVE-2016-8795 | Med | 0.38 | 5.9 | 0.01 | Apr 2, 2017 | Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00,… | ||
| CVE-2016-5435 | Med | 0.38 | 5.9 | 0.01 | Jun 24, 2016 | Memory leak in Huawei IPS Module, NGFW Module, NIP6300, NIP6600, and Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 V500R001C00 before V500R001C20SPC100, when in hot standby networking where two devices are not directly connected, allows remote attackers to cause… | ||
| CVE-2026-34855 | Med | 0.37 | 5.7 | 0.00 | Apr 13, 2026 | Out-of-bounds write vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | ||
| CVE-2026-34854 | Med | 0.37 | 5.7 | 0.00 | Apr 13, 2026 | UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | ||
| CVE-2019-5211 | Med | 0.37 | 5.7 | 0.00 | Nov 29, 2019 | The Huawei Share function of P20 phones with versions earlier than Emily-L29C 9.1.0.311 has an improper file management vulnerability. The attacker tricks the victim to perform certain operations on the mobile phone during file transfer. Because the file is not properly… | ||
| CVE-2018-7930 | Med | 0.37 | 5.7 | 0.00 | Apr 11, 2018 | The Near Field Communication (NFC) module in Mate 9 Huawei mobile phones with the versions before MHA-L29B 8.0.0.366(C567) has an information leak vulnerability due to insufficient validation on data transfer requests. When an affected mobile phone sends files to an attacker's… | ||
| CVE-2017-17131 | Med | 0.37 | 5.7 | 0.01 | Mar 5, 2018 | Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V600R006C00; TE50 V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00; VP9660 V500R002C10 have an DoS vulnerability due to insufficient validation of the parameter when a putty comment key is loaded.… | ||
| CVE-2016-8790 | Med | 0.37 | 5.7 | 0.00 | Apr 2, 2017 | Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before… | ||
| CVE-2026-41980 | Med | 0.36 | 5.5 | 0.00 | Jun 9, 2026 | Permission control vulnerability in the file preview module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||
| CVE-2026-34867 | Med | 0.36 | 5.6 | 0.00 | Apr 13, 2026 | Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability. | ||
| CVE-2023-49248 | Med | 0.36 | 5.5 | 0.00 | Dec 6, 2023 | Vulnerability of unauthorized file access in the Settings app. Successful exploitation of this vulnerability may cause unauthorized file access. | ||
| CVE-2022-48518 | Med | 0.36 | 5.5 | 0.00 | Jul 6, 2023 | Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the… | ||
| CVE-2022-48305 | Med | 0.36 | 5.5 | 0.00 | Feb 27, 2023 | There is an identity authentication bypass vulnerability in Huawei Children Smart Watch (Simba-AL00) 1.1.1.274. Successful exploitation of this vulnerability may cause the access control function of specific applications to fail. | ||
| CVE-2022-45874 | Med | 0.36 | 5.5 | 0.00 | Dec 28, 2022 | Huawei Aslan Children's Watch has an improper authorization vulnerability. Successful exploit could allow the attacker to access certain file. | ||
| CVE-2022-41590 | Med | 0.36 | 5.5 | 0.00 | Dec 20, 2022 | Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability. | ||
| CVE-2021-46834 | Med | 0.36 | 5.5 | 0.00 | Sep 20, 2022 | A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. Affected product versions include:JAD-AL50 versions 102.0.0.225(C00E220R3P4). | ||
| CVE-2022-31752 | Med | 0.36 | 5.5 | 0.00 | Jun 13, 2022 | Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality. | ||
| CVE-2022-31763 | Med | 0.36 | 5.5 | 0.00 | Jun 13, 2022 | The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability. | ||
| CVE-2022-31759 | Med | 0.36 | 5.5 | 0.00 | Jun 13, 2022 | AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability. | ||
| CVE-2022-31756 | Med | 0.36 | 5.5 | 0.00 | Jun 13, 2022 | The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality. | ||
| CVE-2022-31755 | Med | 0.36 | 5.5 | 0.00 | Jun 13, 2022 | The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability. | ||
| CVE-2022-31751 | Med | 0.36 | 5.5 | 0.00 | Jun 13, 2022 | The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability. | ||
| CVE-2021-37103 | Med | 0.36 | 5.5 | 0.00 | Feb 25, 2022 | There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality. | ||
| CVE-2021-22479 | Med | 0.36 | 5.5 | 0.00 | Feb 25, 2022 | The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash. | ||
| CVE-2021-22478 | Med | 0.36 | 5.5 | 0.00 | Feb 25, 2022 | The interface of a certain HarmonyOS module has a UAF vulnerability. Successful exploitation of this vulnerability may lead to information leakage. | ||
| CVE-2021-22441 | Med | 0.36 | 5.5 | 0.00 | Feb 25, 2022 | Some Huawei products have an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to kernel crash. | ||
| CVE-2021-40045 | Med | 0.36 | 5.5 | 0.00 | Feb 9, 2022 | There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality. | ||
| CVE-2021-39991 | Med | 0.36 | 5.5 | 0.00 | Feb 9, 2022 | There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality. | ||
| CVE-2021-39986 | Med | 0.36 | 5.5 | 0.00 | Feb 9, 2022 | There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality. | ||
| CVE-2021-37115 | Med | 0.36 | 5.5 | 0.00 | Feb 9, 2022 | There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality. |
- risk 0.38cvss 5.9epss 0.00
There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to motionhub crash.
- risk 0.38cvss 5.9epss 0.00
There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected…
- risk 0.38cvss 5.9epss 0.00
There is a issue that nodes in the linked list being freed for multiple times in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause the system to restart.
- risk 0.38cvss 5.9epss 0.01
E5572-855 with versions earlier than 8.0.1.3(H335SP1C233) has an improper authentication vulnerability. The device does not perform a sufficient authentication when doing certain operations, successful exploit could allow an attacker to cause the device to reboot after launch a…
- risk 0.38cvss 5.9epss 0.01
There is an out-of-bounds write vulnerability on Huawei P20 smartphones with versions before 8.1.0.171(C00). The software does not handle the response message properly when the user doing certain inquiry operation, an attacker could send crafted message to the device, successful…
- risk 0.38cvss 5.9epss 0.01
There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information…
- risk 0.38cvss 5.9epss 0.01
Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations. Remote attackers can decrypt IPSEC tunnel ciphertext data by…
- risk 0.38cvss 5.9epss 0.01
Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; VP9660 V600R006C10; eSpace U1981 V100R001C20; V200R003C20; V200R003C30; V200R003C50 have a weak algorithm vulnerability. To exploit the vulnerability, a remote, unauthenticated attacker has to capture TLS…
- risk 0.38cvss 5.9epss 0.01
Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds…
- risk 0.38cvss 5.9epss 0.01
Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds…
- risk 0.38cvss 5.9epss 0.01
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing…
- risk 0.38cvss 5.9epss 0.01
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing…
- risk 0.38cvss 5.9epss 0.01
Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerability. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could…
- risk 0.38cvss 5.9epss 0.01
Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00,…
- risk 0.38cvss 5.9epss 0.01
IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078,…
- risk 0.38cvss 5.9epss 0.01
Huawei AR100, AR100-S, AR110-S, AR120, AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR510, DP300, NetEngine16EX, RP200, SRG1300, SRG2300, SRG3300, TE30, TE40, TE50, TE60, TP3106, TP3206, ViewPoint 8660, and ViewPoint 9030 have an…
- risk 0.38cvss 5.9epss 0.02
Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal.
- risk 0.38cvss 5.9epss 0.01
FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic algorithm vulnerability. Attackers may exploit the vulnerability to crack the cipher text and cause information leak on the transmission links.
- risk 0.38cvss 5.9epss 0.01
OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an information leakage vulnerability. Products use TLS1.0 to encrypt. Attackers can exploit TLS1.0's vulnerabilities to decrypt data to obtain sensitive information.
- risk 0.38cvss 5.9epss 0.01
Huawei AR1220 routers with software before V200R005SPH006 allow remote attackers to cause a denial of service (board reset) via vectors involving a large amount of traffic from the GE port to the FE port.
- risk 0.38cvss 5.9epss 0.01
Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00,…
- risk 0.38cvss 5.9epss 0.01
Memory leak in Huawei IPS Module, NGFW Module, NIP6300, NIP6600, and Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 V500R001C00 before V500R001C20SPC100, when in hot standby networking where two devices are not directly connected, allows remote attackers to cause…
- risk 0.37cvss 5.7epss 0.00
Out-of-bounds write vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
- risk 0.37cvss 5.7epss 0.00
UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
- risk 0.37cvss 5.7epss 0.00
The Huawei Share function of P20 phones with versions earlier than Emily-L29C 9.1.0.311 has an improper file management vulnerability. The attacker tricks the victim to perform certain operations on the mobile phone during file transfer. Because the file is not properly…
- risk 0.37cvss 5.7epss 0.00
The Near Field Communication (NFC) module in Mate 9 Huawei mobile phones with the versions before MHA-L29B 8.0.0.366(C567) has an information leak vulnerability due to insufficient validation on data transfer requests. When an affected mobile phone sends files to an attacker's…
- risk 0.37cvss 5.7epss 0.01
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V600R006C00; TE50 V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00; VP9660 V500R002C10 have an DoS vulnerability due to insufficient validation of the parameter when a putty comment key is loaded.…
- risk 0.37cvss 5.7epss 0.00
Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before…
- risk 0.36cvss 5.5epss 0.00
Permission control vulnerability in the file preview module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- risk 0.36cvss 5.6epss 0.00
Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability.
- risk 0.36cvss 5.5epss 0.00
Vulnerability of unauthorized file access in the Settings app. Successful exploitation of this vulnerability may cause unauthorized file access.
- risk 0.36cvss 5.5epss 0.00
Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the…
- risk 0.36cvss 5.5epss 0.00
There is an identity authentication bypass vulnerability in Huawei Children Smart Watch (Simba-AL00) 1.1.1.274. Successful exploitation of this vulnerability may cause the access control function of specific applications to fail.
- risk 0.36cvss 5.5epss 0.00
Huawei Aslan Children's Watch has an improper authorization vulnerability. Successful exploit could allow the attacker to access certain file.
- risk 0.36cvss 5.5epss 0.00
Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability.
- risk 0.36cvss 5.5epss 0.00
A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. Affected product versions include:JAD-AL50 versions 102.0.0.225(C00E220R3P4).
- risk 0.36cvss 5.5epss 0.00
Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality.
- risk 0.36cvss 5.5epss 0.00
The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability.
- risk 0.36cvss 5.5epss 0.00
AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability.
- risk 0.36cvss 5.5epss 0.00
The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.
- risk 0.36cvss 5.5epss 0.00
The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.
- risk 0.36cvss 5.5epss 0.00
The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.
- risk 0.36cvss 5.5epss 0.00
There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality.
- risk 0.36cvss 5.5epss 0.00
The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.
- risk 0.36cvss 5.5epss 0.00
The interface of a certain HarmonyOS module has a UAF vulnerability. Successful exploitation of this vulnerability may lead to information leakage.
- risk 0.36cvss 5.5epss 0.00
Some Huawei products have an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.
- risk 0.36cvss 5.5epss 0.00
There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality.
- risk 0.36cvss 5.5epss 0.00
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.
- risk 0.36cvss 5.5epss 0.00
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.
- risk 0.36cvss 5.5epss 0.00
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.
Page 25 of 46