VYPR

Vendor CVEs

Huawei

All CVEs

2,253 total · sorted by risk
  • CVE-2021-37082MedDec 7, 2021
    risk 0.38cvss 5.9epss 0.00

    There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to motionhub crash.

  • CVE-2021-22356MedNov 23, 2021
    risk 0.38cvss 5.9epss 0.00

    There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected…

  • CVE-2021-36987MedOct 28, 2021
    risk 0.38cvss 5.9epss 0.00

    There is a issue that nodes in the linked list being freed for multiple times in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause the system to restart.

  • CVE-2019-5253MedDec 13, 2019
    risk 0.38cvss 5.9epss 0.01

    E5572-855 with versions earlier than 8.0.1.3(H335SP1C233) has an improper authentication vulnerability. The device does not perform a sufficient authentication when doing certain operations, successful exploit could allow an attacker to cause the device to reboot after launch a…

  • CVE-2018-7987MedDec 4, 2018
    risk 0.38cvss 5.9epss 0.01

    There is an out-of-bounds write vulnerability on Huawei P20 smartphones with versions before 8.1.0.171(C00). The software does not handle the response message properly when the user doing certain inquiry operation, an attacker could send crafted message to the device, successful…

  • CVE-2018-7959MedNov 27, 2018
    risk 0.38cvss 5.9epss 0.01

    There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may cause sensitive information…

  • CVE-2017-17305MedAug 21, 2018
    risk 0.38cvss 5.9epss 0.01

    Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations. Remote attackers can decrypt IPSEC tunnel ciphertext data by…

  • CVE-2017-17174MedJul 31, 2018
    risk 0.38cvss 5.9epss 0.01

    Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; VP9660 V600R006C10; eSpace U1981 V100R001C20; V200R003C20; V200R003C30; V200R003C50 have a weak algorithm vulnerability. To exploit the vulnerability, a remote, unauthenticated attacker has to capture TLS…

  • CVE-2017-17217MedMar 9, 2018
    risk 0.38cvss 5.9epss 0.01

    Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds…

  • CVE-2017-17216MedMar 9, 2018
    risk 0.38cvss 5.9epss 0.01

    Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds…

  • CVE-2017-17200MedMar 9, 2018
    risk 0.38cvss 5.9epss 0.01

    Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing…

  • CVE-2017-17199MedMar 9, 2018
    risk 0.38cvss 5.9epss 0.01

    Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing…

  • CVE-2017-17167MedMar 9, 2018
    risk 0.38cvss 5.9epss 0.01

    Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerability. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could…

  • CVE-2017-17160MedFeb 15, 2018
    risk 0.38cvss 5.9epss 0.01

    Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00,…

  • CVE-2017-17152MedFeb 15, 2018
    risk 0.38cvss 5.9epss 0.01

    IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078,…

  • CVE-2017-17151MedFeb 15, 2018
    risk 0.38cvss 5.9epss 0.01

    Huawei AR100, AR100-S, AR110-S, AR120, AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR510, DP300, NetEngine16EX, RP200, SRG1300, SRG2300, SRG3300, TE30, TE40, TE50, TE60, TP3106, TP3206, ViewPoint 8660, and ViewPoint 9030 have an…

  • CVE-2014-5394MedJan 8, 2018
    risk 0.38cvss 5.9epss 0.02

    Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal.

  • CVE-2017-8191MedNov 22, 2017
    risk 0.38cvss 5.9epss 0.01

    FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic algorithm vulnerability. Attackers may exploit the vulnerability to crack the cipher text and cause information leak on the transmission links.

  • CVE-2017-8157MedNov 22, 2017
    risk 0.38cvss 5.9epss 0.01

    OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an information leakage vulnerability. Products use TLS1.0 to encrypt. Attackers can exploit TLS1.0's vulnerabilities to decrypt data to obtain sensitive information.

  • CVE-2015-2255MedJun 8, 2017
    risk 0.38cvss 5.9epss 0.01

    Huawei AR1220 routers with software before V200R005SPH006 allow remote attackers to cause a denial of service (board reset) via vectors involving a large amount of traffic from the GE port to the FE port.

  • CVE-2016-8795MedApr 2, 2017
    risk 0.38cvss 5.9epss 0.01

    Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00,…

  • CVE-2016-5435MedJun 24, 2016
    risk 0.38cvss 5.9epss 0.01

    Memory leak in Huawei IPS Module, NGFW Module, NIP6300, NIP6600, and Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 V500R001C00 before V500R001C20SPC100, when in hot standby networking where two devices are not directly connected, allows remote attackers to cause…

  • CVE-2026-34855MedApr 13, 2026
    risk 0.37cvss 5.7epss 0.00

    Out-of-bounds write vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

  • CVE-2026-34854MedApr 13, 2026
    risk 0.37cvss 5.7epss 0.00

    UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

  • CVE-2019-5211MedNov 29, 2019
    risk 0.37cvss 5.7epss 0.00

    The Huawei Share function of P20 phones with versions earlier than Emily-L29C 9.1.0.311 has an improper file management vulnerability. The attacker tricks the victim to perform certain operations on the mobile phone during file transfer. Because the file is not properly…

  • CVE-2018-7930MedApr 11, 2018
    risk 0.37cvss 5.7epss 0.00

    The Near Field Communication (NFC) module in Mate 9 Huawei mobile phones with the versions before MHA-L29B 8.0.0.366(C567) has an information leak vulnerability due to insufficient validation on data transfer requests. When an affected mobile phone sends files to an attacker's…

  • CVE-2017-17131MedMar 5, 2018
    risk 0.37cvss 5.7epss 0.01

    Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V600R006C00; TE50 V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00; VP9660 V500R002C10 have an DoS vulnerability due to insufficient validation of the parameter when a putty comment key is loaded.…

  • CVE-2016-8790MedApr 2, 2017
    risk 0.37cvss 5.7epss 0.00

    Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before…

  • CVE-2026-41980MedJun 9, 2026
    risk 0.36cvss 5.5epss 0.00

    Permission control vulnerability in the file preview module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

  • CVE-2026-34867MedApr 13, 2026
    risk 0.36cvss 5.6epss 0.00

    Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability.

  • CVE-2023-49248MedDec 6, 2023
    risk 0.36cvss 5.5epss 0.00

    Vulnerability of unauthorized file access in the Settings app. Successful exploitation of this vulnerability may cause unauthorized file access.

  • CVE-2022-48518MedJul 6, 2023
    risk 0.36cvss 5.5epss 0.00

    Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the…

  • CVE-2022-48305MedFeb 27, 2023
    risk 0.36cvss 5.5epss 0.00

    There is an identity authentication bypass vulnerability in Huawei Children Smart Watch (Simba-AL00) 1.1.1.274. Successful exploitation of this vulnerability may cause the access control function of specific applications to fail.

  • CVE-2022-45874MedDec 28, 2022
    risk 0.36cvss 5.5epss 0.00

    Huawei Aslan Children's Watch has an improper authorization vulnerability. Successful exploit could allow the attacker to access certain file.

  • CVE-2022-41590MedDec 20, 2022
    risk 0.36cvss 5.5epss 0.00

    Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability.

  • CVE-2021-46834MedSep 20, 2022
    risk 0.36cvss 5.5epss 0.00

    A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. Affected product versions include:JAD-AL50 versions 102.0.0.225(C00E220R3P4).

  • CVE-2022-31752MedJun 13, 2022
    risk 0.36cvss 5.5epss 0.00

    Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality.

  • CVE-2022-31763MedJun 13, 2022
    risk 0.36cvss 5.5epss 0.00

    The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability.

  • CVE-2022-31759MedJun 13, 2022
    risk 0.36cvss 5.5epss 0.00

    AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability.

  • CVE-2022-31756MedJun 13, 2022
    risk 0.36cvss 5.5epss 0.00

    The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.

  • CVE-2022-31755MedJun 13, 2022
    risk 0.36cvss 5.5epss 0.00

    The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.

  • CVE-2022-31751MedJun 13, 2022
    risk 0.36cvss 5.5epss 0.00

    The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.

  • CVE-2021-37103MedFeb 25, 2022
    risk 0.36cvss 5.5epss 0.00

    There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality.

  • CVE-2021-22479MedFeb 25, 2022
    risk 0.36cvss 5.5epss 0.00

    The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.

  • CVE-2021-22478MedFeb 25, 2022
    risk 0.36cvss 5.5epss 0.00

    The interface of a certain HarmonyOS module has a UAF vulnerability. Successful exploitation of this vulnerability may lead to information leakage.

  • CVE-2021-22441MedFeb 25, 2022
    risk 0.36cvss 5.5epss 0.00

    Some Huawei products have an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.

  • CVE-2021-40045MedFeb 9, 2022
    risk 0.36cvss 5.5epss 0.00

    There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality.

  • CVE-2021-39991MedFeb 9, 2022
    risk 0.36cvss 5.5epss 0.00

    There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.

  • CVE-2021-39986MedFeb 9, 2022
    risk 0.36cvss 5.5epss 0.00

    There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.

  • CVE-2021-37115MedFeb 9, 2022
    risk 0.36cvss 5.5epss 0.00

    There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.

Page 25 of 46