VYPR

Vendor CVEs

Huawei

All CVEs

2,254 total · sorted by risk
  • CVE-2017-17137MedMar 5, 2018
    risk 0.36cvss 5.5epss 0.00

    PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00;…

  • CVE-2017-17136MedMar 5, 2018
    risk 0.36cvss 5.5epss 0.00

    PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00;…

  • CVE-2017-17135MedMar 5, 2018
    risk 0.36cvss 5.5epss 0.00

    PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00;…

  • CVE-2017-17134MedMar 5, 2018
    risk 0.36cvss 5.5epss 0.00

    XML parser in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has a DoS vulnerability. Due to not check the…

  • CVE-2017-17133MedMar 5, 2018
    risk 0.36cvss 5.5epss 0.00

    Huawei VP9660 V500R002C10 has a null pointer reference vulnerability in license module due to insufficient verification. An authenticated local attacker could place a malicious license file into system which cause memory null pointer accessing and related processing crash. The…

  • CVE-2017-17132MedMar 5, 2018
    risk 0.36cvss 5.5epss 0.00

    Huawei VP9660 V500R002C10 has a uncontrolled format string vulnerability when the license module output the log information. An authenticated local attacker could exploit this vulnerability to cause a denial of service.

  • CVE-2017-17291MedFeb 15, 2018
    risk 0.36cvss 5.5epss 0.00

    Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01,…

  • CVE-2017-17201MedFeb 15, 2018
    risk 0.36cvss 5.5epss 0.01

    Some huawei smartphones with software BTV-DL09C233B350, Berlin-L21HNC432B360, Berlin-L22HNC636B360, Berlin-L24HNC567B360, Berlin-L21C10B130, Berlin-L21C185B132, Berlin-L21C464B130, Berlin-L22C346B140, Berlin-L22C636B160, Berlin-L23C605B131, Berlin-L23DOMC109B160,…

  • CVE-2017-17163MedFeb 15, 2018
    risk 0.36cvss 5.5epss 0.00

    Huawei Secospace USG6600 V500R001C30SPC100 has an Out-of-Bounds memory access vulnerability due to insufficient verification. An authenticated local attacker can make processing crash by executing some commands. The attacker can exploit this vulnerability to cause a denial of…

  • CVE-2017-17162MedFeb 15, 2018
    risk 0.36cvss 5.5epss 0.00

    Huawei Secospace USG6600 V500R001C30SPC100, Secospace USG6600 V500R001C30SPC200, Secospace USG6600 V500R001C30SPC300, USG9500 V500R001C30SPC100, USG9500 V500R001C30SPC200, USG9500 V500R001C30SPC300 have a memory leak vulnerability due to memory don't be released when an local…

  • CVE-2017-15347MedFeb 15, 2018
    risk 0.36cvss 5.5epss 0.01

    Huawei Mate 9 Pro mobile phones with software of versions earlier than LON-AL00BC00B235 have a use after free (UAF) vulnerability. An attacker tricks a user into installing a malicious application, and the application can riggers access memory after free it. A local attacker may…

  • CVE-2017-15340MedFeb 15, 2018
    risk 0.36cvss 5.5epss 0.01

    Huawei smartphones with software of TAG-AL00C92B168 have an information disclosure vulnerability. An attacker tricks the user to install a crafted application, this application simulate click action to back up data in a non-encrypted way using an Android assist function.…

  • CVE-2017-15330MedFeb 15, 2018
    risk 0.36cvss 5.5epss 0.01

    The Flp Driver in some Huawei smartphones of the software Vicky-AL00AC00B124D, Vicky-AL00AC00B157D, Vicky-AL00AC00B167 has a double free vulnerability. An attacker can trick a user to install a malicious application which has a high privilege to exploit this vulnerability.…

  • CVE-2017-8216MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    Warsaw Huawei Smart phones with software of versions earlier than Warsaw-AL00C00B180, versions earlier than Warsaw-TL10C01B180 have a permission control vulnerability. Due to improper authorization on specific processes, an attacker with the root privilege of a mobile Android…

  • CVE-2017-8202MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    The CameraISP driver of some Huawei smart phones with software of versions earlier than Prague-AL00AC00B205,versions earlier than Prague-AL00BC00B205,versions earlier than Prague-AL00CC00B205,versions earlier than Prague-TL00AC01B205,versions earlier than Prague-TL10AC01B205 has…

  • CVE-2017-8186MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    The Bastet of some Huawei mobile phones with software of earlier than MHA-AL00BC00B231 versions has a DOS vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The APP can modify specific parameter to cause system…

  • CVE-2017-8184MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory access vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and send given…

  • CVE-2017-8183MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory access vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and send given…

  • CVE-2017-8175MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    The Bastet of some Huawei mobile phones with software earlier than Vicky-AL00AC00B167 versions, earlier than Victoria-AL00AC00B167 versions, earlier than Warsaw-AL00C00B191 versions has an insufficient input validation vulnerability due to the lack of parameter validation. An…

  • CVE-2017-8172MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    Isub service in P10 Plus and P10 smart phones with earlier than VKY-AL00C00B157 versions and earlier than VTR-AL00C00B157 versions has a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and the…

  • CVE-2017-8149MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162 have an out-of-bounds memory access vulnerability due to the lack of parameter…

  • CVE-2017-8146MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, versions before VTR-TL00C01B167, versions before VKY-AL00C00B167, versions before VKY-TL00C01B167 has a DoS vulnerability. An attacker may trick a user into installing a malicious…

  • CVE-2017-8145MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, versions before VTR-TL00C01B167, versions before VKY-AL00C00B167, versions before VKY-TL00C01B167 has a DoS vulnerability. An attacker may trick a user into installing a malicious…

  • CVE-2017-8144MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003,the versions before Prague-L03C605B161,the versions before Prague-L23C605B160,the versions before MHA-AL00C00B225,the versions before…

  • CVE-2017-8143MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software versions earlier than NEM-L21C432B351 and versions earlier than VNS-L21C10B381 has a DoS vulnerability. An attacker may trick a user into installing a malicious application and the application can access…

  • CVE-2017-8136MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability. An attacker could exploit it to download arbitrary files on a target device to cause information leak.

  • CVE-2017-2734MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.00

    P9 Plus smartphones with software versions earlier before VIE-AL10BC00B386 have a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and the application can send given parameter to specific interface,…

  • CVE-2017-2733MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    Honor 6X smartphones with software versions earlier than BLN-AL10C00B357 and versions earlier than BLN-AL20C00B357 have an information leak vulnerability due to improper file permission configuration. An attacker tricks a user into installing a malicious application on the smart…

  • CVE-2017-2732MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    Huawei Hilink APP Versions earlier before 5.0.25.306 has an information leak vulnerability. An attacker may trick a user into installing a malicious application and application can access Hilink APP data.

  • CVE-2017-2731MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    The vibrator service in P9 Plus smart phones with software versions earlier before VIE-AL10C00B386 has DoS vulnerability. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone vibrator service interface…

  • CVE-2017-2711MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    P9 Plus smartphones with software earlier than VIE-AL10C00B352 versions have an input validation vulnerability in the touchscreen Driver. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash…

  • CVE-2017-2709MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    HiGame with software earlier than 7.3.0 versions, SkyTone with software earlier than 8.1.1 versions have a DoS Vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, the attacker can send malformed packets to the device. Due to the…

  • CVE-2017-2695MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.01

    TIT-AL00C583B211 has a directory traversal vulnerability which allows an attacker to obtain the files in email application.

  • CVE-2017-2690MedNov 22, 2017
    risk 0.36cvss 5.5epss 0.00

    SoftCo with software V200R003C20,eSpace U1910 with software V200R003C00, V200R003C20 and V200R003C30,eSpace U1911 with software V200R003C20, V200R003C30,eSpace U1930 with software V200R003C20 and V200R003C30,eSpace U1960 with software V200R003C20, V200R003C30,eSpace U1980 with…

  • CVE-2015-8223MedApr 13, 2017
    risk 0.36cvss 5.5epss 0.00

    Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B85, and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) by leveraging camera permissions and via crafted input to the camera driver.

  • CVE-2015-7740MedApr 13, 2017
    risk 0.36cvss 5.5epss 0.00

    Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B851 and P8 ALE-UL00 before ALE-UL00B211 allows local users to cause a denial of service (OS crash) via vectors involving an application that passes crafted input to the GPU driver.

  • CVE-2016-8758MedApr 2, 2017
    risk 0.36cvss 5.5epss 0.01

    ION memory management module in Huawei Mate8 phones with software NXT-AL10C00B561 and earlier versions, NXT-CL10C00B561 and earlier versions, NXT-DL10C00B561 and earlier versions, NXT-TL10C00B561 and earlier versions allows attackers to cause a denial of service (restart).

  • CVE-2016-8756MedApr 2, 2017
    risk 0.36cvss 5.5epss 0.01

    ION memory management module in Huawei Mate 8 phones with software NXT-AL10C00B197 and earlier versions, NXT-DL10C00B197 and earlier versions, NXT-TL10C00B197 and earlier versions, NXT-CL10C00B197 and earlier versions allows attackers to cause a denial of service (restart).

  • CVE-2015-7847MedApr 2, 2017
    risk 0.36cvss 5.5epss 0.00

    Huawei MBB (Mobile Broadband) product E3272s with software versions earlier than E3272s-153TCPU-V200R002B491D09SP00C00 has a Denial of Service (DoS) vulnerability. An attacker could send a malicious packet to the Common Gateway Interface (CGI) of a target device and make it fail…

  • CVE-2015-8678MedMar 24, 2017
    risk 0.36cvss 5.5epss 0.01

    The ION driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230 and Mate S smartphones with software CRR-TL00 before…

  • CVE-2016-8279MedSep 26, 2016
    risk 0.36cvss 5.5epss 0.01

    The video driver in Huawei Mate S smartphones with software CRR-TL00 before CRR-TL00C01B362, CRR-UL20 before CRR-UL20C00B362, CRR-CL00 before CRR-CL00C92B362, and CRR-CL20 before CRR-CL20C92B362; P8 smartphones with software GRA-TL00 before GRA-TL00C01B366, GRA-UL00 before…

  • CVE-2016-6900MedSep 7, 2016
    risk 0.36cvss 5.5epss 0.00

    The Intelligent Baseboard Management Controller (iBMC) in Huawei RH1288 V3 servers with software before V100R003C00SPC613; RH2288 V3 servers with software before V100R003C00SPC617; RH2288H V3 servers with software before V100R003C00SPC515; RH5885 V3 servers with software before…

  • CVE-2016-5232MedJun 30, 2016
    risk 0.36cvss 5.5epss 0.01

    Buffer overflow in Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (system crash) via a crafted app.

  • CVE-2016-4005MedJun 13, 2016
    risk 0.36cvss 5.5epss 0.00

    The Huawei Hilink App application before 3.19.2 for Android does not validate SSL certificates, which allows local users to have unspecified impact via unknown vectors, aka HWPSIRT-2016-03008.

  • CVE-2016-1496MedApr 13, 2016
    risk 0.36cvss 5.5epss 0.01

    The graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230 allows attackers to cause a denial of service…

  • CVE-2015-8679MedApr 7, 2016
    risk 0.36cvss 5.5epss 0.01

    The Maxim_smartpa_dev driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230 and Mate S smartphones with software…

  • CVE-2015-8305MedApr 7, 2016
    risk 0.36cvss 5.5epss 0.01

    Huawei Sophia-L10 smartphones with software before P7-L10C900B852 allow attackers to cause a denial of service (system panic) via a crafted application with the system or camera privilege.

  • CVE-2015-8337MedJan 12, 2016
    risk 0.36cvss 5.5epss 0.01

    The HIFI driver in Huawei P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, GRA-UL10 before GRA-UL10C00B220 and Mate7 phones with software MT7-UL00 before…

  • CVE-2015-8226MedJan 8, 2016
    risk 0.36cvss 5.5epss 0.01

    The Joint Photographic Experts Group Processing Unit (JPU) driver in Huawei ALE smartphones with software before ALE-UL00C00B220 and ALE-TL00C01B220 and GEM-703L smartphones with software before V100R001C233B111 allows remote attackers to cause a denial of service (crash) via a…

  • CVE-2015-8225MedJan 8, 2016
    risk 0.36cvss 5.5epss 0.01

    The Joint Photographic Experts Group Processing Unit (JPU) driver in Huawei ALE smartphones with software before ALE-UL00C00B220 and ALE-TL00C01B220 and GEM-703L smartphones with software before V100R001C233B111 allows remote attackers to cause a denial of service (crash) via a…

Page 28 of 46