Vendor CVEs
Huawei
All CVEs
2,254 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-22488 | 0.00 | — | 0.01 | Oct 28, 2021 | There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups. | |||
| CVE-2021-22487 | 0.00 | — | 0.01 | Oct 28, 2021 | There is an Out-of-bounds read vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service availability. | |||
| CVE-2021-22486 | 0.00 | — | 0.01 | Oct 28, 2021 | There is a issue of Unstandardized field names in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-22485 | 0.00 | — | 0.01 | Oct 28, 2021 | There is a SSID vulnerability with Wi-Fi network connections in Huawei devices.Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-22483 | 0.00 | — | 0.01 | Oct 28, 2021 | There is a issue of IP address spoofing in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS. | |||
| CVE-2021-22475 | 0.00 | — | 0.01 | Oct 28, 2021 | There is an Improper permission management vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-22474 | 0.00 | — | 0.01 | Oct 28, 2021 | There is an Out-of-bounds memory access in Huawei Smartphone.Successful exploitation of this vulnerability may cause process exceptions. | |||
| CVE-2021-22473 | 0.00 | — | 0.01 | Oct 28, 2021 | There is an Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-22472 | 0.00 | — | 0.01 | Oct 28, 2021 | There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-22407 | 0.00 | — | 0.01 | Oct 28, 2021 | There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-22406 | 0.00 | — | 0.01 | Oct 28, 2021 | There is an Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly. | |||
| CVE-2021-22405 | 0.00 | — | 0.01 | Oct 28, 2021 | There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. | |||
| CVE-2021-22404 | 0.00 | — | 0.01 | Oct 28, 2021 | There is a Directory traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-22403 | 0.00 | — | 0.01 | Oct 28, 2021 | There is a vulnerability of hijacking unverified providers in Huawei Smartphone.Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands. | |||
| CVE-2021-22402 | 0.00 | — | 0.01 | Oct 28, 2021 | There is a DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS attacks. | |||
| CVE-2021-22401 | 0.00 | — | 0.01 | Oct 28, 2021 | There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability can affect service integrity. | |||
| CVE-2021-22482 | 0.00 | — | 0.00 | Oct 28, 2021 | There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of invalid data. | |||
| CVE-2021-22481 | 0.00 | — | 0.01 | Oct 28, 2021 | There is a Verification errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2021-22436 | 0.00 | — | 0.01 | Oct 28, 2021 | There is a Logic Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability. | |||
| CVE-2021-37129 | 0.00 | — | 0.01 | Oct 27, 2021 | There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected… | |||
| CVE-2021-37122 | 0.00 | — | 0.00 | Oct 27, 2021 | There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800… | |||
| CVE-2021-37130 | 0.00 | — | 0.01 | Oct 27, 2021 | There is a path traversal vulnerability in Huawei FusionCube 6.0.2.The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a directory that is located underneath a restricted parent directory, but the software does… | |||
| CVE-2021-37127 | 0.00 | — | 0.01 | Oct 27, 2021 | There is a signature management vulnerability in some huawei products. An attacker can forge signature and bypass the signature check. During firmware update process, successful exploit this vulnerability can cause the forged system file overwrite the correct system file.… | |||
| CVE-2021-37124 | 0.00 | — | 0.00 | Oct 27, 2021 | There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport… | |||
| CVE-2021-37105 | 0.00 | — | 0.01 | Sep 28, 2021 | There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the… | |||
| CVE-2021-37106 | 0.00 | — | 0.01 | Sep 28, 2021 | There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently… | |||
| CVE-2021-37104 | 0.00 | — | 0.01 | Sep 28, 2021 | There is a server-side request forgery vulnerability in HUAWEI P40 versions 10.1.0.118(C00E116R3P3). This vulnerability is due to insufficient validation of parameters while dealing with some messages. A successful exploit could allow the attacker to gain access to certain… | |||
| CVE-2021-37101 | 0.00 | — | 0.00 | Sep 9, 2021 | There is an improper authorization vulnerability in AIS-BW50-00 9.0.6.2(H100SP10C00) and 9.0.6.2(H100SP15C00). Due to improper authorization mangement, an attakcer can exploit this vulnerability by physical accessing the device and implant malicious code. Successfully exploit… | |||
| CVE-2021-22449 | 0.00 | — | 0.01 | Aug 23, 2021 | There is a logic vulnerability in Elf-G10HN 1.0.0.608. An unauthenticated attacker could perform specific operations to exploit this vulnerability. Due to insufficient security design, successful exploit could allow an attacker to add users to be friends without prompting in the… | |||
| CVE-2021-22357 | 0.00 | — | 0.01 | Aug 23, 2021 | There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service.… | |||
| CVE-2021-22328 | 0.00 | — | 0.01 | Aug 23, 2021 | There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine… | |||
| CVE-2021-37028 | 0.00 | — | 0.00 | Aug 13, 2021 | There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands. | |||
| CVE-2021-22295 | 0.00 | — | 0.00 | Aug 6, 2021 | A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler. | |||
| CVE-2021-22423 | 0.00 | — | 0.00 | Aug 3, 2021 | A component of the HarmonyOS has a Out-of-bounds Write Vulnerability. Local attackers may exploit this vulnerability to cause integer overflow. | |||
| CVE-2021-22420 | 0.00 | — | 0.00 | Aug 3, 2021 | A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause the underlying trust of the application trustlist mechanism is missing.. | |||
| CVE-2021-22418 | 0.00 | — | 0.00 | Aug 3, 2021 | A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting. | |||
| CVE-2021-22419 | 0.00 | — | 0.00 | Aug 3, 2021 | A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to cause persistent dos. | |||
| CVE-2021-22425 | 0.00 | — | 0.00 | Aug 3, 2021 | A component of the HarmonyOS has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevating Privileges. | |||
| CVE-2021-22416 | 0.00 | — | 0.00 | Aug 3, 2021 | A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution. | |||
| CVE-2021-22421 | 0.00 | — | 0.00 | Aug 3, 2021 | A component of the HarmonyOS has a Improper Privilege Management vulnerability. Local attackers may exploit this vulnerability to cause further Elevation of Privileges. | |||
| CVE-2021-22424 | 0.00 | — | 0.00 | Aug 3, 2021 | A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability. Local attackers may exploit this vulnerability to cause Kernel Denial of Service. | |||
| CVE-2021-22417 | 0.00 | — | 0.00 | Aug 3, 2021 | A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Memory Leakage. | |||
| CVE-2021-22422 | 0.00 | — | 0.00 | Aug 3, 2021 | A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting. | |||
| CVE-2021-22400 | 0.00 | — | 0.00 | Aug 3, 2021 | Some Huawei Smartphones has an insufficient input validation vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The app can modify specific parameters, causing the system to crash. Affected product… | |||
| CVE-2021-22447 | 0.00 | — | 0.01 | Aug 2, 2021 | There is an Improper Check for Unusual or Exceptional Conditions Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset. | |||
| CVE-2021-22446 | 0.00 | — | 0.01 | Aug 2, 2021 | There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset. | |||
| CVE-2021-22445 | 0.00 | — | 0.01 | Aug 2, 2021 | There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset. | |||
| CVE-2021-22444 | 0.00 | — | 0.01 | Aug 2, 2021 | There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause code injection. | |||
| CVE-2021-22443 | 0.00 | — | 0.01 | Aug 2, 2021 | There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause random address access. | |||
| CVE-2021-22442 | 0.00 | — | 0.00 | Aug 2, 2021 | There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset. |
- CVE-2021-22488Oct 28, 2021risk 0.00cvss —epss 0.01
There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups.
- CVE-2021-22487Oct 28, 2021risk 0.00cvss —epss 0.01
There is an Out-of-bounds read vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service availability.
- CVE-2021-22486Oct 28, 2021risk 0.00cvss —epss 0.01
There is a issue of Unstandardized field names in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-22485Oct 28, 2021risk 0.00cvss —epss 0.01
There is a SSID vulnerability with Wi-Fi network connections in Huawei devices.Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-22483Oct 28, 2021risk 0.00cvss —epss 0.01
There is a issue of IP address spoofing in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS.
- CVE-2021-22475Oct 28, 2021risk 0.00cvss —epss 0.01
There is an Improper permission management vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-22474Oct 28, 2021risk 0.00cvss —epss 0.01
There is an Out-of-bounds memory access in Huawei Smartphone.Successful exploitation of this vulnerability may cause process exceptions.
- CVE-2021-22473Oct 28, 2021risk 0.00cvss —epss 0.01
There is an Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-22472Oct 28, 2021risk 0.00cvss —epss 0.01
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-22407Oct 28, 2021risk 0.00cvss —epss 0.01
There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-22406Oct 28, 2021risk 0.00cvss —epss 0.01
There is an Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly.
- CVE-2021-22405Oct 28, 2021risk 0.00cvss —epss 0.01
There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
- CVE-2021-22404Oct 28, 2021risk 0.00cvss —epss 0.01
There is a Directory traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-22403Oct 28, 2021risk 0.00cvss —epss 0.01
There is a vulnerability of hijacking unverified providers in Huawei Smartphone.Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands.
- CVE-2021-22402Oct 28, 2021risk 0.00cvss —epss 0.01
There is a DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS attacks.
- CVE-2021-22401Oct 28, 2021risk 0.00cvss —epss 0.01
There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability can affect service integrity.
- CVE-2021-22482Oct 28, 2021risk 0.00cvss —epss 0.00
There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of invalid data.
- CVE-2021-22481Oct 28, 2021risk 0.00cvss —epss 0.01
There is a Verification errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2021-22436Oct 28, 2021risk 0.00cvss —epss 0.01
There is a Logic Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability.
- CVE-2021-37129Oct 27, 2021risk 0.00cvss —epss 0.01
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected…
- CVE-2021-37122Oct 27, 2021risk 0.00cvss —epss 0.00
There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800…
- CVE-2021-37130Oct 27, 2021risk 0.00cvss —epss 0.01
There is a path traversal vulnerability in Huawei FusionCube 6.0.2.The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a directory that is located underneath a restricted parent directory, but the software does…
- CVE-2021-37127Oct 27, 2021risk 0.00cvss —epss 0.01
There is a signature management vulnerability in some huawei products. An attacker can forge signature and bypass the signature check. During firmware update process, successful exploit this vulnerability can cause the forged system file overwrite the correct system file.…
- CVE-2021-37124Oct 27, 2021risk 0.00cvss —epss 0.00
There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport…
- CVE-2021-37105Sep 28, 2021risk 0.00cvss —epss 0.01
There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the…
- CVE-2021-37106Sep 28, 2021risk 0.00cvss —epss 0.01
There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently…
- CVE-2021-37104Sep 28, 2021risk 0.00cvss —epss 0.01
There is a server-side request forgery vulnerability in HUAWEI P40 versions 10.1.0.118(C00E116R3P3). This vulnerability is due to insufficient validation of parameters while dealing with some messages. A successful exploit could allow the attacker to gain access to certain…
- CVE-2021-37101Sep 9, 2021risk 0.00cvss —epss 0.00
There is an improper authorization vulnerability in AIS-BW50-00 9.0.6.2(H100SP10C00) and 9.0.6.2(H100SP15C00). Due to improper authorization mangement, an attakcer can exploit this vulnerability by physical accessing the device and implant malicious code. Successfully exploit…
- CVE-2021-22449Aug 23, 2021risk 0.00cvss —epss 0.01
There is a logic vulnerability in Elf-G10HN 1.0.0.608. An unauthenticated attacker could perform specific operations to exploit this vulnerability. Due to insufficient security design, successful exploit could allow an attacker to add users to be friends without prompting in the…
- CVE-2021-22357Aug 23, 2021risk 0.00cvss —epss 0.01
There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service.…
- CVE-2021-22328Aug 23, 2021risk 0.00cvss —epss 0.01
There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine…
- CVE-2021-37028Aug 13, 2021risk 0.00cvss —epss 0.00
There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands.
- CVE-2021-22295Aug 6, 2021risk 0.00cvss —epss 0.00
A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler.
- CVE-2021-22423Aug 3, 2021risk 0.00cvss —epss 0.00
A component of the HarmonyOS has a Out-of-bounds Write Vulnerability. Local attackers may exploit this vulnerability to cause integer overflow.
- CVE-2021-22420Aug 3, 2021risk 0.00cvss —epss 0.00
A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause the underlying trust of the application trustlist mechanism is missing..
- CVE-2021-22418Aug 3, 2021risk 0.00cvss —epss 0.00
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting.
- CVE-2021-22419Aug 3, 2021risk 0.00cvss —epss 0.00
A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to cause persistent dos.
- CVE-2021-22425Aug 3, 2021risk 0.00cvss —epss 0.00
A component of the HarmonyOS has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevating Privileges.
- CVE-2021-22416Aug 3, 2021risk 0.00cvss —epss 0.00
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution.
- CVE-2021-22421Aug 3, 2021risk 0.00cvss —epss 0.00
A component of the HarmonyOS has a Improper Privilege Management vulnerability. Local attackers may exploit this vulnerability to cause further Elevation of Privileges.
- CVE-2021-22424Aug 3, 2021risk 0.00cvss —epss 0.00
A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability. Local attackers may exploit this vulnerability to cause Kernel Denial of Service.
- CVE-2021-22417Aug 3, 2021risk 0.00cvss —epss 0.00
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Memory Leakage.
- CVE-2021-22422Aug 3, 2021risk 0.00cvss —epss 0.00
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting.
- CVE-2021-22400Aug 3, 2021risk 0.00cvss —epss 0.00
Some Huawei Smartphones has an insufficient input validation vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The app can modify specific parameters, causing the system to crash. Affected product…
- CVE-2021-22447Aug 2, 2021risk 0.00cvss —epss 0.01
There is an Improper Check for Unusual or Exceptional Conditions Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
- CVE-2021-22446Aug 2, 2021risk 0.00cvss —epss 0.01
There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
- CVE-2021-22445Aug 2, 2021risk 0.00cvss —epss 0.01
There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
- CVE-2021-22444Aug 2, 2021risk 0.00cvss —epss 0.01
There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause code injection.
- CVE-2021-22443Aug 2, 2021risk 0.00cvss —epss 0.01
There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause random address access.
- CVE-2021-22442Aug 2, 2021risk 0.00cvss —epss 0.00
There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.
Page 37 of 46