Vendor CVEs
Huawei
All CVEs
2,254 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-8153 | Hig | 0.46 | 7.1 | 0.01 | Nov 22, 2017 | Huawei VMall (for Android) with the versions before 1.5.8.5 have a privilege elevation vulnerability due to improper design. An attacker can trick users into installing a malicious app which can send out HTTP requests and execute JavaScript code in web pages without obtaining… | ||
| CVE-2017-2735 | Hig | 0.46 | 7.1 | 0.01 | Nov 22, 2017 | TIT-AL00 smartphones with software versions earlier before TIT-AL00C583B214 have a exposed system interface vulnerability. The software provides a system interface for interaction with external applications, but calling the interface is not properly restricted. An attacker could… | ||
| CVE-2017-2707 | Hig | 0.46 | 7.1 | 0.00 | Nov 22, 2017 | Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. An attacker tricks a user to save a rich media into message on the smart phone, which could be exploited to cause the attacker to delete message or fake user to send… | ||
| CVE-2017-2706 | Hig | 0.46 | 7.1 | 0.01 | Nov 22, 2017 | Mate 9 smartphones with software MHA-AL00AC00B125 have a directory traversal vulnerability in Push module. Since the system does not verify the file name during decompression, system directories are traversed. It could be exploited to cause the attacker to replace files and… | ||
| CVE-2015-4422 | Hig | 0.46 | 7.0 | 0.01 | Oct 19, 2017 | The TEEOS module in Huawei Mate 7 (Mate7-TL10) smartphones before V100R001CHNC00B126SP03 allows local users with root permissions to gain privileges or cause a denial of service (memory corruption) via a crafted application. | ||
| CVE-2015-7842 | Hig | 0.46 | 7.1 | 0.01 | Oct 10, 2017 | Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before… | ||
| CVE-2016-8794 | Hig | 0.46 | 7.1 | 0.01 | Apr 2, 2017 | Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before… | ||
| CVE-2016-8792 | Hig | 0.46 | 7.1 | 0.01 | Apr 2, 2017 | Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before… | ||
| CVE-2016-8791 | Hig | 0.46 | 7.1 | 0.01 | Apr 2, 2017 | Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before… | ||
| CVE-2016-6179 | Hig | 0.46 | 7.0 | 0.00 | Sep 7, 2016 | The WiFi driver in Huawei Honor 6 smartphones with software H60-L01 before H60-L01C00B850, H60-L11 before H60-L11C00B850, H60-L21 before H60-L21C00B850, H60-L02 before H60-L02C00B850, H60-L12 before H60-L12C00B850, and H60-L03 before H60-L03C01B850 allows attackers to cause a… | ||
| CVE-2016-6184 | Hig | 0.46 | 7.0 | 0.00 | Sep 7, 2016 | The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted… | ||
| CVE-2016-6183 | Hig | 0.46 | 7.0 | 0.00 | Sep 7, 2016 | The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted… | ||
| CVE-2016-6182 | Hig | 0.46 | 7.0 | 0.01 | Sep 7, 2016 | The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted… | ||
| CVE-2016-6181 | Hig | 0.46 | 7.0 | 0.00 | Sep 7, 2016 | The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted… | ||
| CVE-2016-6180 | Hig | 0.46 | 7.0 | 0.00 | Sep 7, 2016 | The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted… | ||
| CVE-2015-8333 | Hig | 0.46 | 7.1 | 0.01 | Jan 11, 2016 | The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 allows remote authenticated users to change the IP address of the media server via crafted packets. | ||
| CVE-2026-28553 | Med | 0.45 | 6.9 | 0.00 | Apr 13, 2026 | Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||
| CVE-2026-34864 | Med | 0.44 | 6.8 | 0.00 | Apr 13, 2026 | Boundary-unlimited vulnerability in the application read module. Impact: Successful exploitation of this vulnerability may affect availability. | ||
| CVE-2026-34863 | Med | 0.44 | 6.7 | 0.00 | Apr 13, 2026 | Out-of-bounds write vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability. | ||
| CVE-2018-7929 | Med | 0.44 | 6.8 | 0.00 | Sep 18, 2018 | Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.167(C786) have a lock-screen bypass vulnerability. An attacker could unlock and use the phone through certain operations. | ||
| CVE-2018-7944 | Med | 0.44 | 6.8 | 0.00 | Jul 5, 2018 | Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. An attacker gets some user's smart phone and performs some special operations in the guide function. The attacker may exploit the… | ||
| CVE-2017-17161 | Med | 0.44 | 6.8 | 0.00 | Feb 15, 2018 | The 'Find Phone' function in some Huawei smart phones with software earlier than Duke-L09C10B186 versions, earlier than Duke-L09C432B187 versions, earlier than Duke-L09C636B186 versions has an authentication bypass vulnerability. Due to improper authentication realization in the… | ||
| CVE-2017-15351 | Med | 0.44 | 6.8 | 0.00 | Feb 15, 2018 | The 'Find Phone' function in Huawei Honor V9 play smart phones with versions earlier than Jimmy-AL00AC00B135 has an authentication bypass vulnerability. Due to improper authentication realization in the 'Find Phone' function. An attacker may exploit the vulnerability to bypass… | ||
| CVE-2017-8206 | Med | 0.44 | 6.8 | 0.00 | Nov 22, 2017 | HONOR 7 Lite mobile phones with software of versions earlier than NEM-L21C432B352 have an App Lock bypass vulnerability. An attacker could perform specific operations to bypass the App Lock to use apps on a target mobile phone temporarily. | ||
| CVE-2017-8190 | Med | 0.44 | 6.7 | 0.00 | Nov 22, 2017 | FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software. | ||
| CVE-2017-8166 | Med | 0.44 | 6.8 | 0.00 | Nov 22, 2017 | Huawei mobile phones Honor V9 with the software versions before Duke-AL20C00B195 have an App Lock bypass vulnerability. An attacker could perform specific operations to bypass the App Lock to use apps on a target mobile phone. | ||
| CVE-2017-8156 | Med | 0.44 | 6.8 | 0.00 | Nov 22, 2017 | The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on the serial port. An attacker can access the serial port on the circuit board of the outdoor unit and log in to the CPE without authentication. Successful… | ||
| CVE-2017-8151 | Med | 0.44 | 6.8 | 0.00 | Nov 22, 2017 | Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have an authentication bypass vulnerability due to the improper design of some components. An attacker can get a user's smart phone and install malicious apps in the mobile phone, allowing the… | ||
| CVE-2017-2723 | Med | 0.44 | 6.7 | 0.00 | Nov 22, 2017 | The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. An attacker with the root privilege of an Android system could forge the Safe to read users' plaintext Safe passwords, leading to… | ||
| CVE-2017-2703 | Med | 0.44 | 6.8 | 0.00 | Nov 22, 2017 | Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier before EVA-AL10C00B373,Versions earlier before EVA-CL10C00B373,Versions earlier… | ||
| CVE-2017-2702 | Med | 0.44 | 6.8 | 0.00 | Nov 22, 2017 | Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass. An attacker can bypass the Phone Finder by special steps and obtain the owner of the phone. | ||
| CVE-2017-2691 | Med | 0.44 | 6.8 | 0.00 | Nov 22, 2017 | Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass vulnerability. An unauthenticated attacker could force the phone to the fastboot… | ||
| CVE-2015-6592 | Med | 0.44 | 6.8 | 0.00 | Sep 25, 2017 | Huawei UAP2105 before V300R012C00SPC160(BootRom) does not require authentication to the serial port or the VxWorks shell. | ||
| CVE-2016-8793 | Med | 0.44 | 6.7 | 0.00 | Apr 2, 2017 | Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before… | ||
| CVE-2016-8775 | Med | 0.44 | 6.7 | 0.00 | Apr 2, 2017 | Touch Panel (TP) driver in Huawei NEM phones with software Versions before NEM-AL10C00B130, Versions before NEM-UL10C17B160, Versions before NEM-UL10C00B160, Versions before NEM-TL00C01B160 allows attackers to get root privilege or crash the system or execute arbitrary code,… | ||
| CVE-2016-8774 | Med | 0.44 | 6.7 | 0.00 | Apr 2, 2017 | The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386, versions before NXT-CL00C92B386, versions before NXT-DL00C17B386, versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368,… | ||
| CVE-2015-8673 | Med | 0.44 | 6.8 | 0.00 | Jan 12, 2016 | Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before V100R001C10SPC100 do not require entry of the old password when changing the password for the Debug account, which allows physically proximate attackers to change the password by… | ||
| CVE-2026-41976 | Med | 0.43 | 6.6 | 0.00 | Jun 9, 2026 | Permission control vulnerability in the audio framework. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||
| CVE-2016-6898 | Med | 0.43 | 6.6 | 0.01 | Sep 7, 2016 | XML external entity (XXE) vulnerability in the Hyper Management Module (HMM) in Huawei E9000 rack servers with software before V100R001C00SPC296 allows remote authenticated users to read arbitrary files or cause a denial of service (web service outage) via a crafted XML document. | ||
| CVE-2026-41982 | Med | 0.42 | 6.4 | 0.00 | Jun 9, 2026 | Race condition vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability. | ||
| CVE-2017-17175 | Med | 0.42 | 6.5 | 0.00 | Jul 2, 2018 | Short Message Service (SMS) module of Mate 9 Pro Huawei smart phones with the versions before LON-AL00B 8.0.0.354(C00) has a Denial of Service (DoS) vulnerability. An unauthenticated attacker may set up a pseudo base station, and send special malware text message to the phone,… | ||
| CVE-2017-17318 | Med | 0.42 | 6.5 | 0.00 | Apr 30, 2018 | Huawei MBB (Mobile Broadband) products E5771h-937 with the versions before E5771h-937TCPU-V200R001B328D62SP00C1133 and the versions before E5771h-937TCPU-V200R001B329D05SP00C1308 have a Denial of Service (DoS) vulnerability. When an attacker accessing device sends special http… | ||
| CVE-2017-15315 | Med | 0.42 | 6.5 | 0.01 | Mar 9, 2018 | Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6500 V500R001C20SPC100, V500R001C20SPC200 has a memory leak vulnerability. An authenticated… | ||
| CVE-2017-17304 | Med | 0.42 | 6.5 | 0.01 | Mar 9, 2018 | The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit… | ||
| CVE-2017-17250 | Med | 0.42 | 6.5 | 0.01 | Mar 9, 2018 | Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; AR150 V200R005C32; AR150-S V200R005C32; AR160 V200R005C32; AR200 V200R005C32; AR200-S V200R005C32; AR2200-S V200R005C32; AR3200 V200R005C32; V200R007C00; AR510 V200R005C32; NetEngine16EX V200R005C32; SRG1300… | ||
| CVE-2017-17170 | Med | 0.42 | 6.5 | 0.01 | Mar 9, 2018 | The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit… | ||
| CVE-2017-17169 | Med | 0.42 | 6.5 | 0.01 | Mar 9, 2018 | The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit… | ||
| CVE-2017-17168 | Med | 0.42 | 6.5 | 0.01 | Mar 9, 2018 | The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit… | ||
| CVE-2017-17159 | Med | 0.42 | 6.5 | 0.00 | Feb 15, 2018 | Some Huawei smart phones with software of NXT-AL10C00B386, NXT-CL00C92B386, NXT-DL00C17B386, NXT-TL00C01B386SP01, NTS-AL00C00B535 have a DoS vulnerability due to insufficient input validation. An unauthenticated attacker could send malformed System Information(SI) messages to… | ||
| CVE-2017-15322 | Med | 0.42 | 6.5 | 0.00 | Dec 22, 2017 | Some Huawei smartphones with software of BGO-L03C158B003CUSTC158D001 and BGO-L03C331B009CUSTC331D001 have a DoS vulnerability due to insufficient input validation. An attacker could exploit this vulnerability by sending specially crafted NFC messages to the target device.… |
- risk 0.46cvss 7.1epss 0.01
Huawei VMall (for Android) with the versions before 1.5.8.5 have a privilege elevation vulnerability due to improper design. An attacker can trick users into installing a malicious app which can send out HTTP requests and execute JavaScript code in web pages without obtaining…
- risk 0.46cvss 7.1epss 0.01
TIT-AL00 smartphones with software versions earlier before TIT-AL00C583B214 have a exposed system interface vulnerability. The software provides a system interface for interaction with external applications, but calling the interface is not properly restricted. An attacker could…
- risk 0.46cvss 7.1epss 0.00
Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. An attacker tricks a user to save a rich media into message on the smart phone, which could be exploited to cause the attacker to delete message or fake user to send…
- risk 0.46cvss 7.1epss 0.01
Mate 9 smartphones with software MHA-AL00AC00B125 have a directory traversal vulnerability in Push module. Since the system does not verify the file name during decompression, system directories are traversed. It could be exploited to cause the attacker to replace files and…
- risk 0.46cvss 7.0epss 0.01
The TEEOS module in Huawei Mate 7 (Mate7-TL10) smartphones before V100R001CHNC00B126SP03 allows local users with root permissions to gain privileges or cause a denial of service (memory corruption) via a crafted application.
- risk 0.46cvss 7.1epss 0.01
Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before…
- risk 0.46cvss 7.1epss 0.01
Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before…
- risk 0.46cvss 7.1epss 0.01
Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before…
- risk 0.46cvss 7.1epss 0.01
Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before…
- risk 0.46cvss 7.0epss 0.00
The WiFi driver in Huawei Honor 6 smartphones with software H60-L01 before H60-L01C00B850, H60-L11 before H60-L11C00B850, H60-L21 before H60-L21C00B850, H60-L02 before H60-L02C00B850, H60-L12 before H60-L12C00B850, and H60-L03 before H60-L03C01B850 allows attackers to cause a…
- risk 0.46cvss 7.0epss 0.00
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted…
- risk 0.46cvss 7.0epss 0.00
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted…
- risk 0.46cvss 7.0epss 0.01
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted…
- risk 0.46cvss 7.0epss 0.00
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted…
- risk 0.46cvss 7.0epss 0.00
The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted…
- risk 0.46cvss 7.1epss 0.01
The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 allows remote authenticated users to change the IP address of the media server via crafted packets.
- risk 0.45cvss 6.9epss 0.00
Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- risk 0.44cvss 6.8epss 0.00
Boundary-unlimited vulnerability in the application read module. Impact: Successful exploitation of this vulnerability may affect availability.
- risk 0.44cvss 6.7epss 0.00
Out-of-bounds write vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability.
- risk 0.44cvss 6.8epss 0.00
Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.167(C786) have a lock-screen bypass vulnerability. An attacker could unlock and use the phone through certain operations.
- risk 0.44cvss 6.8epss 0.00
Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. An attacker gets some user's smart phone and performs some special operations in the guide function. The attacker may exploit the…
- risk 0.44cvss 6.8epss 0.00
The 'Find Phone' function in some Huawei smart phones with software earlier than Duke-L09C10B186 versions, earlier than Duke-L09C432B187 versions, earlier than Duke-L09C636B186 versions has an authentication bypass vulnerability. Due to improper authentication realization in the…
- risk 0.44cvss 6.8epss 0.00
The 'Find Phone' function in Huawei Honor V9 play smart phones with versions earlier than Jimmy-AL00AC00B135 has an authentication bypass vulnerability. Due to improper authentication realization in the 'Find Phone' function. An attacker may exploit the vulnerability to bypass…
- risk 0.44cvss 6.8epss 0.00
HONOR 7 Lite mobile phones with software of versions earlier than NEM-L21C432B352 have an App Lock bypass vulnerability. An attacker could perform specific operations to bypass the App Lock to use apps on a target mobile phone temporarily.
- risk 0.44cvss 6.7epss 0.00
FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software.
- risk 0.44cvss 6.8epss 0.00
Huawei mobile phones Honor V9 with the software versions before Duke-AL20C00B195 have an App Lock bypass vulnerability. An attacker could perform specific operations to bypass the App Lock to use apps on a target mobile phone.
- risk 0.44cvss 6.8epss 0.00
The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on the serial port. An attacker can access the serial port on the circuit board of the outdoor unit and log in to the CPE without authentication. Successful…
- risk 0.44cvss 6.8epss 0.00
Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have an authentication bypass vulnerability due to the improper design of some components. An attacker can get a user's smart phone and install malicious apps in the mobile phone, allowing the…
- risk 0.44cvss 6.7epss 0.00
The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. An attacker with the root privilege of an Android system could forge the Safe to read users' plaintext Safe passwords, leading to…
- risk 0.44cvss 6.8epss 0.00
Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier before EVA-AL10C00B373,Versions earlier before EVA-CL10C00B373,Versions earlier…
- risk 0.44cvss 6.8epss 0.00
Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass. An attacker can bypass the Phone Finder by special steps and obtain the owner of the phone.
- risk 0.44cvss 6.8epss 0.00
Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass vulnerability. An unauthenticated attacker could force the phone to the fastboot…
- risk 0.44cvss 6.8epss 0.00
Huawei UAP2105 before V300R012C00SPC160(BootRom) does not require authentication to the serial port or the VxWorks shell.
- risk 0.44cvss 6.7epss 0.00
Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before…
- risk 0.44cvss 6.7epss 0.00
Touch Panel (TP) driver in Huawei NEM phones with software Versions before NEM-AL10C00B130, Versions before NEM-UL10C17B160, Versions before NEM-UL10C00B160, Versions before NEM-TL00C01B160 allows attackers to get root privilege or crash the system or execute arbitrary code,…
- risk 0.44cvss 6.7epss 0.00
The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386, versions before NXT-CL00C92B386, versions before NXT-DL00C17B386, versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368,…
- risk 0.44cvss 6.8epss 0.00
Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before V100R001C10SPC100 do not require entry of the old password when changing the password for the Debug account, which allows physically proximate attackers to change the password by…
- risk 0.43cvss 6.6epss 0.00
Permission control vulnerability in the audio framework. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- risk 0.43cvss 6.6epss 0.01
XML external entity (XXE) vulnerability in the Hyper Management Module (HMM) in Huawei E9000 rack servers with software before V100R001C00SPC296 allows remote authenticated users to read arbitrary files or cause a denial of service (web service outage) via a crafted XML document.
- risk 0.42cvss 6.4epss 0.00
Race condition vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability.
- risk 0.42cvss 6.5epss 0.00
Short Message Service (SMS) module of Mate 9 Pro Huawei smart phones with the versions before LON-AL00B 8.0.0.354(C00) has a Denial of Service (DoS) vulnerability. An unauthenticated attacker may set up a pseudo base station, and send special malware text message to the phone,…
- risk 0.42cvss 6.5epss 0.00
Huawei MBB (Mobile Broadband) products E5771h-937 with the versions before E5771h-937TCPU-V200R001B328D62SP00C1133 and the versions before E5771h-937TCPU-V200R001B329D05SP00C1308 have a Denial of Service (DoS) vulnerability. When an attacker accessing device sends special http…
- risk 0.42cvss 6.5epss 0.01
Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6500 V500R001C20SPC100, V500R001C20SPC200 has a memory leak vulnerability. An authenticated…
- risk 0.42cvss 6.5epss 0.01
The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit…
- risk 0.42cvss 6.5epss 0.01
Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; AR150 V200R005C32; AR150-S V200R005C32; AR160 V200R005C32; AR200 V200R005C32; AR200-S V200R005C32; AR2200-S V200R005C32; AR3200 V200R005C32; V200R007C00; AR510 V200R005C32; NetEngine16EX V200R005C32; SRG1300…
- risk 0.42cvss 6.5epss 0.01
The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit…
- risk 0.42cvss 6.5epss 0.01
The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit…
- risk 0.42cvss 6.5epss 0.01
The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit…
- risk 0.42cvss 6.5epss 0.00
Some Huawei smart phones with software of NXT-AL10C00B386, NXT-CL00C92B386, NXT-DL00C17B386, NXT-TL00C01B386SP01, NTS-AL00C00B535 have a DoS vulnerability due to insufficient input validation. An unauthenticated attacker could send malformed System Information(SI) messages to…
- risk 0.42cvss 6.5epss 0.00
Some Huawei smartphones with software of BGO-L03C158B003CUSTC158D001 and BGO-L03C331B009CUSTC331D001 have a DoS vulnerability due to insufficient input validation. An attacker could exploit this vulnerability by sending specially crafted NFC messages to the target device.…
Page 6 of 46