VYPR

Vendor CVEs

Huawei

All CVEs

2,254 total · sorted by risk
  • CVE-2015-8675MedJan 15, 2016
    risk 0.40cvss 6.2epss 0.00

    Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password when uploading files, which allows physically proximate attackers to obtain sensitive password information by reading the display.

  • CVE-2017-8189MedNov 22, 2017
    risk 0.39cvss 6.0epss 0.00

    FusionSphere OpenStack V100R006C00SPC102(NFV)has a path traversal vulnerability. Due to insufficient path validation, an attacker with high privilege may exploit this vulnerability to cover some files, causing services abnormal.

  • CVE-2026-34859MedApr 13, 2026
    risk 0.38cvss 5.9epss 0.00

    UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

  • CVE-2017-17305MedAug 21, 2018
    risk 0.38cvss 5.9epss 0.01

    Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations. Remote attackers can decrypt IPSEC tunnel ciphertext data by…

  • CVE-2017-17174MedJul 31, 2018
    risk 0.38cvss 5.9epss 0.01

    Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; VP9660 V600R006C10; eSpace U1981 V100R001C20; V200R003C20; V200R003C30; V200R003C50 have a weak algorithm vulnerability. To exploit the vulnerability, a remote, unauthenticated attacker has to capture TLS…

  • CVE-2017-17217MedMar 9, 2018
    risk 0.38cvss 5.9epss 0.01

    Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds…

  • CVE-2017-17216MedMar 9, 2018
    risk 0.38cvss 5.9epss 0.01

    Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds…

  • CVE-2017-17200MedMar 9, 2018
    risk 0.38cvss 5.9epss 0.01

    Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing…

  • CVE-2017-17199MedMar 9, 2018
    risk 0.38cvss 5.9epss 0.01

    Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing…

  • CVE-2017-17167MedMar 9, 2018
    risk 0.38cvss 5.9epss 0.01

    Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerability. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could…

  • CVE-2017-17160MedFeb 15, 2018
    risk 0.38cvss 5.9epss 0.01

    Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00,…

  • CVE-2017-17152MedFeb 15, 2018
    risk 0.38cvss 5.9epss 0.01

    IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078,…

  • CVE-2017-17151MedFeb 15, 2018
    risk 0.38cvss 5.9epss 0.01

    Huawei AR100, AR100-S, AR110-S, AR120, AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR510, DP300, NetEngine16EX, RP200, SRG1300, SRG2300, SRG3300, TE30, TE40, TE50, TE60, TP3106, TP3206, ViewPoint 8660, and ViewPoint 9030 have an…

  • CVE-2014-5394MedJan 8, 2018
    risk 0.38cvss 5.9epss 0.02

    Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal.

  • CVE-2017-8191MedNov 22, 2017
    risk 0.38cvss 5.9epss 0.01

    FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic algorithm vulnerability. Attackers may exploit the vulnerability to crack the cipher text and cause information leak on the transmission links.

  • CVE-2017-8157MedNov 22, 2017
    risk 0.38cvss 5.9epss 0.01

    OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an information leakage vulnerability. Products use TLS1.0 to encrypt. Attackers can exploit TLS1.0's vulnerabilities to decrypt data to obtain sensitive information.

  • CVE-2015-2255MedJun 8, 2017
    risk 0.38cvss 5.9epss 0.01

    Huawei AR1220 routers with software before V200R005SPH006 allow remote attackers to cause a denial of service (board reset) via vectors involving a large amount of traffic from the GE port to the FE port.

  • CVE-2016-8795MedApr 2, 2017
    risk 0.38cvss 5.9epss 0.01

    Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00,…

  • CVE-2016-5435MedJun 24, 2016
    risk 0.38cvss 5.9epss 0.01

    Memory leak in Huawei IPS Module, NGFW Module, NIP6300, NIP6600, and Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 V500R001C00 before V500R001C20SPC100, when in hot standby networking where two devices are not directly connected, allows remote attackers to cause…

  • CVE-2026-34855MedApr 13, 2026
    risk 0.37cvss 5.7epss 0.00

    Out-of-bounds write vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

  • CVE-2026-34854MedApr 13, 2026
    risk 0.37cvss 5.7epss 0.00

    UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

  • CVE-2018-7930MedApr 11, 2018
    risk 0.37cvss 5.7epss 0.00

    The Near Field Communication (NFC) module in Mate 9 Huawei mobile phones with the versions before MHA-L29B 8.0.0.366(C567) has an information leak vulnerability due to insufficient validation on data transfer requests. When an affected mobile phone sends files to an attacker's…

  • CVE-2017-17131MedMar 5, 2018
    risk 0.37cvss 5.7epss 0.01

    Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V600R006C00; TE50 V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00; VP9660 V500R002C10 have an DoS vulnerability due to insufficient validation of the parameter when a putty comment key is loaded.…

  • CVE-2016-8790MedApr 2, 2017
    risk 0.37cvss 5.7epss 0.00

    Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before…

  • CVE-2026-41980MedJun 9, 2026
    risk 0.36cvss 5.5epss 0.00

    Permission control vulnerability in the file preview module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

  • CVE-2026-34867MedApr 13, 2026
    risk 0.36cvss 5.6epss 0.00

    Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability.

  • CVE-2018-7907MedSep 26, 2018
    risk 0.36cvss 5.5epss 0.01

    Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001,…

  • CVE-2018-7906MedSep 12, 2018
    risk 0.36cvss 5.5epss 0.01

    Some Huawei smart phones with software of Leland-AL00 8.0.0.114(C636), Leland-AL00A 8.0.0.171(C00) have a denial of service (DoS) vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the…

  • CVE-2018-7992MedJul 31, 2018
    risk 0.36cvss 5.5epss 0.01

    Mdapt Driver of Huawei MediaPad M3 BTV-W09C128B353CUSTC128D001; Mate 9 Pro versions earlier than 8.0.0.356(C00); P10 Plus versions earlier than 8.0.0.357(C00) has a buffer overflow vulnerability. The driver does not sufficiently validate the input, an attacker could trick the…

  • CVE-2018-7934MedJul 31, 2018
    risk 0.36cvss 5.5epss 0.01

    Some Huawei mobile phone with the versions before BLA-L29 8.0.0.145(C432) have a denial of service (DoS) vulnerability because they do not adapt to specific screen gestures. An attacker may trick users into installing a malicious app. As a result, apps running on the frontend…

  • CVE-2018-7899MedApr 19, 2018
    risk 0.36cvss 5.5epss 0.01

    The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00), 8.0.0.122(C00), 8.0.0.132(C00), 8.0.0.132D(C00), 8.0.0.142(C00), 8.0.0.151(C00),…

  • CVE-2017-17313MedApr 19, 2018
    risk 0.36cvss 5.5epss 0.01

    The inputhub driver of HUAWEI P9 Lite mobile phones with Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396 has a buffer overflow…

  • CVE-2017-17319MedMar 20, 2018
    risk 0.36cvss 5.5epss 0.01

    Huawei P9 smartphones with the versions before EVA-AL10C00B399SP02 have an information disclosure vulnerability. The software does not properly protect certain resource which can be accessed by multithreading. An attacker tricks the user who has root privilege to install a…

  • CVE-2017-17307MedMar 20, 2018
    risk 0.36cvss 5.5epss 0.01

    Some Huawei Smartphones with software of VNS-L21AUTC555B141 have an out-of-bounds read vulnerability. Due to the lack string terminator of string, an attacker tricks a user into installing a malicious application, and the application can exploit the vulnerability and make…

  • CVE-2017-17306MedMar 20, 2018
    risk 0.36cvss 5.5epss 0.01

    Some Huawei Smartphones with software of VNS-L21AUTC555B141, VNS-L21C10B160, VNS-L21C66B160, VNS-L21C703B140 have an array out-of-bounds read vulnerability. Due to the lack verification of array, an attacker tricks a user into installing a malicious application, and the…

  • CVE-2017-15323MedMar 9, 2018
    risk 0.36cvss 5.5epss 0.00

    Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C30, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, TE60 V100R001C01, V100R001C10, V100R003C00, V500R002C00, V600R006C00, TP3106 V100R001C06, V100R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00,…

  • CVE-2017-15314MedMar 9, 2018
    risk 0.36cvss 5.5epss 0.00

    Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40…

  • CVE-2017-17328MedMar 9, 2018
    risk 0.36cvss 5.5epss 0.01

    Huawei smartphones with software of MHA-AL00AC00B125 have an integer overflow vulnerability. The software does not process certain variable properly when handle certain process. An attacker tricks the user who has root privilege to install a crafted application, successful…

  • CVE-2017-17327MedMar 9, 2018
    risk 0.36cvss 5.5epss 0.01

    Huawei smartphones with software of MHA-AL00AC00B125 have an improper resource management vulnerability. The software does not properly manage the resource when do device register operation. An attacker tricks the user who has root privilege to install a crafted application,…

  • CVE-2017-17279MedMar 9, 2018
    risk 0.36cvss 5.5epss 0.01

    The soundtrigger module in Huawei Mate 9 Pro smart phones with software of the versions before LON-AL00B 8.0.0.343(C00) has an authentication bypass vulnerability due to the improper design of the module. An attacker tricks a user into installing a malicious application, and the…

  • CVE-2017-17150MedMar 9, 2018
    risk 0.36cvss 5.5epss 0.00

    Timergrp module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an DoS vulnerability due to insufficient…

  • CVE-2017-17148MedMar 9, 2018
    risk 0.36cvss 5.5epss 0.00

    Huawei DP300 V500R002C00 have a DoS vulnerability due to the lack of validation when the malloc is called. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks.

  • CVE-2017-17147MedMar 9, 2018
    risk 0.36cvss 5.5epss 0.00

    Huawei DP300 V500R002C00 have an integer overflow vulnerability due to the lack of validation. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks.

  • CVE-2017-17140MedMar 5, 2018
    risk 0.36cvss 5.5epss 0.01

    Huawei Enjoy 5s and Y6 Pro smartphones with software the versions before TAG-AL00C92B170; the versions before TIT-L01C576B121 have an information leak vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious application on the…

  • CVE-2017-17139MedMar 5, 2018
    risk 0.36cvss 5.5epss 0.01

    Huawei Mate 9 and Mate 9 pro smart phones with software the versions before MHA-AL00B 8.0.0.334(C00); the versions before LON-AL00B 8.0.0.334(C00) have a information leak vulnerability in the date service proxy implementation. An attacker may trick a user into installing a…

  • CVE-2017-17138MedMar 5, 2018
    risk 0.36cvss 5.5epss 0.00

    PEM module of DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00;…

  • CVE-2017-17137MedMar 5, 2018
    risk 0.36cvss 5.5epss 0.00

    PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00;…

  • CVE-2017-17136MedMar 5, 2018
    risk 0.36cvss 5.5epss 0.00

    PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00;…

  • CVE-2017-17135MedMar 5, 2018
    risk 0.36cvss 5.5epss 0.00

    PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00;…

  • CVE-2017-17134MedMar 5, 2018
    risk 0.36cvss 5.5epss 0.00

    XML parser in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has a DoS vulnerability. Due to not check the…

Page 8 of 46