Filtered by vendor Huawei
Subscribe
Total
2156 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-8333 | 1 Huawei | 1 Vcn500 | 2016-01-12 | 5.5 MEDIUM | 7.1 HIGH |
| The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 allows remote authenticated users to change the IP address of the media server via crafted packets. | |||||
| CVE-2015-8231 | 1 Huawei | 2 Espace 7910, Espace 7950 | 2016-01-12 | 7.8 HIGH | 7.5 HIGH |
| Huawei eSpace 7910 and 7950 IP phones with software before V200R002C00SPC800 allow remote attackers with established sessions to cause a denial of service (device restart) via unspecified packets. | |||||
| CVE-2015-8230 | 1 Huawei | 1 Espace 8950 | 2016-01-12 | 7.8 HIGH | 7.5 HIGH |
| Memory leak in Huawei eSpace 8950 IP phones with software before V200R003C00SPC300 allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of crafted ARP packets. | |||||
| CVE-2015-8331 | 1 Huawei | 1 Vcn500 | 2016-01-11 | 5.8 MEDIUM | 7.4 HIGH |
| The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 does not properly invalidate the session ID when an "abnormal exit" occurs, which allows remote attackers to conduct replay attacks via the session ID. | |||||
| CVE-2015-8335 | 1 Huawei | 1 Vcn500 | 2016-01-11 | 4.0 MEDIUM | 6.5 MEDIUM |
| Huawei VCN500 with software before V100R002C00SPC201 logs passwords in cleartext, which allows remote authenticated users to obtain sensitive information by triggering log generation and then reading the log. | |||||
| CVE-2015-8084 | 1 Huawei | 5 Unified Security Gateway Firmware, Usg2100, Usg2200 and 2 more | 2015-12-08 | 7.1 HIGH | N/A |
| Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when "DHCP Snooping" is enabled and either "option82 insert" or "option82 rebuild" is enabled on an interface, allow remote attackers to cause a denial of service (reboot) via crafted DHCP packets. | |||||
| CVE-2015-8228 | 1 Huawei | 10 Ar120, Ar1200, Ar150 and 7 more | 2015-11-25 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V200R006SPH003 allows remote authenticated users to access arbitrary directories via unspecified vectors. | |||||
| CVE-2015-8087 | 1 Huawei | 6 Ne20e-s, Ne40e, Ne40e-m and 3 more | 2015-11-20 | 5.0 MEDIUM | N/A |
| Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a "VPN routing and forwarding (VRF) hopping vulnerability." | |||||
| CVE-2015-8083 | 1 Huawei | 7 Espace Firmware, Espace Unified Gateway U1910, Espace Unified Gateway U1911 and 4 more | 2015-11-20 | 7.8 HIGH | N/A |
| An unspecified module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V200R003C00SPC300 does not properly initialize memory when processing timeout messages, which allows remote attackers to cause a denial of service (out-of-bounds memory access and device restart) via unknown vectors. | |||||
| CVE-2015-7845 | 1 Huawei | 7 Espace Firmware, Espace Unified Gateway U1910, Espace Unified Gateway U1911 and 4 more | 2015-11-20 | 5.0 MEDIUM | N/A |
| The exception handling mechanism in the CLI Module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V100R001C20SPH605 allows remote attackers to cause a denial of service (CLI outage) via crafted SSH packets. | |||||
| CVE-2015-3912 | 1 Huawei | 3 E355s Mobile Wifi, E355s Mobile Wifi Firmware, Webui | 2015-05-22 | 5.0 MEDIUM | N/A |
| Huawei E355s Mobile WiFi with firmware before 22.158.45.02.625 and WEBUI before 13.100.04.01.625 allows remote attackers to obtain sensitive configuration information by sniffing the network or sending unspecified commands. | |||||
| CVE-2015-3911 | 1 Huawei | 2 E587 Mobile Wifi, E587 Mobile Wifi Firmware | 2015-05-22 | 9.0 HIGH | N/A |
| Huawei E587 Mobile WiFi with firmware before 11.203.30.00.00 allows remote attackers to bypass authentication, change configurations, send messages, and cause a denial of service (device restart) via unspecified vectors. | |||||
| CVE-2015-2347 | 1 Huawei | 1 Seq Analyst | 2015-05-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Huawei SEQ Analyst before V200R002C03LG0001CP0022 allows remote attackers to inject arbitrary web script or HTML via the command XML element in the req parameter to flexdata.action in (1) common/, (2) monitor/, or (3) psnpm/ or the (4) module XML element in the req parameter to flexdata.action in monitor/. | |||||
| CVE-2015-1460 | 1 Huawei | 10 Quidway Firmware, Quidway S2350, Quidway S2750 and 7 more | 2015-02-04 | 7.5 HIGH | N/A |
| Huawei Quidway switches with firmware before V200R005C00SPC300 allows remote attackers to gain privileges via a crafted packet. | |||||
| CVE-2014-9134 | 1 Huawei | 2 Honor Cube Wireless Router Ws860s, Honor Cube Wireless Router Ws860s Firewall | 2014-12-05 | 10.0 HIGH | N/A |
| Unrestricted file upload vulnerability in Huawei Honor Cube Wireless Router WS860s before V100R001C02B222 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors. | |||||
| CVE-2014-5328 | 1 Huawei | 2 E5332, E5332 Firmware | 2014-10-15 | 6.8 MEDIUM | N/A |
| Buffer overflow in the Webserver component on the Huawei E5332 router before 21.344.27.00.1080 allows remote authenticated users to cause a denial of service (reboot) via a long parameter in an API service request message. | |||||
| CVE-2014-5327 | 1 Huawei | 2 E5332, E5332 Firmware | 2014-10-15 | 6.8 MEDIUM | N/A |
| Buffer overflow in the Webserver component on the Huawei E5332 router before 21.344.27.00.1080 allows remote authenticated users to cause a denial of service (reboot) via a long URI. | |||||
| CVE-2014-2968 | 1 Huawei | 3 E355, E355 Firmware, E355 Web Ui | 2014-07-24 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web interface on the Huawei E355 CH1E355SM modem with software 21.157.37.01.910 and Web UI 11.001.08.00.03 allows remote attackers to inject arbitrary web script or HTML via an SMS message. | |||||
| CVE-2014-4190 | 1 Huawei | 13 Campus Lsw S9700, Campus S2350, Campus S2750 and 10 more | 2014-06-18 | 7.8 HIGH | N/A |
| Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet. | |||||
| CVE-2014-2946 | 1 Huawei | 3 E303 Modem, E303 Modem Firmware, Webui | 2014-06-18 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in api/sms/send-sms in the Web UI 11.010.06.01.858 on Huawei E303 modems with software 22.157.18.00.858 allows remote attackers to hijack the authentication of administrators for requests that perform API operations and send SMS messages via a request element in an XML document. | |||||