Filtered by vendor Huawei
Subscribe
Total
2156 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-37122 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more | 2021-10-28 | 3.3 LOW | 6.5 MEDIUM |
| There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 6800 V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800;CloudEngine 7800 V200R005C10SPC800,V200R019C00SPC800. | |||||
| CVE-2021-37123 | 1 Huawei | 2 Hero-ct060, Hero-ct060 Firmware | 2021-10-18 | 7.5 HIGH | 9.8 CRITICAL |
| There is an improper authentication vulnerability in Hero-CT060 before 1.0.0.200. The vulnerability is due to that when an user wants to do certain operation, the software does not insufficiently validate the user's identity. Successful exploit could allow the attacker to do certain operations which the user are supposed not to do. | |||||
| CVE-2021-37104 | 1 Huawei | 2 P40, P40 Firmware | 2021-10-06 | 5.0 MEDIUM | 7.5 HIGH |
| There is a server-side request forgery vulnerability in HUAWEI P40 versions 10.1.0.118(C00E116R3P3). This vulnerability is due to insufficient validation of parameters while dealing with some messages. A successful exploit could allow the attacker to gain access to certain resource which the attacker are supposed not to do. | |||||
| CVE-2021-37105 | 1 Huawei | 1 Fusioncompute | 2021-10-06 | 4.3 MEDIUM | 7.5 HIGH |
| There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service abnormal. | |||||
| CVE-2016-3675 | 1 Huawei | 2 Policy Center, Policy Center Firmware | 2021-09-13 | 6.5 MEDIUM | 8.1 HIGH |
| SQL injection vulnerability in Huawei Policy Center with software before V100R003C10SPC020 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to system databases. | |||||
| CVE-2021-22357 | 1 Huawei | 8 S12700, S12700 Firmware, S5700 and 5 more | 2021-08-30 | 5.0 MEDIUM | 7.5 HIGH |
| There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages due to validating inputs insufficiently. Attackers can exploit this vulnerability by sending specific messages to affected module. This can cause denial of service. Affected product versions include: S12700 V200R013C00SPC500, V200R019C00SPC500; S5700 V200R013C00SPC500, V200R019C00SPC500; S6700 V200R013C00SPC500, V200R019C00SPC500; S7700 V200R013C00SPC500, V200R019C00SPC500. | |||||
| CVE-2021-37028 | 1 Huawei | 2 Hg8045q, Hg8045q Firmware | 2021-08-25 | 6.9 MEDIUM | 6.7 MEDIUM |
| There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands. | |||||
| CVE-2021-22295 | 1 Huawei | 1 Harmonyos | 2021-08-13 | 2.1 LOW | 5.5 MEDIUM |
| A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler. | |||||
| CVE-2021-22400 | 1 Huawei | 2 Oxfords-an00a, Oxfords-an00a Firmware | 2021-08-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| Some Huawei Smartphones has an insufficient input validation vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The app can modify specific parameters, causing the system to crash. Affected product include:OxfordS-AN00A 10.0.1.10(C00E10R1P1),10.0.1.105(C00E103R3P3),10.0.1.115(C00E110R3P3),10.0.1.123(C00E121R3P3),10.0.1.135(C00E130R3P3),10.0.1.135(C00E130R4P1),10.0.1.152(C00E140R4P1),10.0.1.160(C00E160R4P1),10.0.1.167(C00E166R4P1),10.0.1.173(C00E172R5P1),10.0.1.178(C00E175R5P1) and 10.1.0.202(C00E79R5P1). | |||||
| CVE-2021-22398 | 1 Huawei | 8 Hulk-al00c, Hulk-al00c Firmware, Jennifer-an00c and 5 more | 2021-08-11 | 2.1 LOW | 4.6 MEDIUM |
| There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations. Affected product versions include: Hulk-AL00C 9.1.1.201(C00E201R8P1);Jennifer-AN00C 10.1.1.171(C00E170R6P3);Jenny-AL10B 10.1.0.228(C00E220R5P1) and OxfordPL-AN10B 10.1.0.116(C00E110R2P1). | |||||
| CVE-2021-22396 | 1 Huawei | 4 Ecns280 Td, Ecns280 Td Firmware, Ese620x Vess and 1 more | 2021-08-11 | 4.6 MEDIUM | 7.8 HIGH |
| There is a privilege escalation vulnerability in some Huawei products. Due to improper privilege management, a local attacker with common privilege may access some specific files in the affected products. Successful exploit will cause privilege escalation.Affected product versions include:eCNS280_TD V100R005C00,V100R005C10;eSE620X vESS V100R001C10SPC200,V100R001C20SPC200. | |||||
| CVE-2021-22421 | 1 Huawei | 1 Harmonyos | 2021-08-11 | 7.2 HIGH | 7.8 HIGH |
| A component of the HarmonyOS has a Improper Privilege Management vulnerability. Local attackers may exploit this vulnerability to cause further Elevation of Privileges. | |||||
| CVE-2021-22422 | 1 Huawei | 1 Harmonyos | 2021-08-11 | 7.2 HIGH | 7.8 HIGH |
| A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting. | |||||
| CVE-2021-22419 | 1 Huawei | 1 Harmonyos | 2021-08-11 | 4.9 MEDIUM | 5.5 MEDIUM |
| A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to cause persistent dos. | |||||
| CVE-2021-22418 | 1 Huawei | 1 Harmonyos | 2021-08-11 | 7.2 HIGH | 7.8 HIGH |
| A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting. | |||||
| CVE-2021-22417 | 1 Huawei | 1 Harmonyos | 2021-08-11 | 4.9 MEDIUM | 5.5 MEDIUM |
| A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Memory Leakage. | |||||
| CVE-2021-22416 | 1 Huawei | 1 Harmonyos | 2021-08-11 | 7.2 HIGH | 7.8 HIGH |
| A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution. | |||||
| CVE-2021-22424 | 1 Huawei | 1 Harmonyos | 2021-08-11 | 4.9 MEDIUM | 5.5 MEDIUM |
| A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability. Local attackers may exploit this vulnerability to cause Kernel Denial of Service. | |||||
| CVE-2021-22423 | 1 Huawei | 1 Harmonyos | 2021-08-10 | 7.2 HIGH | 7.8 HIGH |
| A component of the HarmonyOS has a Out-of-bounds Write Vulnerability. Local attackers may exploit this vulnerability to cause integer overflow. | |||||
| CVE-2021-22425 | 1 Huawei | 1 Harmonyos | 2021-08-10 | 7.2 HIGH | 7.8 HIGH |
| A component of the HarmonyOS has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevating Privileges. | |||||