Filtered by vendor Huawei
Subscribe
Total
2156 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5241 | 1 Huawei | 1 Pcmanager | 2020-08-24 | 9.3 HIGH | 7.8 HIGH |
| There is a privilege escalation vulnerability in Huawei PCManager versions earlier than PCManager 9.0.1.50. The attacker can tricking a user to install and run a malicious application to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. | |||||
| CVE-2019-5297 | 1 Huawei | 2 Emily-l29c, Emily-l29c Firmware | 2020-08-24 | 2.1 LOW | 4.6 MEDIUM |
| Emily-L29C Huawei phones versions earlier than 9.0.0.159 (C185E2R1P12T8) have a Factory Reset Protection (FRP) bypass security vulnerability. Before the FRP account is verified and activated during the reset process, the attacker can perform some special operations to bypass the FRP function and obtain the right to use the mobile phone. | |||||
| CVE-2018-7951 | 1 Huawei | 40 1288h V5, 1288h V5 Firmware, 2288h V5 and 37 more | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers to obtain the management privilege of the system. | |||||
| CVE-2019-5279 | 1 Huawei | 2 Emily-l29c, Emily-l29c Firmware | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| Huawei smart phones Emily-L29C with Versions earlier than 9.1.0.311(C10E2R1P13T8), Versions earlier than 9.1.0.311(C461E2R1P11T8), Versions earlier than 9.1.0.316(C635E2R1P11T8), Versions earlier than 9.1.0.311(C185E2R1P12T8), Versions earlier than 9.1.0.311(C605E2R1P12T8), Versions earlier than 9.1.0.311(C636E7R1P13T8) have an information leakage vulnerability. An attacker tricks the user into installing a malicious application, which can copy specific files to the sdcard, resulting in information leakage. | |||||
| CVE-2019-5239 | 1 Huawei | 2 Pcmanager\(china\), Pcmanager\(oversea\) | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| Huawei PCManager with the versions before 9.0.1.66 (Oversea) and versions before 9.0.1.70 (China) have an information leak vulnerability. Successful exploitation may cause the attacker to read information. | |||||
| CVE-2019-5281 | 1 Huawei | 2 Y9 2019, Y9 2019 Firmware | 2020-08-24 | 2.1 LOW | 4.6 MEDIUM |
| There is an information leak vulnerability in some Huawei phones, versions earlier than Jackman-L21 8.2.0.155(C185R1P2). When a local attacker uses the camera of a smartphone, the attacker can exploit this vulnerability to obtain sensitive information by performing a series of operations. | |||||
| CVE-2019-5301 | 1 Huawei | 2 Honor V20, Honor V20 Firmware | 2020-08-24 | 4.3 MEDIUM | 3.3 LOW |
| Huawei smart phones Honor V20 with the versions before 9.0.1.161(C00E161R2P2) have an information leak vulnerability. An attacker may trick a user into installing a malicious application. Due to coding error during layer information processing, attackers can exploit this vulnerability to obtain some layer information. | |||||
| CVE-2019-5269 | 1 Huawei | 44 Cd10-10, Cd10-10 Firmware, Cd16-10 and 41 more | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Some Huawei home routers have an improper authorization vulnerability. Due to improper authorization of certain programs, an attacker can exploit this vulnerability to execute uploaded malicious files and escalate privilege. | |||||
| CVE-2019-5237 | 1 Huawei | 2 Pcmanager\(china\), Pcmanager\(oversea\) | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| Huawei PCManager with the versions before 9.0.1.66 (Oversea) and versions before 9.0.1.70 (China) have a code execution vulnerability. Successful exploitation may cause the attacker to execute code and read/write information. | |||||
| CVE-2019-5243 | 1 Huawei | 2 Hg255s, Hg255s Firmware | 2020-08-24 | 4.3 MEDIUM | 4.3 MEDIUM |
| There is a Clickjacking vulnerability in Huawei HG255s product. An attacker may trick user to click a link and affect the integrity of a device by exploiting this vulnerability. | |||||
| CVE-2019-5220 | 1 Huawei | 6 Honor Magic 2, Honor Magic 2 Firmware, Mate 20 and 3 more | 2020-08-24 | 2.1 LOW | 4.6 MEDIUM |
| There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step of setup wizard. Successful exploit could allow the attacker bypass the FRP protection. Affected products: Mate 20 X, versions earlier than Ever-AL00B 9.0.0.200(C00E200R2P1); Mate 20, versions earlier than Hima-AL00B/Hima-TL00B 9.0.0.200(C00E200R2P1); Honor Magic 2, versions earlier than Tony-AL00B/Tony-TL00B 9.0.0.182(C00E180R2P2). | |||||
| CVE-2019-5264 | 1 Huawei | 20 Changxiang 7s, Changxiang 7s Firmware, Changxiang 8 Plus and 17 more | 2020-08-24 | 2.1 LOW | 4.6 MEDIUM |
| There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure. | |||||
| CVE-2017-8216 | 1 Huawei | 2 P10 Lite, P10 Lite Firmware | 2020-08-24 | 7.1 HIGH | 5.5 MEDIUM |
| Warsaw Huawei Smart phones with software of versions earlier than Warsaw-AL00C00B180, versions earlier than Warsaw-TL10C01B180 have a permission control vulnerability. Due to improper authorization on specific processes, an attacker with the root privilege of a mobile Android system can exploit this vulnerability to obtain some information of the user. | |||||
| CVE-2019-5267 | 1 Huawei | 2 Oceanstor Sns3096, Oceanstor Sns3096 Firmware | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Huawei OceanStor SNS3096 V100R002C01 have an information disclosure vulnerability. Attackers with low privilege can exploit this vulnerability by performing some specific operations. Successful exploit of this vulnerability can cause some information disclosure. | |||||
| CVE-2018-7950 | 1 Huawei | 40 1288h V5, 1288h V5 Firmware, 2288h V5 and 37 more | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers to obtain the management privilege of the system. | |||||
| CVE-2019-5215 | 1 Huawei | 4 P30, P30 Firmware, P30 Pro and 1 more | 2020-08-24 | 4.3 MEDIUM | 6.8 MEDIUM |
| There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker could sniff, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data. (Vulnerability ID: HWPSIRT-2019-03109) | |||||
| CVE-2019-5306 | 1 Huawei | 2 P20, P20 Firmware | 2020-08-24 | 2.1 LOW | 4.6 MEDIUM |
| There is a Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions before Emily-AL00A 9.0.0.167(C00E81R1P21T8). When re-configuring the mobile phone using the FRP function, an attacker can delete the activation lock after a series of operations. As a result, the FRP function is bypassed and the attacker gains access to the smartphone. | |||||
| CVE-2019-5309 | 1 Huawei | 2 Honor Play, Honor Play Firmware | 2020-08-24 | 2.1 LOW | 4.6 MEDIUM |
| Honor play smartphones with versions earlier than 9.1.0.333(C00E333R1P1T8) have an information disclosure vulnerability in certain Huawei . An attacker could view certain information after a series of operation without unlock the screen lock. Successful exploit could cause an information disclosure condition. | |||||
| CVE-2019-5222 | 1 Huawei | 2 Honor Magic 2, Honor Magic 2 Firmware | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is an information disclosure vulnerability on Secure Input of certain Huawei smartphones in Versions earlier than Tony-AL00B 9.1.0.216(C00E214R2P1). The Secure Input does not properly limit certain system privilege. An attacker tricks the user to install a malicious application and successful exploit could result in information disclosure. | |||||
| CVE-2019-5244 | 1 Huawei | 2 Mate 9 Pro, Mate 9 Pro Fimware | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| Mate 9 Pro Huawei smartphones earlier than LON-L29C 8.0.0.361(C636) versions have an information leak vulnerability due to the lack of input validation. An attacker tricks the user who has root privilege to install an application on the smart phone, and the application can read some process information, which may cause sensitive information leak. | |||||