Filtered by vendor Huawei
Subscribe
Total
1774 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-22312 | 1 Huawei | 24 Ips6000e, Ips6000e Firmware, Ips Module and 21 more | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500. | |||||
CVE-2021-22318 | 1 Huawei | 1 Harmonyos | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
A component of the HarmonyOS 2.0 has a Null Pointer Dereference Vulnerability. Local attackers may exploit this vulnerability to cause system denial of service. | |||||
CVE-2021-22365 | 1 Huawei | 2 Ese620x Vess, Ese620x Vess Firmware | 2024-02-04 | 2.1 LOW | 3.3 LOW |
There is an out of bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. A local attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of internal message, successful exploit may cause the process and the service abnormal. | |||||
CVE-2021-22324 | 1 Huawei | 2 Emui, Magic Ui | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
There is a Credentials Management Errors vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality. | |||||
CVE-2021-22380 | 1 Huawei | 1 Emui | 2024-02-04 | 6.4 MEDIUM | 9.1 CRITICAL |
There is a Cleartext Transmission of Sensitive Information Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality and availability. | |||||
CVE-2021-22398 | 1 Huawei | 8 Hulk-al00c, Hulk-al00c Firmware, Jennifer-an00c and 5 more | 2024-02-04 | 2.1 LOW | 4.6 MEDIUM |
There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations. Affected product versions include: Hulk-AL00C 9.1.1.201(C00E201R8P1);Jennifer-AN00C 10.1.1.171(C00E170R6P3);Jenny-AL10B 10.1.0.228(C00E220R5P1) and OxfordPL-AN10B 10.1.0.116(C00E110R2P1). | |||||
CVE-2021-22340 | 1 Huawei | 2 Manageone, Smc2.0 | 2024-02-04 | 4.7 MEDIUM | 4.1 MEDIUM |
There is a multiple threads race condition vulnerability in Huawei product. A race condition exists for concurrent I/O read by multiple threads. An attacker with the root permission can exploit this vulnerability by performing some operations. Successful exploitation of this vulnerability may cause the system to crash. Affected product versions include: ManageOne 6.5.1.SPC200, 8.0.0,8.0.0-LCND81, 8.0.0.SPC100, 8.0.1,8.0.RC2, 8.0.RC3, 8.0.RC3.SPC100;SMC2.0 V600R019C10SPC700,V600R019C10SPC702, V600R019C10SPC703,V600R019C10SPC800, V600R019C10SPC900, V600R019C10SPC910, V600R019C10SPC920, V600R019C10SPC921, V600R019C10SPC922, V600R019C10SPC930, V600R019C10SPC931 | |||||
CVE-2021-22385 | 1 Huawei | 2 Emui, Magic Ui | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
A component of the Huawei smartphone has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution. | |||||
CVE-2021-22338 | 1 Huawei | 2 Ecns280, Ecns280 Firmware | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
There is an XXE injection vulnerability in eCNS280 V100R005C00 and V100R005C10. A module does not perform the strict operation to the input XML message. Attacker can send specific message to exploit this vulnerability, leading to the module denial of service. | |||||
CVE-2020-9158 | 1 Huawei | 2 Emui, Magic Ui | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
There is a Missing Cryptographic Step vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS of Samgr. | |||||
CVE-2021-22372 | 1 Huawei | 2 Emui, Magic Ui | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
There is a Security Features Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality. | |||||
CVE-2021-22400 | 1 Huawei | 2 Oxfords-an00a, Oxfords-an00a Firmware | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
Some Huawei Smartphones has an insufficient input validation vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The app can modify specific parameters, causing the system to crash. Affected product include:OxfordS-AN00A 10.0.1.10(C00E10R1P1),10.0.1.105(C00E103R3P3),10.0.1.115(C00E110R3P3),10.0.1.123(C00E121R3P3),10.0.1.135(C00E130R3P3),10.0.1.135(C00E130R4P1),10.0.1.152(C00E140R4P1),10.0.1.160(C00E160R4P1),10.0.1.167(C00E166R4P1),10.0.1.173(C00E172R5P1),10.0.1.178(C00E175R5P1) and 10.1.0.202(C00E79R5P1). | |||||
CVE-2021-22336 | 1 Huawei | 2 Emui, Magic Ui | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
There is an Improper Control of Generation of Code vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause denial of security services on a rooted device. | |||||
CVE-2021-22351 | 1 Huawei | 2 Emui, Magic Ui | 2024-02-04 | 5.5 MEDIUM | 8.1 HIGH |
There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may induce users to grant permissions on modifying items in the configuration table,causing system exceptions. | |||||
CVE-2021-22330 | 1 Huawei | 2 P30, P30 Firmware | 2024-02-04 | 3.3 LOW | 6.5 MEDIUM |
There is an out of bounds write vulnerability in Huawei Smartphone HUAWEI P30 versions 9.1.0.131(C00E130R1P21) when processing a message. An unauthenticated attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of the input parameter, successful exploit can cause the process and the service to be abnormal. | |||||
CVE-2021-22376 | 1 Huawei | 1 Harmonyos | 2024-02-04 | 7.2 HIGH | 8.4 HIGH |
A component of the HarmonyOS has a Improper Privilege Management vulnerability. Local attackers may exploit this vulnerability to bypass user restrictions. | |||||
CVE-2021-22424 | 1 Huawei | 1 Harmonyos | 2024-02-04 | 4.9 MEDIUM | 5.5 MEDIUM |
A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability. Local attackers may exploit this vulnerability to cause Kernel Denial of Service. | |||||
CVE-2021-22334 | 1 Huawei | 2 Emui, Magic Ui | 2024-02-04 | 3.3 LOW | 7.4 HIGH |
There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause app redirections. | |||||
CVE-2021-22397 | 1 Huawei | 1 Manageone | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
There is a privilege escalation vulnerability in Huawei ManageOne 8.0.0. External parameters of some files are lack of verification when they are be called. Attackers can exploit this vulnerability by performing these files to cause privilege escalation attack. This can compromise normal service. | |||||
CVE-2020-9148 | 1 Huawei | 2 Emui, Magic Ui | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
An application bypass mechanism vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to delete user SMS messages. |