Filtered by vendor Huawei
Subscribe
Total
1774 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-1865 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more | 2024-02-04 | 3.3 LOW | 6.5 MEDIUM |
There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the system does the certain operation. | |||||
CVE-2020-9230 | 1 Huawei | 2 Ws5800-10, Ws5800-10 Firmware | 2024-02-04 | 3.3 LOW | 6.5 MEDIUM |
WS5800-10 version 10.0.3.25 has a denial of service vulnerability. Due to improper verification of specific message, an attacker may exploit this vulnerability to cause specific function to become abnormal. | |||||
CVE-2020-9123 | 1 Huawei | 2 P30 Pro, P30 Pro Firmware | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution. | |||||
CVE-2020-9106 | 1 Huawei | 2 P30 Pro, P30 Pro Firmware | 2024-02-04 | 2.1 LOW | 4.6 MEDIUM |
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. The system does not sufficiently validate certain pathname, successful exploit could allow the attacker access files and cause information disclosure. | |||||
CVE-2020-9209 | 1 Huawei | 2 Smc2.0, Smc2.0 Firmware | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
There is a privilege escalation vulnerability in SMC2.0 product. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this vulnerability by crafting malicious file to launch privilege escalation. This can compromise normal service of affected products. | |||||
CVE-2020-9240 | 1 Huawei | 2 Taurus-an00b, Taurus-an00b Firmware | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buffer overflow vulnerability. A function in a module does not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected device. | |||||
CVE-2021-22314 | 1 Huawei | 1 Manageone | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
There is a local privilege escalation vulnerability in some versions of ManageOne. A local authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service. | |||||
CVE-2020-9117 | 1 Huawei | 4 Nova 4, Nova 4 Firmware, Sydneym-al00 and 1 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM-AL00 versions earlier than 10.0.0.165(C00E66R1P5) have an out-of-bounds read and write vulnerability. An attacker with specific permissions crafts malformed packet with specific parameter and sends the packet to the affected products. Due to insufficient validation of packet, which may be exploited to cause the information leakage or arbitrary code execution. | |||||
CVE-2020-9093 | 1 Huawei | 2 Taurus-al00a, Taurus-al00a Firmware | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
There is a use after free vulnerability in Taurus-AL00A versions 10.0.0.1(C00E1R1P1). A module does not deal with specific message properly, which makes a function refer to memory after it has been freed. Attackers can exploit this vulnerability by running a crafted application with common privilege. This would compromise normal service. | |||||
CVE-2020-9115 | 1 Huawei | 1 Manageone | 2024-02-04 | 9.0 HIGH | 7.2 HIGH |
ManageOne versions 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, ,6.5.1.1.B050, 8.0.0 and 8.0.1 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the plug-in component. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject commands to the target device. | |||||
CVE-2020-9139 | 1 Huawei | 2 Emui, Magic Ui | 2024-02-04 | 6.4 MEDIUM | 9.1 CRITICAL |
There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service. | |||||
CVE-2021-22294 | 1 Huawei | 1 Harmonyos | 2024-02-04 | 2.1 LOW | 3.3 LOW |
A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources. | |||||
CVE-2020-1866 | 1 Huawei | 18 Nip6800, Nip6800 Firmware, S12700 and 15 more | 2024-02-04 | 3.3 LOW | 6.5 MEDIUM |
There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00. | |||||
CVE-2020-9092 | 1 Huawei | 2 Mate 20, Mate 20 Firmware | 2024-02-04 | 2.1 LOW | 4.6 MEDIUM |
HUAWEI Mate 20 versions earlier than 10.1.0.163(C00E160R3P8) have a JavaScript injection vulnerability. A module does not verify a specific input. This could allow attackers to bypass filter mechanism to launch JavaScript injection. This could compromise normal service of the affected module. | |||||
CVE-2020-1847 | 1 Huawei | 12 Nip6300, Nip6300 Firmware, Nip6600 and 9 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
There is a denial of service vulnerability in some Huawei products. There is no protection against the attack scenario of specific protocol. A remote, unauthorized attackers can construct attack scenarios, which leads to denial of service.Affected product versions include:NIP6300 versions V500R001C30,V500R001C60;NIP6600 versions V500R001C30,V500R001C60;Secospace USG6300 versions V500R001C30,V500R001C60;Secospace USG6500 versions V500R001C30,V500R001C60;Secospace USG6600 versions V500R001C30,V500R001C60;USG9500 versions V500R001C30,V500R001C60. | |||||
CVE-2020-9094 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of service. | |||||
CVE-2020-9263 | 1 Huawei | 4 Mate 30, Mate 30 Firmware, P30 and 1 more | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) and HUAWEI P30 version earlier than 10.1.0.160(C00E160R2P11) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with common privilege, successful exploit could cause code execution. | |||||
CVE-2020-9228 | 1 Huawei | 1 Fusioncompute | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information. | |||||
CVE-2020-1796 | 1 Huawei | 4 Mate 20, Mate 20 Firmware, Mate 30 Pro and 1 more | 2024-02-04 | 4.6 MEDIUM | 6.6 MEDIUM |
There is an improper authorization vulnerability in several smartphones. The software incorrectly performs an authorization to certain user, successful exploit could allow a low privilege user to do certain operation which the user are supposed not to do.Affected product versions include:HUAWEI Mate 20 versions Versions earlier than 10.0.0.188(C00E74R3P8);HUAWEI Mate 30 Pro versions Versions earlier than 10.0.0.203(C00E202R7P2). | |||||
CVE-2020-1825 | 1 Huawei | 1 Fusionaccess | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
FusionAccess with versions earlier than 6.5.1.SPC002 have a Denial of Service (DoS) vulnerability. Due to insufficient verification on specific input, attackers can exploit this vulnerability by sending constructed messages to the affected device through another device on the same network. Successful exploit could cause affected devices to be abnormal. |