Filtered by vendor Huawei
Subscribe
Total
1774 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-9251 | 1 Huawei | 2 Mate 20, P30 Firmware | 2024-02-04 | 2.1 LOW | 2.4 LOW |
| HUAWEI Mate 20 smartphones with versions earlier than 10.1.0.160(C00E160R2P11) have an improper authorization vulnerability. The software does not properly restrict certain operation in certain scenario, the attacker should do certain configuration before the user turns on student mode function. Successful exploit could allow the attacker to bypass the limit of student mode function. Affected product versions include: HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8). | |||||
| CVE-2020-1799 | 1 Huawei | 2 E6878-370, E6878-370 Firmware | 2024-02-04 | 5.4 MEDIUM | 7.5 HIGH |
| E6878-370 with versions of 10.0.3.1(H557SP27C233), 10.0.3.1(H563SP1C00), 10.0.3.1(H563SP1C233) has a use after free vulnerability. The software references memory after it has been freed in certain scenario, the attacker does a series of crafted operations through web portal, successful exploit could cause a use after free condition which may lead to malicious code execution. | |||||
| CVE-2020-9199 | 1 Huawei | 6 B2368-22, B2368-22 Firmware, B2368-57 and 3 more | 2024-02-04 | 7.7 HIGH | 6.8 MEDIUM |
| B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the LAN. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject commands to the target device. | |||||
| CVE-2020-9099 | 1 Huawei | 18 Ips Module, Ips Module Firmware, Ngfw Module and 15 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Huawei products IPS Module; NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6300; Secospace USG6500; Secospace USG6600; USG9500 with versions of V500R001C00; V500R001C20; V500R001C30; V500R001C50; V500R001C60; V500R001C80; V500R005C00; V500R005C10; V500R005C20; V500R002C00; V500R002C10; V500R002C20; V500R002C30 have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device. | |||||
| CVE-2020-9243 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2024-02-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successful exploit could cause a denial of service condition. | |||||
| CVE-2020-9074 | 1 Huawei | 6 Honor 20, Honor 20 Firmware, Honor 20 Pro and 3 more | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| Huawei Smartphones HONOR 20 PRO;Honor View 20;HONOR 20 have an improper handling of exceptional condition Vulnerability. A component cannot deal with an exception correctly. Attackers can exploit this vulnerability by sending malformed message. This could compromise normal service of affected phones. | |||||
| CVE-2020-9072 | 1 Huawei | 2 Osd, Osd Firmware | 2024-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| Huawei OSD product with versions earlier than OSD_uwp_9.0.32.0 have a local privilege escalation vulnerability. An authenticated, local attacker can constructs a specific file path to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. | |||||
| CVE-2020-1817 | 1 Huawei | 1 Pcmanager | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Huawei PCManager with versions earlier than 10.0.1.36 has a privilege escalation vulnerability. Due to improper permission management of specific files, local attackers with low permissions can inject commands to exploit this vulnerability. Successful exploit may cause privilege escalation. | |||||
| CVE-2020-9242 | 1 Huawei | 1 Fusioncompute | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
| FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently validate certain parameters post from user, successful exploit could allow an authenticated attacker to launch a command injection attack. | |||||
| CVE-2020-1800 | 1 Huawei | 2 P30, P30 Firmware | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| HUAWEI smartphones P30 with versions earlier than 10.0.0.185(C00E85R1P11) have an improper access control vulnerability. The software incorrectly restricts access to a function interface from an unauthorized actor, the attacker tricks the user into installing a crafted application, successful exploit could allow the attacker do certain unauthenticated operations. | |||||
| CVE-2020-1833 | 1 Huawei | 2 Honor 9x, Honor 9x Firmware | 2024-02-04 | 2.1 LOW | 2.4 LOW |
| Honor 9X smartphones with versions earlier than 9.1.1.172(C00E170R8P1) have an improper authentication vulnerability. A logic error occurs when handling clock function, an attacker should do a series of crafted operations quickly before the phone is unlocked, successful exploit could allow the attacker to access clock information without unlock the phone. | |||||
| CVE-2020-9262 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
| HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with high privilege, successful exploit could cause code execution. | |||||
| CVE-2020-9068 | 1 Huawei | 2 Ar3200, Ar3200 Firmware | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500 have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device. | |||||
| CVE-2020-1831 | 1 Huawei | 2 Mate 20, Mate 20 Firmware | 2024-02-04 | 1.9 LOW | 2.4 LOW |
| HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195(SP31C00E74R3P8) have an improper authorization vulnerability. The digital balance function does not sufficiently restrict the using time of certain user, successful exploit could allow the user break the limit of digital balance function after a series of operations with a PC. | |||||
| CVE-2020-1862 | 1 Huawei | 2 Campusinsight, Manageone | 2024-02-04 | 2.1 LOW | 3.3 LOW |
| There is a double free vulnerability in some Huawei products. A local attacker with low privilege may perform some operations to exploit the vulnerability. Due to doubly freeing memory, successful exploit may cause some service abnormal. Affected product versions include:CampusInsight versions V100R019C00;ManageOne versions 6.5.RC2.B050. | |||||
| CVE-2019-19415 | 1 Huawei | 100 Ar120-s, Ar120-s Firmware, Ar1200 and 97 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en. | |||||
| CVE-2019-5289 | 1 Huawei | 1 Manageone | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the specific packet length. Attackers can construct invalid packets to attack the active and standby communication channels. Successful exploit of this vulnerability could allow the attacker to crash the database on the standby node. | |||||
| CVE-2019-5269 | 1 Huawei | 44 Cd10-10, Cd10-10 Firmware, Cd16-10 and 41 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Some Huawei home routers have an improper authorization vulnerability. Due to improper authorization of certain programs, an attacker can exploit this vulnerability to execute uploaded malicious files and escalate privilege. | |||||
| CVE-2020-1840 | 1 Huawei | 2 Mate 20, Mate 20 Firmware | 2024-02-04 | 3.6 LOW | 6.0 MEDIUM |
| HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E70R3P8) have an insufficient authentication vulnerability. A local attacker with high privilege can execute a specific command to exploit this vulnerability. Successful exploitation may cause information leak and compromise the availability of the smart phones.Affected product versions include: HUAWEI Mate 20 versions Versions earlier than 10.0.0.175(C00E70R3P8) | |||||
| CVE-2019-5272 | 1 Huawei | 2 Usg9500, Usg9500 Firmware | 2024-02-04 | 4.0 MEDIUM | 4.9 MEDIUM |
| USG9500 with versions of V500R001C30;V500R001C60 have a missing integrity checking vulnerability. The software of the affected products does not check the integrity which may allow an attacker with high privilege to make malicious modifications without detection. | |||||