Filtered by vendor Huawei
Subscriptions
Total
2205 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-15328 | 1 Huawei | 2 Hg8245h, Hg8245h Firmware | 2025-04-20 | N/A |
| Huawei HG8245H version earlier than V300R018C00SPC110 has an authentication bypass vulnerability. An attacker can access a specific URL of the affect product. Due to improper verification of the privilege, successful exploitation may cause information leak. | ||||
| CVE-2017-8134 | 1 Huawei | 1 Fusionsphere Openstack | 2025-04-20 | N/A |
| The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. | ||||
| CVE-2017-8205 | 1 Huawei | 2 Honor 9, Honor 9 Firmware | 2025-04-20 | N/A |
| The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the driver of the smart phone, causing arbitrary code execution. | ||||
| CVE-2015-4421 | 1 Huawei | 2 Mate 7, Mate 7 Firmware | 2025-04-20 | N/A |
| The tzdriver module in Huawei Mate 7 (Mate7-TL10) smartphones before V100R001CHNC00B126SP03 allows local users to gain privileges or cause a denial of service (memory corruption) via an unspecified input. | ||||
| CVE-2017-8189 | 1 Huawei | 1 Fusionsphere Openstack | 2025-04-20 | N/A |
| FusionSphere OpenStack V100R006C00SPC102(NFV)has a path traversal vulnerability. Due to insufficient path validation, an attacker with high privilege may exploit this vulnerability to cover some files, causing services abnormal. | ||||
| CVE-2017-8193 | 1 Huawei | 1 Fusionsphere Openstack | 2025-04-20 | N/A |
| The FusionSphere OpenStack V100R006C00SPC102(NFV) has a command injection vulnerability. Due to the insufficient input validation on one port, an authenticated, local attacker may exploit the vulnerability to gain root privileges by sending message with malicious commands. | ||||
| CVE-2016-8791 | 1 Huawei | 6 Mate 8, Mate 8 Firmware, Mate S and 3 more | 2025-04-20 | N/A |
| Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege. | ||||
| CVE-2016-8795 | 1 Huawei | 12 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 9 more | 2025-04-20 | N/A |
| Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset. | ||||
| CVE-2017-8196 | 1 Huawei | 1 Fusionsphere | 2025-04-20 | N/A |
| FusionSphere V100R006C00SPC102(NFV) has an incorrect authorization vulnerability. An authenticated attacker could execute commands that he/she should have had no permission to perform, thereby querying, modifying, and deleting certain service data and making the service unavailable. | ||||
| CVE-2017-15322 | 1 Huawei | 2 Baggio-l03a, Baggio-l03a Firmware | 2025-04-20 | N/A |
| Some Huawei smartphones with software of BGO-L03C158B003CUSTC158D001 and BGO-L03C331B009CUSTC331D001 have a DoS vulnerability due to insufficient input validation. An attacker could exploit this vulnerability by sending specially crafted NFC messages to the target device. Successful exploit could make a service crash. | ||||
| CVE-2014-9696 | 1 Huawei | 2 Tecal E9000 Chassis, Tecal E9000 Chassis Firmware | 2025-04-20 | N/A |
| The Hyper Module Management (HMM) software of Huawei Tecal E9000 Chassis V100R001C00SPC160 and earlier versions allows the operator to modify the user configuration of iMana through privilege escalation. | ||||
| CVE-2017-8178 | 1 Huawei | 2 Vicky-al00, Vicky-al00 Firmware | 2025-04-20 | N/A |
| Huawei Email APP Vicky-AL00 smartphones with software of earlier than VKY-AL00C00B171 versions has a stored cross-site scripting vulnerability. A remote attacker could exploit this vulnerability to send email that storing malicious code to a smartphone and waiting for a user to access this email that triggers execution of the code. An exploit could allow the attacker to execute arbitrary script code on the affected device. | ||||
| CVE-2016-8776 | 1 Huawei | 4 P9, P9 Firmware, P9 Lite and 1 more | 2025-04-20 | N/A |
| Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones with software VNS-L21C185 allow attackers to bypass the factory reset protection (FRP) to enter some functional modules without authorization and perform operations to update the Google account. | ||||
| CVE-2017-15309 | 1 Huawei | 1 Ireader | 2025-04-20 | N/A |
| Huawei iReader app before 8.0.2.301 has a path traversal vulnerability due to insufficient validation on file storage paths. An attacker can exploit this vulnerability to store downloaded malicious files in an arbitrary directory. | ||||
| CVE-2017-8192 | 1 Huawei | 1 Fusionsphere Openstack | 2025-04-20 | N/A |
| FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may exploit this vulnerability to obtain the operation authority of some specific directory, causing privilege escalation. | ||||
| CVE-2017-8128 | 1 Huawei | 1 Uma | 2025-04-20 | N/A |
| The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | ||||
| CVE-2016-8774 | 1 Huawei | 8 Mate 8, Mate 8 Firmware, Mate S and 5 more | 2025-04-20 | N/A |
| The HIFI driver in Huawei Mate 8 phones with software versions before NXT-AL10C00B386, versions before NXT-CL00C92B386, versions before NXT-DL00C17B386, versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366; and P9 phones with software Versions before EVA-AL10C00B190, Versions before EVA-DL10C00B190, Versions before EVA-TL10C00B190, Versions before EVA-CL10C00B190 allows attackers to get root privilege or crash the system or execute arbitrary code, related to a buffer overflow. | ||||
| CVE-2016-8781 | 1 Huawei | 6 Secospace Usg6300, Secospace Usg6300 Firmware, Secospace Usg6500 and 3 more | 2025-04-20 | N/A |
| Huawei Secospace USG6300 with software V500R001C20 and V500R001C20SPC200PWE, Secospace USG6500 with software V500R001C20, Secospace USG6600 with software V500R001C20 and V500R001C20SPC200PWE allow remote attackers with specific permission to log in to a device and deliver a large number of unspecified commands to exhaust memory, causing a DoS condition. | ||||
| CVE-2017-8117 | 1 Huawei | 1 Uma | 2025-04-20 | N/A |
| The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | ||||
| CVE-2017-8188 | 1 Huawei | 1 Fusionsphere Openstack | 2025-04-20 | N/A |
| FusionSphere OpenStack V100R006C00SPC102(NFV)has a command injection vulnerability. Due to lack of validation, an attacker with high privilege may inject malicious code into some module of the affected products, causing code execution. | ||||