Filtered by vendor Huawei
Subscribe
Total
1888 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-9208 | 1 Huawei | 1 Imanager Neteco 6000 | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| There is an information leak vulnerability in iManager NetEco 6000 versions V600R021C00. A module is lack of authentication. Attackers without access to the module can exploit this vulnerability to obtain extra information, leading to information leak. | |||||
| CVE-2020-9206 | 1 Huawei | 2 Eudc660, Eudc660 Firmware | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
| The eUDC660 product has a resource management vulnerability. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper resource management of the device, as a result, the key file can be obtained and data can be decrypted, affecting confidentiality, integrity, and availability of the device. | |||||
| CVE-2020-9238 | 1 Huawei | 2 Taurus-an00b, Taurus-an00b Firmware | 2024-02-28 | 3.3 LOW | 6.5 MEDIUM |
| Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buffer overflow vulnerability. A function in a module does not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected device. | |||||
| CVE-2020-9108 | 1 Huawei | 2 P30 Pro, P30 Pro Firmware | 2024-02-28 | 7.1 HIGH | 5.5 MEDIUM |
| HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot. | |||||
| CVE-2021-22305 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2024-02-28 | 2.1 LOW | 3.3 LOW |
| There is a buffer overflow vulnerability in Mate 30 10.1.0.126(C00E125R5P3). A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause buffer overflow, compromising normal service. | |||||
| CVE-2020-9120 | 1 Huawei | 1 Cloudengine 1800v | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| CloudEngine 1800V versions V100R019C10SPC500 has a resource management error vulnerability. Remote unauthorized attackers could send specific types of messages to the device, resulting in the message received by the system can't be forwarded normally. | |||||
| CVE-2020-9118 | 1 Huawei | 2 Ais-bw80h-00, Ais-bw80h-00 Firmware | 2024-02-28 | 4.6 MEDIUM | 6.8 MEDIUM |
| There is an insufficient integrity check vulnerability in Huawei Sound X Product. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device. Affected product versions include:AIS-BW80H-00 versions 9.0.3.1(H100SP13C00),9.0.3.1(H100SP18C00),9.0.3.1(H100SP3C00),9.0.3.1(H100SP9C00),9.0.3.2(H100SP1C00),9.0.3.2(H100SP2C00),9.0.3.2(H100SP5C00),9.0.3.2(H100SP8C00),9.0.3.3(H100SP1C00). | |||||
| CVE-2020-9212 | 1 Huawei | 2 Usg9500, Usg9500 Firmware | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| There is a vulnerability in some version of USG9500 that the device improperly handles the information when a user logs in to device. The attacker can exploit the vulnerability to perform some operation and can get information and cause information leak. | |||||
| CVE-2020-9106 | 1 Huawei | 2 P30 Pro, P30 Pro Firmware | 2024-02-28 | 2.1 LOW | 4.6 MEDIUM |
| HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. The system does not sufficiently validate certain pathname, successful exploit could allow the attacker access files and cause information disclosure. | |||||
| CVE-2020-9107 | 1 Huawei | 2 P30 Pro, P30 Pro Firmware | 2024-02-28 | 7.1 HIGH | 5.5 MEDIUM |
| HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot. | |||||
| CVE-2020-9092 | 1 Huawei | 2 Mate 20, Mate 20 Firmware | 2024-02-28 | 2.1 LOW | 4.6 MEDIUM |
| HUAWEI Mate 20 versions earlier than 10.1.0.163(C00E160R3P8) have a JavaScript injection vulnerability. A module does not verify a specific input. This could allow attackers to bypass filter mechanism to launch JavaScript injection. This could compromise normal service of the affected module. | |||||
| CVE-2020-9213 | 1 Huawei | 16 Ngfw Module, Ngfw Module Firmware, Nip6300 and 13 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft many specific packets. Successful exploit may cause some services to be abnormal. Affected products include some versions of NGFW Module, NIP6300, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500, Secospace USG6600 and SG9500. | |||||
| CVE-2021-22292 | 1 Huawei | 2 Ecns280, Ecns280 Firmware | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS. | |||||
| CVE-2021-22294 | 1 Huawei | 1 Harmonyos | 2024-02-28 | 2.1 LOW | 3.3 LOW |
| A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources. | |||||
| CVE-2020-9141 | 1 Huawei | 2 Emui, Magic Ui | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
| There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity. | |||||
| CVE-2020-9105 | 1 Huawei | 2 Taurus-an00b, Taurus-an00b Firmware | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
| Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to access and modify the memory of the device by doing a series of operations. Successful exploit may cause the service abnormal. | |||||
| CVE-2020-9207 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service. | |||||
| CVE-2020-9137 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
| There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful exploit will cause privilege escalation. | |||||
| CVE-2020-9129 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
| HUAWEI Mate 30 versions earlier than 10.1.0.159(C00E159R7P2) have a vulnerability of improper buffer operation. Due to improper restrictions, local attackers with high privileges can exploit the vulnerability to cause system heap overflow. | |||||
| CVE-2020-9144 | 1 Huawei | 2 Emui, Magic Ui | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| There is a heap overflow vulnerability in some Huawei smartphone, attackers can exploit this vulnerability to cause heap overflows due to improper restriction of operations within the bounds of a memory buffer. | |||||