Filtered by vendor Huawei
Subscribe
Total
1915 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-9235 | 1 Huawei | 20 Honor 20 Pro, Honor 20 Pro Firmware, Honor View 20 and 17 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak. | |||||
| CVE-2020-9233 | 1 Huawei | 1 Fusioncompute | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the vulnerability to delete some files and cause some services abnormal. | |||||
| CVE-2020-9230 | 1 Huawei | 2 Ws5800-10, Ws5800-10 Firmware | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| WS5800-10 version 10.0.3.25 has a denial of service vulnerability. Due to improper verification of specific message, an attacker may exploit this vulnerability to cause specific function to become abnormal. | |||||
| CVE-2020-9229 | 1 Huawei | 1 Fusioncompute | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information. | |||||
| CVE-2020-9228 | 1 Huawei | 1 Fusioncompute | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information. | |||||
| CVE-2020-9227 | 1 Huawei | 2 Moana-al00b, Moana-al00b Firmware | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Huawei Smart Phones Moana-AL00B with versions earlier than 10.1.0.166 have a missing initialization of resource vulnerability. An attacker tricks the user into installing then running a crafted application. Due to improper initialization of specific parameters, successful exploit of this vulnerability may cause device exceptions. | |||||
| CVE-2020-9226 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| HUAWEI P30 with versions earlier than 10.1.0.135(C00E135R2P11) have an improper signature verification vulnerability. The system does not improper check signature of specific software package, an attacker may exploit this vulnerability to load a crafted software package to the device. | |||||
| CVE-2020-9225 | 1 Huawei | 1 Fusionsphere Openstack | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software does not correctly perform a privilege assignment when an actor attempts to perform an action. Successful exploit could allow certain user to do certain operations beyond its privilege. | |||||
| CVE-2020-9223 | 1 Huawei | 8 Honor 20 Pro, Honor 20 Pro Firmware, Princeton-al10d and 5 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| There is a denial of service vulnerability in some Huawei smartphones. Due to the improper processing of received abnormal messages, remote attackers may exploit this vulnerability to cause a denial of service (DoS) on the specific module. | |||||
| CVE-2020-9213 | 1 Huawei | 16 Ngfw Module, Ngfw Module Firmware, Nip6300 and 13 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft many specific packets. Successful exploit may cause some services to be abnormal. Affected products include some versions of NGFW Module, NIP6300, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500, Secospace USG6600 and SG9500. | |||||
| CVE-2020-9212 | 1 Huawei | 2 Usg9500, Usg9500 Firmware | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| There is a vulnerability in some version of USG9500 that the device improperly handles the information when a user logs in to device. The attacker can exploit the vulnerability to perform some operation and can get information and cause information leak. | |||||
| CVE-2020-9209 | 1 Huawei | 2 Smc2.0, Smc2.0 Firmware | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| There is a privilege escalation vulnerability in SMC2.0 product. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this vulnerability by crafting malicious file to launch privilege escalation. This can compromise normal service of affected products. | |||||
| CVE-2020-9208 | 1 Huawei | 1 Imanager Neteco 6000 | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| There is an information leak vulnerability in iManager NetEco 6000 versions V600R021C00. A module is lack of authentication. Attackers without access to the module can exploit this vulnerability to obtain extra information, leading to information leak. | |||||
| CVE-2020-9207 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service. | |||||
| CVE-2020-9206 | 1 Huawei | 2 Eudc660, Eudc660 Firmware | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| The eUDC660 product has a resource management vulnerability. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper resource management of the device, as a result, the key file can be obtained and data can be decrypted, affecting confidentiality, integrity, and availability of the device. | |||||
| CVE-2020-9205 | 1 Huawei | 1 Manageone | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| There has a CSV injection vulnerability in ManageOne 8.0.1. An attacker with common privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device. | |||||
| CVE-2020-9203 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| There is a resource management errors vulnerability in Huawei P30. Local attackers construct broadcast message for some application, causing this application to send this broadcast message and impact the customer's use experience. | |||||
| CVE-2020-9202 | 1 Huawei | 1 Te Mobile | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| There is an information disclosure vulnerability in TE Mobile software versions V600R006C10,V600R006C10SPC100. Due to the improper storage of some information in certain specific scenario, the attacker can gain information in the victim's device to launch the attack, successful exploit could cause information disclosure. | |||||
| CVE-2020-9201 | 1 Huawei | 6 Nip6800, Nip6800 Firmware, Secospace Usg6600 and 3 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| There is an out-of-bounds read vulnerability in some versions of NIP6800, Secospace USG6600 and USG9500. The software reads data past the end of the intended buffer when parsing DHCP messages including crafted parameter. Successful exploit could cause certain service abnormal. | |||||
| CVE-2020-9200 | 1 Huawei | 1 Imanager Neteco 6000 | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. An attacker with common privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device. | |||||