Filtered by vendor Huawei
Subscribe
Total
1915 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5269 | 1 Huawei | 44 Cd10-10, Cd10-10 Firmware, Cd16-10 and 41 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Some Huawei home routers have an improper authorization vulnerability. Due to improper authorization of certain programs, an attacker can exploit this vulnerability to execute uploaded malicious files and escalate privilege. | |||||
| CVE-2019-5268 | 1 Huawei | 44 Cd10-10, Cd10-10 Firmware, Cd16-10 and 41 more | 2024-11-21 | 4.8 MEDIUM | 8.1 HIGH |
| Some Huawei home routers have an input validation vulnerability. Due to input parameter is not correctly verified, an attacker can exploit this vulnerability by sending special constructed packets to obtain files in the device and upload files to some directories. | |||||
| CVE-2019-5267 | 1 Huawei | 2 Oceanstor Sns3096, Oceanstor Sns3096 Firmware | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Huawei OceanStor SNS3096 V100R002C01 have an information disclosure vulnerability. Attackers with low privilege can exploit this vulnerability by performing some specific operations. Successful exploit of this vulnerability can cause some information disclosure. | |||||
| CVE-2019-5266 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an insufficient input validation vulnerability. Attackers can exploit this vulnerability by sending crafted packets to the affected device. Successful exploit may cause the function will be disabled. | |||||
| CVE-2019-5265 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an improper access control vulnerability. The function incorrectly controls certain access messages, attackers can simulate a sender to steal P2P network information. Successful exploit may cause information leakage. | |||||
| CVE-2019-5264 | 1 Huawei | 20 Changxiang 7s, Changxiang 7s Firmware, Changxiang 8 Plus and 17 more | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
| There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition. Successful exploit could cause information disclosure. | |||||
| CVE-2019-5263 | 1 Huawei | 2 Hisuite, Hwbackup | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305(MAC) and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting the backup. | |||||
| CVE-2019-5260 | 1 Huawei | 4 View 20, View 20 Firmware, Y9 2019 and 1 more | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
| Huawei smartphones HUAWEI Y9 2019 and Honor View 20 have a denial of service vulnerability. Due to insufficient input validation of specific value when parsing the messages, an attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices to exploit this vulnerability. Successful exploit may cause an infinite loop and the device to reboot. | |||||
| CVE-2019-5259 | 1 Huawei | 24 Ar120-s, Ar120-s Firmware, Ar1200 and 21 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| There is an information leakage vulnerability on some Huawei products(AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600). An attacker with low permissions can view some high-privilege information by running specific commands.Successful exploit could cause an information disclosure condition. | |||||
| CVE-2019-5258 | 1 Huawei | 34 Ap2000, Ap2000 Firmware, Espace U1981 and 31 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a buffer overflow vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal. | |||||
| CVE-2019-5257 | 1 Huawei | 34 Ap2000, Ap2000 Firmware, Espace U1981 and 31 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace) have a resource management vulnerability. An attacker who logs in to the board may send crafted messages from the internal network. | |||||
| CVE-2019-5256 | 1 Huawei | 34 Ap2000, Ap2000 Firmware, Espace U1981 and 31 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local attacker could exploit this vulnerability by sending crafted parameters. A successful exploit could cause a denial of service and the process reboot. | |||||
| CVE-2019-5255 | 1 Huawei | 34 Ap2000, Ap2000 Firmware, Espace U1981 and 31 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a DoS vulnerability. An attacker may send crafted messages from a FTP client to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the system out-of-bounds read and result in a denial of service condition of the affected service. | |||||
| CVE-2019-5254 | 1 Huawei | 34 Ap2000, Ap2000 Firmware, Espace U1981 and 31 more | 2024-11-21 | 5.0 MEDIUM | 8.6 HIGH |
| Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal. | |||||
| CVE-2019-5253 | 1 Huawei | 2 E5572-855, E5572-855 Firmware | 2024-11-21 | 7.1 HIGH | 5.9 MEDIUM |
| E5572-855 with versions earlier than 8.0.1.3(H335SP1C233) has an improper authentication vulnerability. The device does not perform a sufficient authentication when doing certain operations, successful exploit could allow an attacker to cause the device to reboot after launch a man in the middle attack. | |||||
| CVE-2019-5252 | 1 Huawei | 12 Enjoy 8 Plus, Enjoy 8 Plus Firmware, Honor 8x and 9 more | 2024-11-21 | 3.6 LOW | 3.5 LOW |
| There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant. | |||||
| CVE-2019-5251 | 1 Huawei | 18 Enjoy 7s, Enjoy 7s Firmware, Honor 20s and 15 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is a path traversal vulnerability in several Huawei smartphones. The system does not sufficiently validate certain pathnames from the application. An attacker could trick the user into installing, backing up and restoring a malicious application. Successful exploit could cause information disclosure. | |||||
| CVE-2019-5250 | 1 Huawei | 2 Mate 20 Pro, Mate 20 Pro Firmware | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Mate 20 Pro smartphones with versions earlier than 9.1.0.135(C00E133R3P1) have an improper authorization vulnerability. The software does not properly restrict certain operation of certain privilege, the attacker could trick the user into installing a malicious application before the user turns on student mode function. Successful exploit could allow the attacker to bypass the limit of student mode function. | |||||
| CVE-2019-5248 | 1 Huawei | 2 Cloudengine 12800, Cloudengine 12800 Firmware | 2024-11-21 | 6.1 MEDIUM | 7.4 HIGH |
| CloudEngine 12800 has a DoS vulnerability. An attacker of a neighboring device sends a large number of specific packets. As a result, a memory leak occurs after the device uses the specific packet. As a result, the attacker can exploit this vulnerability to cause DoS attacks on the target device. | |||||
| CVE-2019-5247 | 1 Huawei | 4 Atlas 300, Atlas 300 Firmware, Atlas 500 and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Huawei Atlas 300, Atlas 500 have a buffer overflow vulnerability. A local, authenticated attacker may craft specific parameter and send to the process to exploit this vulnerability. Successfully exploit may cause service crash. | |||||