Filtered by vendor Huawei
Subscribe
Total
1888 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5246 | 1 Huawei | 2 Elle-al00b, Elle-al00b Firmware | 2024-02-28 | 4.6 MEDIUM | 6.2 MEDIUM |
| Smartphones with software of ELLE-AL00B 9.1.0.109(C00E106R1P21), 9.1.0.113(C00E110R1P21), 9.1.0.125(C00E120R1P21), 9.1.0.135(C00E130R1P21), 9.1.0.153(C00E150R1P21), 9.1.0.155(C00E150R1P21), 9.1.0.162(C00E160R2P1) have an insufficient verification vulnerability. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack. Successful exploit could cause DOS or malicious code execution. | |||||
| CVE-2019-5271 | 1 Huawei | 2 Myna, Myna Firmware | 2024-02-28 | 4.8 MEDIUM | 5.4 MEDIUM |
| There is an information leak vulnerability in Huawei smart speaker Myna. When the smart speaker is paired with the cloud through Wi-Fi, the speaker incorrectly processes some data. Attackers can exploit this vulnerability to read and modify specific configurations of speakers through a series of operations. | |||||
| CVE-2019-5291 | 1 Huawei | 36 Ar120-s, Ar120-s Firmware, Ar1200 and 33 more | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal. | |||||
| CVE-2020-1812 | 1 Huawei | 2 P30, P30 Firmware | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| HUAWEI P30 smartphones with versions earlier than 10.0.0.173(C00E73R1P11) have an improper authentication vulnerability. Due to improperly validation of certain application, an attacker should trick the user into installing a malicious application to exploit this vulnerability. Successful exploit could allow the attacker to bypass the authentication to perform unauthorized operations. | |||||
| CVE-2020-1810 | 1 Huawei | 6 Cloudengine 12800, Cloudengine 12800 Firmware, S5700 and 3 more | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is a weak algorithm vulnerability in some Huawei products. The affected products use the RSA algorithm in the SSL key exchange algorithm which have been considered as a weak algorithm. Attackers may exploit this vulnerability to leak some information. | |||||
| CVE-2019-5289 | 1 Huawei | 1 Manageone | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the specific packet length. Attackers can construct invalid packets to attack the active and standby communication channels. Successful exploit of this vulnerability could allow the attacker to crash the database on the standby node. | |||||
| CVE-2019-5224 | 1 Huawei | 2 P30, P30 Firmware | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21) have an out of bounds read vulnerability. The system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause out of bounds read and information disclosure. | |||||
| CVE-2019-5247 | 1 Huawei | 4 Atlas 300, Atlas 300 Firmware, Atlas 500 and 1 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
| Huawei Atlas 300, Atlas 500 have a buffer overflow vulnerability. A local, authenticated attacker may craft specific parameter and send to the process to exploit this vulnerability. Successfully exploit may cause service crash. | |||||
| CVE-2020-1827 | 1 Huawei | 6 Nip6800, Nip6800 Firmware, Secospace Usg6600 and 3 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. An attacker can exploit this vulnerability by sending specific request packets to affected devices. Successful exploit may lead to information leakage. | |||||
| CVE-2020-1786 | 1 Huawei | 2 Mate 20 Pro, Mate 20 Pro Firmware | 2024-02-28 | 2.1 LOW | 4.6 MEDIUM |
| HUAWEI Mate 20 Pro smartphones versions earlier than 10.0.0.175(C00E69R3P8) have an improper authentication vulnerability. The software does not sufficiently validate the name of apk file in a special condition which could allow an attacker to forge a crafted application as a normal one. Successful exploit could allow the attacker to bypass digital balance function. | |||||
| CVE-2019-5233 | 1 Huawei | 2 Taurus-al00b, Taurus-al00b Firmware | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| Huawei smartphones with versions earlier than Taurus-AL00B 10.0.0.41(SP2C00E41R3P2) have an improper authentication vulnerability. Successful exploitation may cause the attacker to access specific components. | |||||
| CVE-2020-1785 | 1 Huawei | 8 Honor 10, Honor 10 Firmware, Honor V10 and 5 more | 2024-02-28 | 7.1 HIGH | 5.5 MEDIUM |
| Mate 10 Pro;Honor V10;Honor 10;Nova 4 smartphones have a denial of service vulnerability. The system does not properly check the status of certain module during certain operations, an attacker should trick the user into installing a malicious application, successful exploit could cause reboot of the smartphone. | |||||
| CVE-2019-5288 | 1 Huawei | 2 P30, P30 Firmware | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
| P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs specific parameters to the camera program to exploit this vulnerability. Successful exploit could cause the program to break down or allow for arbitrary code execution. | |||||
| CVE-2019-5211 | 1 Huawei | 2 P20, P20 Firmware | 2024-02-28 | 4.3 MEDIUM | 5.7 MEDIUM |
| The Huawei Share function of P20 phones with versions earlier than Emily-L29C 9.1.0.311 has an improper file management vulnerability. The attacker tricks the victim to perform certain operations on the mobile phone during file transfer. Because the file is not properly processed, successfully exploit may cause some files on the victim's mobile phone are deleted. | |||||
| CVE-2020-1791 | 1 Huawei | 2 Mate 20, Mate 20 Firmware | 2024-02-28 | 2.1 LOW | 2.4 LOW |
| HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system has a logic judging error under certain scenario, successful exploit could allow the attacker to switch to third desktop after a series of operation in ADB mode. | |||||
| CVE-2019-5263 | 1 Huawei | 2 Hisuite, Hwbackup | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
| HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305(MAC) and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei smartphone user backup information can be obtained by brute forcing the password for encrypting the backup. | |||||
| CVE-2019-5272 | 1 Huawei | 2 Usg9500, Usg9500 Firmware | 2024-02-28 | 4.0 MEDIUM | 4.9 MEDIUM |
| USG9500 with versions of V500R001C30;V500R001C60 have a missing integrity checking vulnerability. The software of the affected products does not check the integrity which may allow an attacker with high privilege to make malicious modifications without detection. | |||||
| CVE-2020-1853 | 1 Huawei | 1 Gaussdb 200 | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| GaussDB 200 with version of 6.5.1 have a path traversal vulnerability. Due to insufficient input path validation, an authenticated attacker can traverse directories and download files to a specific directory. Successful exploit may cause information leakage. | |||||
| CVE-2020-1857 | 1 Huawei | 6 Nip6800, Nip6800 Firmware, Secospace Usg6600 and 3 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
| Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. Due to improper processing of some data, a local authenticated attacker can exploit this vulnerability through a series of operations. Successful exploitation may cause information leakage. | |||||
| CVE-2019-5225 | 1 Huawei | 6 Mate 20, Mate 20 Firmware, P30 and 3 more | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), versions earlier than Hima-AL00B 9.1.0.135(C00E200R2P1), versions earlier than VOGUE-AL00A 9.1.0.193(C00E190R1P12) have a buffer overflow vulnerability on several , the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause malicious code execution. | |||||