Filtered by vendor Huawei
Subscribe
Total
1888 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-7947 | 1 Huawei | 2 Emily-al00a, Emily-al00a Firmware | 2024-02-28 | 4.4 MEDIUM | 3.9 LOW |
| Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. An attacker could trick the user to connect to a malicious device. In the debug mode, the malicious software in the device may exploit the vulnerability to bypass some specific function. Successful exploit may cause some malicious applications to be installed in the mobile phones. | |||||
| CVE-2018-7934 | 1 Huawei | 2 Mate 10 Pro, Mate 10 Pro Firmware | 2024-02-28 | 7.1 HIGH | 5.5 MEDIUM |
| Some Huawei mobile phone with the versions before BLA-L29 8.0.0.145(C432) have a denial of service (DoS) vulnerability because they do not adapt to specific screen gestures. An attacker may trick users into installing a malicious app. As a result, apps running on the frontend crash after the users make specific screen gestures. | |||||
| CVE-2018-7937 | 1 Huawei | 4 Hirouter-cd20, Hirouter-cd20 Firmware, Ws5200-10 and 1 more | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
| In Huawei HiRouter-CD20-10 with the versions before 1.9.6 and WS5200-10 with the versions before 1.9.6, there is a plug-in signature bypass vulnerability due to insufficient plug-in verification. An attacker may tamper with a legitimate plug-in to build a malicious plug-in and trick users into installing it. Successful exploit could allow the attacker to obtain the root permission of the device and take full control over the device. | |||||
| CVE-2018-7961 | 1 Huawei | 2 Emily-al00a, Emily-al00a Firmware | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is a smart SMS verification code vulnerability in some Huawei smart phones. An attacker should trick a user to access malicious Website or malicious App and register. Due to incorrect processing of the smart SMS verification code, successful exploitation can cause sensitive information leak. | |||||
| CVE-2018-7946 | 1 Huawei | 4 Honor 7a, Honor 7a Firmware, Honor 9 Lite and 1 more | 2024-02-28 | 1.9 LOW | 4.3 MEDIUM |
| There is an information leak vulnerability in some Huawei smartphones. An attacker may do some specific configuration in the smartphone and trick a user into inputting some sensitive information. Due to improper design, successful exploit may cause some information leak. | |||||
| CVE-2018-7925 | 1 Huawei | 2 Emily-al00a, Emily-al00a Firmware | 2024-02-28 | 4.6 MEDIUM | 6.8 MEDIUM |
| The radio module of some Huawei smartphones Emily-AL00A The versions before 8.1.0.171(C00) have a lock-screen bypass vulnerability. An unauthenticated attacker could start third-part input method APP through certain operations to bypass lock-screen by exploit this vulnerability. | |||||
| CVE-2018-7977 | 1 Huawei | 1 Fusionsphere Openstack | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| There is an information leakage vulnerability on several Huawei products. Due to insufficient communication protection for specific services, a remote, unauthorized attacker can exploit this vulnerability to connect to specific services to obtain additional information. Successful exploitation of this vulnerability can lead to information leakage. | |||||
| CVE-2018-7926 | 1 Huawei | 2 Watch 2, Watch 2 Firmware | 2024-02-28 | 2.1 LOW | 4.6 MEDIUM |
| Huawei Watch 2 with versions and earlier than OWDD.180707.001.E1 have an improper authorization vulnerability. Due to improper permission configuration for specific operations, an attacker who obtained the Huawei ID bound to the watch can bypass permission verification to perform specific operations and modify some data on the watch. | |||||
| CVE-2018-7992 | 1 Huawei | 8 Mate 9, Mate 9 Firmware, Mate 9 Pro and 5 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| Mdapt Driver of Huawei MediaPad M3 BTV-W09C128B353CUSTC128D001; Mate 9 Pro versions earlier than 8.0.0.356(C00); P10 Plus versions earlier than 8.0.0.357(C00) has a buffer overflow vulnerability. The driver does not sufficiently validate the input, an attacker could trick the user to install a malicious application which would send crafted parameters to the driver. Successful exploit could cause a denial of service condition. | |||||
| CVE-2018-7922 | 1 Huawei | 2 Alp-l09, Alp-l09 Firmware | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
| Huawei ALP-L09 smart phones with versions earlier than ALP-L09 8.0.0.150(C432) have an insufficient input validation vulnerability due to lack of parameter check. An attacker tricks the user who has root privilege to install a crafted application, the application may modify the specific data to exploit the vulnerability. Successful exploit could allow the attacker to execute arbitrary code. | |||||
| CVE-2018-7929 | 1 Huawei | 2 Mate Rs, Mate Rs Firmware | 2024-02-28 | 4.6 MEDIUM | 6.8 MEDIUM |
| Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.167(C786) have a lock-screen bypass vulnerability. An attacker could unlock and use the phone through certain operations. | |||||
| CVE-2018-7923 | 1 Huawei | 2 Alp-l09, Alp-l09 Firmware | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
| Huawei ALP-L09 smart phones with versions earlier than ALP-L09 8.0.0.150(C432) have an insufficient input validation vulnerability due to lack of parameter check. An attacker tricks the user who has root privilege to install a crafted application, the application may modify the specific data to exploit the vulnerability. Successful exploit could allow the attacker to execute arbitrary code. | |||||
| CVE-2018-7990 | 1 Huawei | 2 Mate 10 Pro, Mate 10 Pro Firmware | 2024-02-28 | 4.9 MEDIUM | 4.6 MEDIUM |
| Mate10 Pro Huawei smart phones with the versions before 8.1.0.326(C00) have a FRP bypass vulnerability. During the mobile phone reseting process, an attacker could bypass "Find My Phone" protect after a series of voice and keyboard operations. Successful exploit could allow an attacker to bypass FRP. | |||||
| CVE-2018-7924 | 1 Huawei | 2 Anne-al00, Anne-al00 Firmware | 2024-02-28 | 2.1 LOW | 2.4 LOW |
| Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information of the mobile phone. | |||||
| CVE-2017-17312 | 1 Huawei | 8 Usg2205bsr, Usg2205bsr Firmware, Usg2220bsr and 5 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a DoS vulnerability in the IPSEC IKEv1 implementations of Huawei Firewall products. Due to improper handling of the malformed messages, an attacker may sent crafted packets to the affected device to exploit these vulnerabilities. Successful exploit the vulnerability could lead to device deny of service. | |||||
| CVE-2017-17305 | 1 Huawei | 8 Usg2205bsr, Usg2205bsr Firmware, Usg2220bsr and 5 more | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
| Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations. Remote attackers can decrypt IPSEC tunnel ciphertext data by leveraging a Bleichenbacher RSA padding oracle. Cause a Bleichenbacher oracle attack. Successful exploit this vulnerability can impact IPSec tunnel security. | |||||
| CVE-2018-7910 | 1 Huawei | 10 Alp-al00b, Alp-al00b Firmware, Alp-tl00b and 7 more | 2024-02-28 | 4.6 MEDIUM | 6.8 MEDIUM |
| Some Huawei smartphones ALP-AL00B 8.0.0.118D(C00), ALP-TL00B 8.0.0.118D(C01), BLA-AL00B 8.0.0.118D(C00), BLA-L09C 8.0.0.127(C432), 8.0.0.128(C432), 8.0.0.137(C432), BLA-L29C 8.0.0.129(C432), 8.0.0.137(C432) have an authentication bypass vulnerability. When the attacker obtains the user's smartphone, the vulnerability can be used to replace the start-up program so that the attacker can obtain the information in the smartphone and achieve the purpose of controlling the smartphone. | |||||
| CVE-2018-7938 | 1 Huawei | 2 P10, P10 Firmware | 2024-02-28 | 4.3 MEDIUM | 3.3 LOW |
| P10 Huawei smartphones with the versions before Victoria-AL00AC00B217 have an information leak vulnerability due to the lack of permission validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can read some hardware serial number, which may cause sensitive information leak. | |||||
| CVE-2018-7907 | 1 Huawei | 38 Agassi-l09, Agassi-l09 Firmware, Agassi-w09 and 35 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D001, AGS-W09C794B001CUSTC794D001, Baggio2-U01A BG2-U01C100B160CUSTC100D001, BG2-U01C170B160CUSTC170D001, BG2-U01C199B162CUSTC199D001, BG2-U01C209B160CUSTC209D001, BG2-U01C333B160CUSTC333D001, Bond-AL00C Bond-AL00CC00B201, Bond-AL10B Bond-AL10BC00B201, Bond-TL10B Bond-TL10BC01B201, Bond-TL10C Bond-TL10CC01B131, Haydn-L1JB HDN-L1JC137B068, Kobe-L09A KOB-L09C100B252CUSTC100D001, KOB-L09C209B002CUSTC209D001, KOB-L09C362B001CUSTC362D001, Kobe-L09AHN KOB-L09C233B226, Kobe-W09C KOB-W09C128B251CUSTC128D001, LelandP-L22C 8.0.0.101(C675CUSTC675D2), LelandP-L22D 8.0.0.101(C675CUSTC675D2), Rhone-AL00 Rhone-AL00C00B186, Selina-L02 Selina-L02C432B153, Stanford-L09S Stanford-L09SC432B183, Toronto-AL00 Toronto-AL00C00B223, Toronto-AL00A Toronto-AL00AC00B223, Toronto-TL10 Toronto-TL10C01B223 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Due to insufficient verification of the input, successful exploitation can cause sensitive information leak. | |||||
| CVE-2018-7936 | 1 Huawei | 2 Mate 10 Pro, Mate 10 Pro Firmware | 2024-02-28 | 4.9 MEDIUM | 4.6 MEDIUM |
| Mate 10 Pro Huawei smart phones with the versions before BLA-L29 8.0.0.148(C432) have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can connect the phone with PC and send special instructions to install third party desktop and disable the boot wizard. As a result, the FRP function is bypassed. | |||||