Filtered by vendor Huawei
Subscribe
Total
1915 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-8138 | 1 Huawei | 1 Hedex Lite | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| HedEx Earlier than V200R006C00 versions has a cross-site request forgery (CSRF) vulnerability. An attacker could trick a user into accessing a website containing malicious scripts which may tamper with configurations and interrupt normal services. | |||||
| CVE-2017-8137 | 1 Huawei | 1 Hedex Lite | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. An attacker could exploit this vulnerability to tamper with the DLL file, leading to DLL hijacking. | |||||
| CVE-2017-8136 | 1 Huawei | 1 Hedex Lite | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability. An attacker could exploit it to download arbitrary files on a target device to cause information leak. | |||||
| CVE-2017-8135 | 1 Huawei | 1 Fusionsphere Openstack | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. | |||||
| CVE-2017-8134 | 1 Huawei | 1 Fusionsphere Openstack | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. | |||||
| CVE-2017-8133 | 1 Huawei | 1 Neteco | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Huawei iManager NetEco with software V600R008C00 and V600R008C10 has a command injection vulnerability. An authenticated, remote attacker could exploit this vulnerability to send malicious packets to a target device. Successful exploit could enable a low privileged user to execute commands that a high privileged user could execute, causing the files to be tampered with or deleted. | |||||
| CVE-2017-8132 | 1 Huawei | 1 Fusionsphere Openstack | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. | |||||
| CVE-2017-8131 | 1 Huawei | 1 Fusionsphere Openstack | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. | |||||
| CVE-2017-8130 | 1 Huawei | 1 Uma | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak. | |||||
| CVE-2017-8129 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||
| CVE-2017-8128 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||
| CVE-2017-8127 | 1 Huawei | 1 Uma | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The UMA product with software V200R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. An attacker could craft malicious links or scripts to launch XSS attacks. | |||||
| CVE-2017-8126 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||
| CVE-2017-8125 | 1 Huawei | 1 Uma | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The UMA product with software V200R001 and V300R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. An attacker could craft malicious links or scripts to launch XSS attacks. | |||||
| CVE-2017-8124 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||
| CVE-2017-8123 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||
| CVE-2017-8122 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||
| CVE-2017-8121 | 1 Huawei | 1 Uma | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak. | |||||
| CVE-2017-8120 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||
| CVE-2017-8119 | 1 Huawei | 1 Uma | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. | |||||