Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-1785 | 1 Huawei | 8 Honor 10, Honor 10 Firmware, Honor V10 and 5 more | 2021-07-21 | 7.1 HIGH | 5.5 MEDIUM |
| Mate 10 Pro;Honor V10;Honor 10;Nova 4 smartphones have a denial of service vulnerability. The system does not properly check the status of certain module during certain operations, an attacker should trick the user into installing a malicious application, successful exploit could cause reboot of the smartphone. | |||||
| CVE-2020-1791 | 1 Huawei | 2 Mate 20, Mate 20 Firmware | 2021-07-21 | 2.1 LOW | 2.4 LOW |
| HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system has a logic judging error under certain scenario, successful exploit could allow the attacker to switch to third desktop after a series of operation in ADB mode. | |||||
| CVE-2020-1797 | 1 Huawei | 2 Mate 20, Mate 20 Firmware | 2021-07-21 | 2.1 LOW | 2.4 LOW |
| HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system does not properly restrict certain operation in ADB mode, successful exploit could allow certain user break the limit of digital balance function. | |||||
| CVE-2020-1800 | 1 Huawei | 2 P30, P30 Firmware | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| HUAWEI smartphones P30 with versions earlier than 10.0.0.185(C00E85R1P11) have an improper access control vulnerability. The software incorrectly restricts access to a function interface from an unauthorized actor, the attacker tricks the user into installing a crafted application, successful exploit could allow the attacker do certain unauthenticated operations. | |||||
| CVE-2020-1807 | 1 Huawei | 2 Mate 20, Mate 20 Firmware | 2021-07-21 | 3.6 LOW | 3.5 LOW |
| HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188(C00E74R3P8) have an improper authorization vulnerability. The software does not properly restrict certain user's modification of certain configuration file, successful exploit could allow the attacker to bypass app lock after a series of operation in ADB mode. | |||||
| CVE-2020-1809 | 1 Huawei | 2 Mate 10, Mate 10 Firmware | 2021-07-21 | 2.1 LOW | 4.6 MEDIUM |
| HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E143R2P4) have an information disclosure vulnerability. The attacker could wake up voice assistant then do a series of crafted voice operation, successful exploit could allow the attacker read certain files without unlock the phone leading to information disclosure. | |||||
| CVE-2020-1816 | 1 Huawei | 6 Nip6800, Nip6800 Firmware, Secospace Usg6600 and 3 more | 2021-07-21 | 4.3 MEDIUM | 7.5 HIGH |
| Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a Denial of Service (DoS) vulnerability. Due to improper processing of specific IPSEC packets, remote attackers can send constructed IPSEC packets to affected devices to exploit this vulnerability. Successful exploit could cause the IPSec function of the affected device abnormal. | |||||
| CVE-2020-1835 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2021-07-21 | 3.3 LOW | 6.5 MEDIUM |
| HUAWEI Mate 30 with versions earlier than 10.1.0.126(C00E125R5P3) have an information disclosure vulnerability. A logic judgment error occurs when the system handling Bluetooth connections, an attacker could craft as an authenticated Bluetooth peer to launch the attack. Successful exploit could cause information disclosure. | |||||
| CVE-2020-1836 | 1 Huawei | 4 P30, P30 Firmware, P30 Pro and 1 more | 2021-07-21 | 2.9 LOW | 5.3 MEDIUM |
| HUAWEI P30 with versions earlier than 10.1.0.160(C00E160R2P11) and HUAWEI P30 Pro with versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure. | |||||
| CVE-2020-1817 | 1 Huawei | 1 Pcmanager | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| Huawei PCManager with versions earlier than 10.0.1.36 has a privilege escalation vulnerability. Due to improper permission management of specific files, local attackers with low permissions can inject commands to exploit this vulnerability. Successful exploit may cause privilege escalation. | |||||
| CVE-2020-1837 | 1 Huawei | 2 Changxiang 8 Plus, Changxiang 8 Plus Firmware | 2021-07-21 | 2.9 LOW | 5.3 MEDIUM |
| ChangXiang 8 Plus with versions earlier than 9.1.0.136(C00E121R1P6T8) have a denial of service vulnerability. The device does not properly handle certain message from base station, the attacker could craft a fake base station to launch the attack. Successful exploit could cause a denial of signal service condition. | |||||
| CVE-2020-1843 | 1 Huawei | 10 Hege-560, Hege-560 Firmware, Osca-550 and 7 more | 2021-07-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), OSCA-550A version 1.0.0.71(SP1), OSCA-550AX version 1.0.0.71(SP2), and OSCA-550X version 1.0.0.71(SP2) have an insufficient verification vulnerability. An attacker can perform specific operations to exploit this vulnerability by physical access methods. Successful exploitation may cause the attacker perform an illegal operation. | |||||
| CVE-2020-1841 | 1 Huawei | 8 Cloudlink Board, Cloudlink Board Firmware, Dp300 and 5 more | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Huawei CloudLink Board version 20.0.0; DP300 version V500R002C00; RSE6500 versions V100R001C00, V500R002C00, and V500R002C00SPC900; and TE60 versions V500R002C00, V600R006C00, V600R006C00SPC200, V600R006C00SPC300, V600R006C10, V600R019C00, and V600R019C00SPC100 have an information leak vulnerability. An unauthenticated, remote attacker can make a large number of attempts to guess information. Successful exploitation may cause information leak. | |||||
| CVE-2020-1844 | 1 Huawei | 1 Pcmanager | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| PCManager with versions earlier than 10.0.5.51 have a privilege escalation vulnerability in Huawei PCManager products. An authenticated, local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. | |||||
| CVE-2020-1845 | 1 Huawei | 1 Pcmanager | 2021-07-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| Huawei PCManager product with versions earlier than 10.0.5.53 have a local privilege escalation vulnerability. An authenticated, local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. | |||||
| CVE-2020-1848 | 1 Huawei | 2 Jackman-al00d, Jackman-al00d Firmware | 2021-07-21 | 2.1 LOW | 5.5 MEDIUM |
| There is a resource management error vulnerability in Jackman-AL00D versions 8.2.0.185(C00R2P1). Local attackers construct malicious application files, causing system applications to run abnormally. | |||||
| CVE-2020-1855 | 1 Huawei | 12 Hege-560, Hege-560 Firmware, Hege-570 and 9 more | 2021-07-21 | 3.6 LOW | 6.1 MEDIUM |
| Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21(SP3) have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal. | |||||
| CVE-2020-1856 | 1 Huawei | 12 Ngfw Module, Ngfw Module Firmware, Nip6300 and 9 more | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Huawei NGFW Module, NIP6300, NIP6600, Secospace USG6500, Secospace USG6600, and USG9500 versions V500R001C30, V500R001C60, and V500R005C00 have an information leakage vulnerability. An attacker can exploit this vulnerability by sending specific request packets to affected devices. Successful exploit may lead to information leakage. | |||||
| CVE-2020-1857 | 1 Huawei | 6 Nip6800, Nip6800 Firmware, Secospace Usg6600 and 3 more | 2021-07-21 | 2.1 LOW | 5.5 MEDIUM |
| Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have an information leakage vulnerability. Due to improper processing of some data, a local authenticated attacker can exploit this vulnerability through a series of operations. Successful exploitation may cause information leakage. | |||||
| CVE-2020-1860 | 1 Huawei | 6 Nip6800, Nip6800 Firmware, Secospace Usg6600 and 3 more | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit may cause the access control to be bypassed, and attackers can directly access the Internet. | |||||