Filtered by vendor Huawei
Subscribe
Total
1604 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22449 | 1 Huawei | 1 Elf-g10hn | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a logic vulnerability in Elf-G10HN 1.0.0.608. An unauthenticated attacker could perform specific operations to exploit this vulnerability. Due to insufficient security design, successful exploit could allow an attacker to add users to be friends without prompting in the target device. | |||||
| CVE-2021-37091 | 1 Huawei | 1 Harmonyos | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected. | |||||
| CVE-2021-39994 | 1 Huawei | 1 Emui | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| There is an arbitrary address access vulnerability with the product line test code.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability. | |||||
| CVE-2021-37109 | 1 Huawei | 1 Emui | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| There is a security protection bypass vulnerability with the modem.Successful exploitation of this vulnerability may cause memory protection failure. | |||||
| CVE-2021-22309 | 1 Huawei | 8 Usg9500, Usg9500 Firmware, Usg9520 and 5 more | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Affected product versions include:USG9500 versions V500R001C30SPC200, V500R001C60SPC500,V500R005C00SPC200;USG9520 versions V500R005C00;USG9560 versions V500R005C00;USG9580 versions V500R005C00. | |||||
| CVE-2020-9213 | 1 Huawei | 16 Ngfw Module, Ngfw Module Firmware, Nip6300 and 13 more | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft many specific packets. Successful exploit may cause some services to be abnormal. Affected products include some versions of NGFW Module, NIP6300, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500, Secospace USG6600 and SG9500. | |||||
| CVE-2021-36986 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions. | |||||
| CVE-2021-39986 | 1 Huawei | 1 Emui | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-22453 | 1 Huawei | 1 Harmonyos | 2022-07-12 | 2.1 LOW | 3.3 LOW |
| A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash. | |||||
| CVE-2021-22446 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 7.8 HIGH | 7.5 HIGH |
| There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset. | |||||
| CVE-2021-22409 | 1 Huawei | 1 Manageone | 2022-07-12 | 3.5 LOW | 5.3 MEDIUM |
| There is a denial of service vulnerability in some versions of ManageOne. There is a logic error in the implementation of a function of a module. When the service pressure is heavy, there is a low probability that an exception may occur. Successful exploit may cause some services abnormal. | |||||
| CVE-2021-22324 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Credentials Management Errors vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality. | |||||
| CVE-2021-40046 | 1 Huawei | 1 Pcmanager | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| PCManager versions 11.1.1.95 has a privilege escalation vulnerability. Successful exploit could allow the attacker to access certain resource beyond its privilege. | |||||
| CVE-2021-22314 | 1 Huawei | 1 Manageone | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| There is a local privilege escalation vulnerability in some versions of ManageOne. A local authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service. | |||||
| CVE-2021-39972 | 1 Huawei | 1 Harmonyos | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality. | |||||
| CVE-2021-46742 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 6.4 MEDIUM | 9.1 CRITICAL |
| The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability. | |||||
| CVE-2021-39991 | 1 Huawei | 1 Emui | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-40044 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 5.8 MEDIUM | 8.8 HIGH |
| There is a permission verification vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may cause unauthorized operations. | |||||
| CVE-2021-37038 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-22292 | 1 Huawei | 2 Ecns280, Ecns280 Firmware | 2022-07-12 | 7.8 HIGH | 7.5 HIGH |
| There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS. | |||||