Filtered by vendor Huawei
Subscribe
Total
1604 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-9105 | 1 Huawei | 2 Taurus-an00b, Taurus-an00b Firmware | 2020-10-26 | 4.6 MEDIUM | 6.7 MEDIUM |
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to access and modify the memory of the device by doing a series of operations. Successful exploit may cause the service abnormal. | |||||
CVE-2020-9123 | 1 Huawei | 2 P30 Pro, P30 Pro Firmware | 2020-10-26 | 6.8 MEDIUM | 7.8 HIGH |
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution. | |||||
CVE-2020-9113 | 1 Huawei | 2 Mate 20, Mate 20 Firmware | 2020-10-22 | 5.4 MEDIUM | 8.0 HIGH |
HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buffer overflow vulnerability in the Bluetooth module. Due to insufficient input validation, an unauthenticated attacker may craft Bluetooth messages after successful paring, causing buffer overflow. Successful exploit may cause code execution. | |||||
CVE-2020-9263 | 1 Huawei | 4 Mate 30, Mate 30 Firmware, P30 and 1 more | 2020-10-22 | 6.8 MEDIUM | 7.8 HIGH |
HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) and HUAWEI P30 version earlier than 10.1.0.160(C00E160R2P11) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with common privilege, successful exploit could cause code execution. | |||||
CVE-2020-9238 | 1 Huawei | 2 Taurus-an00b, Taurus-an00b Firmware | 2020-10-16 | 3.3 LOW | 6.5 MEDIUM |
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buffer overflow vulnerability. A function in a module does not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected device. | |||||
CVE-2020-9122 | 1 Huawei | 14 Hirouter-cd30-10, Hirouter-cd30-10 Firmware, Hirouter-ct31-10 and 11 more | 2020-10-16 | 3.3 LOW | 6.5 MEDIUM |
Some Huawei products have an insufficient input verification vulnerability. Attackers can exploit this vulnerability in the LAN to cause service abnormal on affected devices.Affected product versions include:HiRouter-CD30-10 version 10.0.2.5;HiRouter-CT31-10 version 10.0.2.20;WS5200-12 version 10.0.1.9;WS5281-10 version 10.0.5.10;WS5800-10 version 10.0.3.25;WS7100-10 version 10.0.5.21;WS7200-10 version 10.0.5.21. | |||||
CVE-2020-9087 | 1 Huawei | 2 Taurus-al00a, Taurus-al00a Firmware | 2020-10-16 | 2.1 LOW | 5.5 MEDIUM |
Taurus-AL00A version 10.0.0.1(C00E1R1P1) has an out-of-bounds read vulnerability in XFRM module. An authenticated, local attacker may perform a specific operation to exploit this vulnerability. Due to insufficient validation of the parameters, which may be exploited to cause information leak. | |||||
CVE-2020-9091 | 1 Huawei | 2 Taurus-an00b, Taurus-an00b Firmware | 2020-10-16 | 2.1 LOW | 5.5 MEDIUM |
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an out-of-bounds read and write vulnerability. Some functions do not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected device. | |||||
CVE-2020-9230 | 1 Huawei | 2 Ws5800-10, Ws5800-10 Firmware | 2020-10-16 | 3.3 LOW | 6.5 MEDIUM |
WS5800-10 version 10.0.3.25 has a denial of service vulnerability. Due to improper verification of specific message, an attacker may exploit this vulnerability to cause specific function to become abnormal. | |||||
CVE-2020-9108 | 1 Huawei | 2 P30 Pro, P30 Pro Firmware | 2020-10-16 | 7.1 HIGH | 5.5 MEDIUM |
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot. | |||||
CVE-2020-9107 | 1 Huawei | 2 P30 Pro, P30 Pro Firmware | 2020-10-16 | 7.1 HIGH | 5.5 MEDIUM |
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the process reboot. | |||||
CVE-2020-9240 | 1 Huawei | 2 Taurus-an00b, Taurus-an00b Firmware | 2020-10-16 | 2.1 LOW | 5.5 MEDIUM |
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buffer overflow vulnerability. A function in a module does not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected device. | |||||
CVE-2020-9084 | 1 Huawei | 2 Taurus-an00b, Taurus-an00b Firmware | 2020-09-29 | 4.6 MEDIUM | 6.5 MEDIUM |
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a use-after-free (UAF) vulnerability. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service. | |||||
CVE-2020-9095 | 1 Huawei | 2 P30 Pro, P30 Pro Firmware | 2020-08-25 | 2.1 LOW | 5.5 MEDIUM |
HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause integer overflow. This can compromise normal service. | |||||
CVE-2020-9096 | 1 Huawei | 2 P30 Pro, P30 Pro Firmware | 2020-08-25 | 2.1 LOW | 5.5 MEDIUM |
HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound read vulnerability. Some functions are lack of verification when they process some messages sent from other module. Attackers can exploit this vulnerability by send malicious message to cause out-of-bound read. This can compromise normal service. | |||||
CVE-2020-9104 | 1 Huawei | 2 P30, P30 Firmware | 2020-08-25 | 3.3 LOW | 4.3 MEDIUM |
HUAWEI P30 smartphones with Versions earlier than 10.1.0.123(C431E22R2P5),Versions earlier than 10.1.0.123(C432E22R2P5),Versions earlier than 10.1.0.126(C10E7R5P1),Versions earlier than 10.1.0.126(C185E4R7P1),Versions earlier than 10.1.0.126(C461E7R3P1),Versions earlier than 10.1.0.126(C605E19R1P3),Versions earlier than 10.1.0.126(C636E7R3P4),Versions earlier than 10.1.0.128(C635E3R2P4),Versions earlier than 10.1.0.160(C00E160R2P11),Versions earlier than 10.1.0.160(C01E160R2P11) have a denial of service vulnerability. In specific scenario, due to the improper resource management and memory leak of some feature, the attacker could exploit this vulnerability to cause the device reset. | |||||
CVE-2019-5281 | 1 Huawei | 2 Y9 2019, Y9 2019 Firmware | 2020-08-24 | 2.1 LOW | 4.6 MEDIUM |
There is an information leak vulnerability in some Huawei phones, versions earlier than Jackman-L21 8.2.0.155(C185R1P2). When a local attacker uses the camera of a smartphone, the attacker can exploit this vulnerability to obtain sensitive information by performing a series of operations. | |||||
CVE-2017-8214 | 1 Huawei | 18 Honor 8, Honor 8 Firmware, Honor 9 and 15 more | 2020-08-24 | 7.2 HIGH | 6.2 MEDIUM |
Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions earlier than KNT-AL10C00B391, versions earlier than KNT-AL20C00B391, versions earlier than KNT-UL10C00B391, versions earlier than KNT-TL10C00B391, versions earlier than Stanford-AL00C00B175, versions earlier than Stanford-AL10C00B175, versions earlier than Stanford-TL00C01B175, versions earlier than Duke-AL20C00B191, versions earlier than Duke-TL30C01B191, versions earlier than Picasso-AL00C00B162, versions earlier than Picasso-TL00C01B162 , versions earlier than Barca-AL00C00B162, versions earlier than Barca-TL00C00B162, versions earlier than EVA-AL10C00B396SP03, versions earlier than EVA-CL00C92B396, versions earlier than EVA-DL00C17B396, versions earlier than EVA-TL00C01B396 , versions earlier than Vicky-AL00AC00B172, versions earlier than Toronto-AL00AC00B191, versions earlier than Toronto-TL10C01B191 have an unlock code verification bypassing vulnerability. An attacker with the root privilege of a mobile can exploit this vulnerability to bypass the unlock code verification and unlock the mobile phone bootloader. | |||||
CVE-2017-8216 | 1 Huawei | 2 P10 Lite, P10 Lite Firmware | 2020-08-24 | 7.1 HIGH | 5.5 MEDIUM |
Warsaw Huawei Smart phones with software of versions earlier than Warsaw-AL00C00B180, versions earlier than Warsaw-TL10C01B180 have a permission control vulnerability. Due to improper authorization on specific processes, an attacker with the root privilege of a mobile Android system can exploit this vulnerability to obtain some information of the user. | |||||
CVE-2018-7942 | 1 Huawei | 14 1288h V5, 1288h V5 Firmware, 2288h V5 and 11 more | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have an authentication bypass vulnerability. An unauthenticated, remote attacker may send some specially crafted messages to the affected products. Due to improper authentication design, successful exploit may cause some information leak. |