Filtered by vendor Huawei
Subscribe
Search
Total
578 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-37132 | 1 Huawei | 1 Harmonyos | 2022-01-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability .Successful exploitation of this vulnerability may cause that Third-party apps can obtain the complete list of Harmony apps without permission. | |||||
| CVE-2021-37118 | 1 Huawei | 1 Harmonyos | 2022-01-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| The HwNearbyMain module has a Improper Handling of Exceptional Conditions vulnerability.Successful exploitation of this vulnerability may lead to message leak. | |||||
| CVE-2021-37114 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-01-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-40007 | 1 Huawei | 2 Ecns280 Td, Ecns280 Td Firmware | 2021-12-15 | 4.0 MEDIUM | 6.5 MEDIUM |
| There is an information leak vulnerability in eCNS280_TD V100R005C10SPC650. The vulnerability is caused by improper log output management. An attacker with the ability to access the log file of device may lead to information disclosure. | |||||
| CVE-2021-22337 | 1 Huawei | 2 Emui, Magic Ui | 2021-12-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause leaking of user click data. | |||||
| CVE-2020-9146 | 1 Huawei | 2 Emui, Magic Ui | 2021-12-09 | 1.9 LOW | 5.5 MEDIUM |
| A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios. | |||||
| CVE-2020-9148 | 1 Huawei | 2 Emui, Magic Ui | 2021-12-09 | 2.1 LOW | 5.5 MEDIUM |
| An application bypass mechanism vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to delete user SMS messages. | |||||
| CVE-2021-37029 | 1 Huawei | 2 Emui, Magic Ui | 2021-12-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is an Identity verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. | |||||
| CVE-2021-22325 | 1 Huawei | 2 Emui, Magic Ui | 2021-12-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is an Information Disclosure vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may result in video streams being intercepted during transmission. | |||||
| CVE-2021-37032 | 1 Huawei | 2 Emui, Magic Ui | 2021-12-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is a Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Digital Balance to fail to work. | |||||
| CVE-2021-22316 | 1 Huawei | 2 Emui, Magic Ui | 2021-12-09 | 4.6 MEDIUM | 6.8 MEDIUM |
| There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone. Attackers with physical access to the device can thereby exploit this vulnerability. A successful exploitation of this vulnerability can compromise the device's data security and functional availability. | |||||
| CVE-2020-9149 | 1 Huawei | 2 Emui, Magic Ui | 2021-12-09 | 2.1 LOW | 5.5 MEDIUM |
| An application error verification vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to modify and delete user SMS messages. | |||||
| CVE-2021-37056 | 1 Huawei | 2 Emui, Magic Ui | 2021-12-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is an Improper permission control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information. | |||||
| CVE-2021-37039 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2021-12-09 | 3.3 LOW | 6.5 MEDIUM |
| There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS. | |||||
| CVE-2021-37082 | 1 Huawei | 1 Harmonyos | 2021-12-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| There is a Race Condition vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to motionhub crash. | |||||
| CVE-2021-37085 | 1 Huawei | 1 Harmonyos | 2021-12-09 | 7.1 HIGH | 5.9 MEDIUM |
| There is a Encoding timing vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to denial of service. | |||||
| CVE-2021-37055 | 1 Huawei | 2 Emui, Magic Ui | 2021-12-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is a Logic bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to obtain certain device information. | |||||
| CVE-2021-39995 | 1 Huawei | 4 Ecns280 Td, Ecns280 Td Firmware, Ese620x Vess and 1 more | 2021-11-30 | 6.8 MEDIUM | 6.5 MEDIUM |
| Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could lead to a denial of service. Affected product versions include: eCNS280_TD V100R005C10; eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. | |||||
| CVE-2021-22356 | 1 Huawei | 12 Ips Module, Ips Module Firmware, Ngfw Module and 9 more | 2021-11-29 | 4.3 MEDIUM | 5.9 MEDIUM |
| There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is used in a module. Attackers can exploit this vulnerability by capturing and analyzing the messages between devices to obtain information. This can lead to information leak.Affected product versions include: IPS Module V500R005C00SPC100, V500R005C00SPC200; NGFW Module V500R005C00SPC100, V500R005C00SPC200; Secospace USG6300 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; Secospace USG6600 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200; USG9500 V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200. | |||||
| CVE-2021-37013 | 1 Huawei | 1 Harmonyos | 2021-11-29 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the availability of users is affected. | |||||
| CVE-2021-22410 | 1 Huawei | 2 Imaster Nce-fabric, Imaster Nce-fabric Firmware | 2021-11-24 | 3.5 LOW | 5.4 MEDIUM |
| There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client. | |||||
| CVE-2021-37036 | 1 Huawei | 3 Ecns280 Td, Ecns280 Td Firmware, Fusioncompute | 2021-11-24 | 2.1 LOW | 5.5 MEDIUM |
| There is an information leakage vulnerability in FusionCompute 6.5.1, eCNS280_TD V100R005C00 and V100R005C10. Due to the improperly storage of specific information in the log file, the attacker can obtain the information when a user logs in to the device. Successful exploit may cause the information leak. | |||||
| CVE-2021-22456 | 1 Huawei | 1 Harmonyos | 2021-11-02 | 2.1 LOW | 5.5 MEDIUM |
| A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable. | |||||
| CVE-2021-22459 | 1 Huawei | 1 Harmonyos | 2021-11-02 | 2.1 LOW | 5.5 MEDIUM |
| A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause System functions which are unavailable. | |||||
| CVE-2021-22460 | 1 Huawei | 1 Harmonyos | 2021-11-02 | 2.1 LOW | 5.5 MEDIUM |
| A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to bypass the control mechanism. | |||||
| CVE-2021-22455 | 1 Huawei | 1 Harmonyos | 2021-11-02 | 2.1 LOW | 5.5 MEDIUM |
| A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause the memory which is not released. | |||||
| CVE-2021-22475 | 1 Huawei | 2 Emui, Magic Ui | 2021-11-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is an Improper permission management vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-22482 | 1 Huawei | 2 Emui, Magic Ui | 2021-11-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is an Uninitialized variable vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of invalid data. | |||||
| CVE-2021-22490 | 1 Huawei | 2 Emui, Magic Ui | 2021-11-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is a Permission verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect the device performance. | |||||
| CVE-2021-36987 | 1 Huawei | 2 Emui, Magic Ui | 2021-11-01 | 7.1 HIGH | 5.9 MEDIUM |
| There is a issue that nodes in the linked list being freed for multiple times in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause the system to restart. | |||||
| CVE-2021-36996 | 1 Huawei | 2 Emui, Magic Ui | 2021-11-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause transmission of certain virtual information. | |||||
| CVE-2021-36997 | 1 Huawei | 2 Emui, Magic Ui | 2021-11-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is a Low memory error in Huawei Smartphone due to the unlimited size of images to be parsed.Successful exploitation of this vulnerability may cause the Gallery or Files app to exit unexpectedly. | |||||
| CVE-2021-36998 | 1 Huawei | 2 Emui, Magic Ui | 2021-11-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to read an array that is out of bounds. | |||||
| CVE-2021-22461 | 1 Huawei | 1 Harmonyos | 2021-11-01 | 2.1 LOW | 5.5 MEDIUM |
| A component of the HarmonyOS has a Allocation of Resources Without Limits or Throttling vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash. | |||||
| CVE-2021-22407 | 1 Huawei | 2 Emui, Magic Ui | 2021-11-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-22462 | 1 Huawei | 1 Harmonyos | 2021-11-01 | 2.1 LOW | 5.5 MEDIUM |
| A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause kernel crash. | |||||
| CVE-2021-22467 | 1 Huawei | 1 Harmonyos | 2021-11-01 | 2.1 LOW | 5.5 MEDIUM |
| A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address. | |||||
| CVE-2021-22463 | 1 Huawei | 1 Harmonyos | 2021-11-01 | 2.1 LOW | 5.5 MEDIUM |
| A component of the HarmonyOS has a Use After Free vulnerability . Local attackers may exploit this vulnerability to cause Kernel Information disclosure. | |||||
| CVE-2021-22471 | 1 Huawei | 1 Harmonyos | 2021-11-01 | 2.1 LOW | 5.5 MEDIUM |
| A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash. | |||||
| CVE-2021-22466 | 1 Huawei | 1 Harmonyos | 2021-11-01 | 2.1 LOW | 5.5 MEDIUM |
| A component of the HarmonyOS has a Use After Free vulnerability. Local attackers may exploit this vulnerability to cause kernel crash. | |||||
| CVE-2021-22450 | 1 Huawei | 1 Harmonyos | 2021-11-01 | 4.9 MEDIUM | 5.5 MEDIUM |
| A component of the HarmonyOS has a Incomplete Cleanup vulnerability. Local attackers may exploit this vulnerability to cause memory exhaustion. | |||||
| CVE-2021-22452 | 1 Huawei | 1 Harmonyos | 2021-10-29 | 2.1 LOW | 5.5 MEDIUM |
| A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address. | |||||
| CVE-2021-37131 | 1 Huawei | 3 Imanager Neteco, Imanager Neteco 6000, Manageone | 2021-10-29 | 6.0 MEDIUM | 6.8 MEDIUM |
| There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device. | |||||
| CVE-2021-22404 | 1 Huawei | 2 Emui, Magic Ui | 2021-10-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is a Directory traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-37124 | 1 Huawei | 2 Pc Smart Full Scene, Pcmanager | 2021-10-28 | 3.3 LOW | 6.5 MEDIUM |
| There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain path.Affected product versions include:PC Smart Full Scene 11.1 versions PCManager 11.1.1.97. | |||||
| CVE-2021-37122 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more | 2021-10-28 | 3.3 LOW | 6.5 MEDIUM |
| There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 6800 V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800;CloudEngine 7800 V200R005C10SPC800,V200R019C00SPC800. | |||||
| CVE-2016-8769 | 1 Huawei | 1 Utps Firmware | 2021-08-27 | 7.2 HIGH | 6.7 MEDIUM |
| Huawei UTPS earlier than UTPS-V200R003B015D16SPC00C983 has an unquoted service path vulnerability which can lead to the truncation of UTPS service query paths. An attacker may put an executable file in the search path of the affected service and obtain elevated privileges after the executable file is executed. | |||||
| CVE-2021-37028 | 1 Huawei | 2 Hg8045q, Hg8045q Firmware | 2021-08-25 | 6.9 MEDIUM | 6.7 MEDIUM |
| There is a command injection vulnerability in the HG8045Q product. When the command-line interface is enabled, which is disabled by default, attackers with administrator privilege could execute part of commands. | |||||
| CVE-2021-22295 | 1 Huawei | 1 Harmonyos | 2021-08-13 | 2.1 LOW | 5.5 MEDIUM |
| A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler. | |||||
| CVE-2021-22400 | 1 Huawei | 2 Oxfords-an00a, Oxfords-an00a Firmware | 2021-08-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| Some Huawei Smartphones has an insufficient input validation vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The app can modify specific parameters, causing the system to crash. Affected product include:OxfordS-AN00A 10.0.1.10(C00E10R1P1),10.0.1.105(C00E103R3P3),10.0.1.115(C00E110R3P3),10.0.1.123(C00E121R3P3),10.0.1.135(C00E130R3P3),10.0.1.135(C00E130R4P1),10.0.1.152(C00E140R4P1),10.0.1.160(C00E160R4P1),10.0.1.167(C00E166R4P1),10.0.1.173(C00E172R5P1),10.0.1.178(C00E175R5P1) and 10.1.0.202(C00E79R5P1). | |||||