Filtered by vendor Huawei
Subscriptions
Total
2198 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-15311 | 1 Huawei | 8 Mate 10, Mate 10 Firmware, Mate 10 Pro and 5 more | 2025-04-20 | N/A |
| The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B 8.0.0.334(C00), and before LON-AL00B 8.0.0.334(C00) have a stack overflow vulnerability due to the lack of parameter validation. An attacker could send malicious packets to the smart phones within radio range by special wireless device, which leads stack overflow when the baseband module handles these packets. The attacker could exploit this vulnerability to perform a denial of service attack or remote code execution in baseband module. | ||||
| CVE-2015-7842 | 1 Huawei | 20 Ch121 V3, Ch121 V3 Firmware, Ch220 V3 and 17 more | 2025-04-20 | N/A |
| Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC701, RH1288A V2 with software before V100R002C00SPC502, RH8100 V3 with software before V100R003C00SPC110, CH222 V3 with software before V100R001C00SPC161, CH220 V3 with software before V100R001C00SPC161, and CH121 V3 with software before V100R001C00SPC161 allow remote authenticated operators to change server information by leveraging failure to verify user permissions. | ||||
| CVE-2017-2701 | 1 Huawei | 2 Mate 9, Mate 9 Firmware | 2025-04-20 | N/A |
| Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application. Since the system does not verify the broadcasting message from the application, it could be exploited to cause some functions of system unavailable. | ||||
| CVE-2017-15318 | 1 Huawei | 10 Rp200, Rp200 Firmware, Te30 and 7 more | 2025-04-20 | N/A |
| RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote attacker could exploit these vulnerabilities by sending specially crafted SS7 related packets to the target devices. Successful exploit will cause out-of-bounds read and possibly crash the system. | ||||
| CVE-2017-15320 | 1 Huawei | 10 Rp200, Rp200 Firmware, Te30 and 7 more | 2025-04-20 | N/A |
| RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an out-of-bounds read vulnerabilities in some Huawei products. Due to insufficient input validation, a remote attacker could exploit these vulnerabilities by sending specially crafted SS7 related packets to the target devices. Successful exploit will cause out-of-bounds read and possibly crash the system. | ||||
| CVE-2017-15321 | 1 Huawei | 1 Fusionsphere Openstack | 2025-04-20 | N/A |
| Huawei FusionSphere OpenStack V100R006C000SPC102 (NFV) has an information leak vulnerability due to the use of a low version transmission protocol by default. An attacker could intercept packets transferred by a target device. Successful exploit could cause an information leak. | ||||
| CVE-2017-8171 | 1 Huawei | 2 P10 Plus, P10 Plus Firmware | 2025-04-20 | N/A |
| Huawei smart phones with software earlier than Vicky-AL00AC00B172D versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Talkback mode and can perform some operations to bypass the Google account verification. As a result, the FRP function is bypassed. | ||||
| CVE-2017-2724 | 1 Huawei | 4 P10, P10 Firmware, P10 Plus and 1 more | 2025-04-20 | N/A |
| Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the next system reboot, causing continuous system reboot or arbitrary code execution. | ||||
| CVE-2022-46312 | 1 Huawei | 2 Emui, Harmonyos | 2025-04-17 | 7.5 High |
| The application management module has a vulnerability in permission verification. Successful exploitation of this vulnerability causes unexpected clear of device applications. | ||||
| CVE-2022-46311 | 1 Huawei | 1 Harmonyos | 2025-04-17 | 7.5 High |
| The contacts component has a free (undefined) provider vulnerability. Successful exploitation of this vulnerability may affect data integrity. | ||||
| CVE-2022-46328 | 1 Huawei | 2 Emui, Harmonyos | 2025-04-17 | 7.5 High |
| Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | ||||
| CVE-2022-46327 | 1 Huawei | 2 Emui, Harmonyos | 2025-04-17 | 9.8 Critical |
| Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause privilege escalation, which results in system service exceptions. | ||||
| CVE-2022-46316 | 1 Huawei | 1 Harmonyos | 2025-04-17 | 9.8 Critical |
| A thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability. | ||||
| CVE-2022-46315 | 1 Huawei | 1 Harmonyos | 2025-04-17 | 7.5 High |
| The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. | ||||
| CVE-2022-46314 | 1 Huawei | 1 Harmonyos | 2025-04-17 | 7.5 High |
| The IPC module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. | ||||
| CVE-2022-46313 | 1 Huawei | 1 Harmonyos | 2025-04-17 | 5.3 Medium |
| The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone. | ||||
| CVE-2022-46310 | 1 Huawei | 1 Harmonyos | 2025-04-17 | 7.5 High |
| The TelephonyProvider module has a vulnerability in obtaining values.Successful exploitation of this vulnerability may affect data confidentiality. | ||||
| CVE-2021-46856 | 1 Huawei | 2 Emui, Harmonyos | 2025-04-17 | 7.5 High |
| The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | ||||
| CVE-2022-46326 | 1 Huawei | 2 Emui, Harmonyos | 2025-04-16 | 9.8 Critical |
| Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions. | ||||
| CVE-2022-46325 | 1 Huawei | 2 Emui, Harmonyos | 2025-04-16 | 9.8 Critical |
| Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions. | ||||