Dp300,te60,tp3106,espace U1981 Security Vulnerabilities
An unspecified module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V200R003C00SPC300 does not properly initialize memory when processing timeout messages, which allows remote attackers to cause a denial of service (out-of-bounds memory access.....
7.2AI Score
0.003EPSS
The exception handling mechanism in the CLI Module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V100R001C20SPH605 allows remote attackers to cause a denial of service (CLI outage) via crafted SSH...
7.2AI Score
0.003EPSS
An unspecified module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V200R003C00SPC300 does not properly initialize memory when processing timeout messages, which allows remote attackers to cause a denial of service (out-of-bounds memory access.....
6.7AI Score
0.003EPSS
The exception handling mechanism in the CLI Module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V100R001C20SPH605 allows remote attackers to cause a denial of service (CLI outage) via crafted SSH...
6.6AI Score
0.003EPSS
Vulnerable URL: http://www.rts.ch/audio/audio/espace-2/programmes/entre-les-lignes/7225854-florian-eglin-holocauste-18-11-2015.html?x">x=1 Details: Description| Value ---|--- Patched:| Yes, at 12.04.2016 Latest check for patch:| 12.04.2016 02:05 GMT Vulnerability type:| XSS Vulnerability status:...
6.3AI Score
Security Advisory - DoS Vulnerability in Huawei U2990 and U2980
Huawei U2990 and U2980 have a DoS vulnerability caused by no error correction mechanism when handling specific signaling packets. An attacker can send malformed packets to cause a denial of service condition in some services of the U2990 and U2980. (Vulnerability ID: HWPSIRT-2015-09025) This...
0.6AI Score
0.002EPSS
Security Advisory - DoS Vulnerability in Huawei eSpace 8950 IP Phone
When Huawei eSpace 8950 IP phone receive some type of malicious ARP packets, memory leak may occur on the network interface card. When the memory is overloaded by such packets, the IP phone restarts (Vulnerability ID: HWPSIRT-2015-08041). This vulnerability has been assigned Common Vulnerabilities....
7.5CVSS
7.2AI Score
0.002EPSS
Security Advisory - DoS Vulnerability in Huawei U2990 and U2980
Huawei U2990 and U2980 have a DoS vulnerability caused by no error correction mechanism when handling specific signaling packets. An attacker can send malformed packets to cause a denial of service condition in some services of the U2990 and U2980. (Vulnerability ID: HWPSIRT-2015-09025) This...
7.4AI Score
0.002EPSS
espace-recettes.fr XSS vulnerability
Vulnerable URL: http://www.espace-recettes.fr/user/password/">'>-->); Details: Description| Value ---|--- Patched:| Yes, at 30.01.2016 Latest check for patch:| 30.01.2016 23:39 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 36616 Google Pagerank| 2 VIP w...
6.3AI Score
Vulnerable URL: http://www.eternam.fr/index.phtml?srub=24&lng;=FR&actionespaceclient;=1&ClientActionLogin;=chargement&BackToUrl;=votre-espace-membre-_l_FR_r_25.html&CLIKEO;_EMAIL=%22%3E%3Cscript%3Ealert%28%27XSSPOSED%27%29%3C%2Fscript%3E&CLIKEO;_MDP=%22%3E%3Cscript%3Ealert&TentaviveLoginClient;= .....
6.3AI Score
Medium Alert ID: 41908 First Published: 2015 November 3 20:21 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID19129) may contain the following...
0.4AI Score
Vulnerable URL: https://www.net-iris.fr/espace-client/identification.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 30533 Google Pagerank| 6 VIP website status:| Yes Check...
6.3AI Score
espace-aubade.fr XSS vulnerability
Vulnerable URL: https://www.espace-aubade.fr/recherche?recherche=%22%3E%3Csvg/onload=alert%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 19:52 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...
6.3AI Score
espace-recettes.fr XSS vulnerability
Vulnerable URL: http://www.espace-recettes.fr/search/tmrc_solr_recipe/%22%3E%3Csvg/onload=alert%28/XSSPOSED/%29%3E?filters=type%3Arecipes Details: Description| Value ---|--- Patched:| Yes, at 30.01.2016 Latest check for patch:| 30.01.2016 23:18 GMT Vulnerability type:| XSS Vulnerability status:|...
6.3AI Score
chiens-online.com XSS vulnerability
Vulnerable URL: http://www.chiens-online.com/identification-espace-membre.html#signupForm Details: Description| Value ---|--- Patched:| Yes, at 23.11.2017 Latest check for patch:| 23.11.2017 08:43 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 185849 Google...
6.3AI Score
espace-recettes.fr XSS vulnerability
Vulnerable URL: http://www.espace-recettes.fr/search/tmrc_solr_recipe/%22%3E%3Csvg/onload%3Dalert%28/XSSPOSED/%29%3E?filters=type%3Arecipes Details: Description| Value ---|--- Patched:| Yes, at 30.01.2016 Latest check for patch:| 30.01.2016 23:16 GMT Vulnerability type:| XSS Vulnerability...
6.3AI Score
espace-toner.fr XSS vulnerability
Vulnerable URL: http://www.espace-toner.fr/unsubscribe/index.php?email=%27%22%3E%3E%3C/title%3E%27%22%3ESCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28/XSSPOSED/%29%3C/SCRIPT%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability...
6.3AI Score
Security Advisory - Bar Mitzvah Attack Vulnerability in Huawei Products
A security vulnerability exists in Rivest Cipher 4 (RC4) used by TLS and SSL protocols. RC4 cannot provide sufficient data protection. After listening to an SSL or TLS connection, an attacker can obtain plaintext data by brute force cracking. This vulnerability is also called Bar Mitzvah....
5.2AI Score
0.003EPSS
Security Advisory - DoS Vulnerability in Huawei U1900 CLI Module
Huawei eSpace U1900 switch series provides professional IP voice solutions to meet communications requirements from various enterprises of different sizes. Huawei eSpace U1900 series includes eSpace U1910, U1911, U1930, U1960, U1980, and U1981. The U1900 series uses the Command Line Interface...
6.8AI Score
Security Advisory - DoS Vulnerability in Huawei U1900 Products
Huawei eSpace U1900 switch series provides professional IP voice solutions to meet communications requirements from various enterprises of different sizes. Huawei eSpace U1900 series includes eSpace U1910, U1911, U1930, U1960, U1980, and U1981. A vulnerability exists in a module of U1900 series....
6.5AI Score
Security Advisory - Stagefright Vulnerability in Multiple Huawei Android Products
The Stagefright media player engine in Android OS has multiple vulnerabilities, which can be exploited to remotely execute code in affected devices. (Vulnerability ID: HWPSIRT-2015-07056, HWPSIRT-2015-07057, HWPSIRT-2015-07058, HWPSIRT-2015-07059, HWPSIRT-2015-07060, HWPSIRT-2015-07061 and...
6.5AI Score
0.954EPSS
0.6AI Score
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...
4.8AI Score
0.003EPSS
Threat Outbreak Alert RuleID14123: Email Messages Distributing Malicious Software on March 20, 2015
Medium Alert ID: 37966 First Published: 2015 March 20 12:57 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat (RuleID14123) may contain the following...
0.2AI Score
Security Advisory - NTPd Security Vulnerability in Multiple Huawei Products
Huawei was notified about information released by NTP.org and CERT/CC regarding stack buffer overflow security vulnerabilities (CVE-2014-9295) in NTP daemon (ntpd) on December 19th, 2014. Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary.....
2.3AI Score
0.966EPSS
Security Advisory - Glibc Buffer Overflow Vulnerability
Huawei noticed that Qualys had disclosed the buffer overflow in the GNU C Library (glibc) on January 27th, 2015, Applications call various gethostbyname function are affected and attackers can exploit this vulnerability to perform remote code execution. (Vulnerability ID: HWPSIRT-2015-01045) This.....
8AI Score
0.975EPSS
The Meeting component in Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted...
6.2AI Score
0.001EPSS
The Meeting component in Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted...
6AI Score
0.001EPSS
The eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei eSpace Desktop before V200R001C03 allows local users to cause a denial of service (memory overflow) via unspecified...
6.2AI Score
0.001EPSS
The eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei eSpace Desktop before V200R001C03 allows local users to cause a denial of service (memory overflow) via unspecified...
6.1AI Score
0.001EPSS
Multiple untrusted search path vulnerabilities in Huawei eSpace Desktop before V200R003C00 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) mfc71enu.dll, (2) mfc71loc.dll, (3) tcapi.dll, or (4)...
7.3AI Score
0.001EPSS
Multiple untrusted search path vulnerabilities in Huawei eSpace Desktop before V200R003C00 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) mfc71enu.dll, (2) mfc71loc.dll, (3) tcapi.dll, or (4)...
7.4AI Score
0.001EPSS
Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted QES...
6.1AI Score
0.0004EPSS
Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted QES...
6AI Score
0.0004EPSS
Multiple untrusted search path vulnerabilities in Huawei eSpace Desktop before V200R003C00 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) mfc71enu.dll, (2) mfc71loc.dll, (3) tcapi.dll, or (4)...
7.8AI Score
0.001EPSS
The Meeting component in Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted...
6.6AI Score
0.001EPSS
The eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei eSpace Desktop before V200R001C03 allows local users to cause a denial of service (memory overflow) via unspecified...
6.6AI Score
0.001EPSS
Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted QES...
6.5AI Score
0.0004EPSS
Multiple untrusted search path vulnerabilities in Huawei eSpace Desktop before V200R003C00 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) mfc71enu.dll, (2) mfc71loc.dll, (3) tcapi.dll, or (4)...
7.3AI Score
0.001EPSS
The Meeting component in Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted...
6AI Score
0.001EPSS
The eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei eSpace Desktop before V200R001C03 allows local users to cause a denial of service (memory overflow) via unspecified...
6AI Score
0.001EPSS
Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted QES...
5.9AI Score
0.0004EPSS
Security Advisory-Multiple Vulnerabilities in Huawei eSpace Desktop Product
Huawei eSpace Desktop products have the following vulnerabilities: 1) The program does not implement comprehensive validity check on the QES file imported into the system, causing the system to exit unexpectedly. (Vulnerability ID: HWPSIRT-2014-1151) This vulnerability has been assigned Common...
1.8AI Score
0.001EPSS
Security Advisory-SSLv3 POODLE Vulnerability in Huawei Products
The SSLv3 protocol supported by some Huawei products has the so-called Padding Oracle On Downgraded Legacy Encryption (POODLE) vulnerability. The attacker can launch a man-in-the-middle attack to manipulate the TLS negotiation process so that the communication parties use SSLv3, which has...
3.4CVSS
2.4AI Score
0.975EPSS
Security Advisory-Bash Code Injection Vulnerability
This security advisory (SA) describes the impact of 6 Bash vulnerabilities discovered in third-party software (Vulnerability ID: HWPSIRT-2014-0951). 1.OS Command Injections vulnerability (CVE-2014-6271). GNU Bash through 4.3 processes trailing strings after function definitions in the values of...
9.8CVSS
4AI Score
0.976EPSS
Security Advisory-9 OpenSSL vulnerabilities on Huawei products
This security advisory (SA) describes the impact of 9 OpenSSL vulnerabilities discovered in third-party software. (Vulnerability ID: HWPSIRT-2014-0816) These vulnerabilities are referenced in this document as follows: 1.Information leak in pretty printing functions (CVE-2014-3508). A flaw in...
1AI Score
0.928EPSS
0.1AI Score
7.1AI Score
0.2AI Score
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
Description GNU Bash is prone to remote code execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Advantech EKI-1320 1.98 ...
1.5AI Score
0.976EPSS