Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

104 matches found

Prion
Prionadded 2018/02/15 4:29 p.m.17 views

Buffer overflow

The Common Open Policy Service Protocol COPS module in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, NIP6300 V500R001C00, V500R001C20,...

5CVSS5.5AI score0.00162EPSS
Exploits0References1Affected Software19
Prion
Prionadded 2018/02/15 4:29 p.m.16 views

Input validation

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE,...

5CVSS7.3AI score0.00182EPSS
Exploits0References1Affected Software8
Prion
Prionadded 2018/02/15 4:29 p.m.13 views

Input validation

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE,...

5CVSS7.3AI score0.00182EPSS
Exploits0References1Affected Software8
Prion
Prionadded 2018/02/15 4:29 p.m.12 views

Buffer overflow

The SIP backup feature in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20,...

5CVSS5.4AI score0.0019EPSS
Exploits0References1Affected Software26
Prion
Prionadded 2018/02/15 4:29 p.m.24 views

Memory corruption

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20,...

5CVSS5.3AI score0.00229EPSS
Exploits0References1Affected Software43
Prion
Prionadded 2018/02/15 4:29 p.m.15 views

Design/Logic Flaw

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE,...

4.3CVSS6.2AI score0.00182EPSS
Exploits0References1Affected Software8
Prion
Prionadded 2018/02/15 4:29 p.m.17 views

Buffer overflow

The SIP backup feature in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20,...

5CVSS5.4AI score0.0019EPSS
Exploits0References1Affected Software26
CVE
CVEadded 2018/02/15 4:0 p.m.48 views

CVE-2017-17157

Huawei IKEv2 protocol implementation in multiple product lines (IPS/NGFW/NIP/USG/Secospace) contains a memory out-of-bounds access vulnerability due to insufficient input validation (CVE-2017-17157). The issue arises when processing IKEv2 messages, potentially leading to system exceptions. Affect...

7.5CVSS7.3AI score0.00182EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2018/02/15 4:0 p.m.48 views

CVE-2017-17155

The CVE-2017-17155 entry concerns an out-of-bounds memory access in IKEv2 implementations across Huawei devices (IPS Module, NGFW, NIP6300/6600, Secospace USG/USG6500/USG6600, etc.). The root cause is improper handling of a 4-byte alignment on MIPS architectures, allowing an attacker to access me...

7.5CVSS7.3AI score0.00182EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2018/02/15 4:0 p.m.17 views

CVE-2017-17152

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE,...

6.5AI score0.00182EPSS
Exploits0References1
CVE
CVEadded 2018/02/15 4:0 p.m.49 views

CVE-2017-15332

CVE-2017-15332 corresponds to a memory-leak vulnerability in the H323 protocol across multiple Huawei products (e.g., AR, ARS, SRG, NetEngine, Secospace USG, etc.). The issue arises from insufficient verification/checks of H323 packets, allowing an unauthenticated, remote attacker to send crafted...

5.3CVSS5.3AI score0.00336EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2018/02/15 4:0 p.m.14 views

CVE-2017-17155

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE,...

7.4AI score0.00182EPSS
Exploits0References1
CVE
CVEadded 2018/02/15 4:0 p.m.53 views

CVE-2017-17299

CVE-2017-17299 affects multiple Huawei router-like devices (e.g., AR120-S/AR1200/AR150/AR160/AR200/AR2200/AR3200/AR3600/AR510, IPS/NIP/NetEngine16EX, and related models) where an unauthenticated, remote attacker can establish via crafted IKEv2 messages due to insufficient input validation. The un...

7.5CVSS7.4AI score0.00147EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2018/02/15 4:0 p.m.46 views

CVE-2017-17152

CVE-2017-17152 affects Huawei IPS/NIP/NGFW/SecOS products (multiple V500R001Cxx variants) with an out-of-bounds write in the IKEv2 protocol implementation caused by insufficient input validation. The issue can trigger memory corruption and may lead to system exceptions. Huawei’s security advisory...

5.9CVSS6.1AI score0.00182EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2018/02/15 4:0 p.m.16 views

CVE-2017-17157

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE,...

7.4AI score0.00182EPSS
Exploits0References1
Cvelist
Cvelistadded 2018/02/15 4:0 p.m.18 views

CVE-2017-17156

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE,...

7.4AI score0.00182EPSS
Exploits0References1
CVE
CVEadded 2018/02/15 4:0 p.m.46 views

CVE-2017-17156

CVE-2017-17156 affects Huawei IPS/NGFW/NIP6300/6600 and Secospace USG platforms. The vulnerability is an out-of-bounds memory access in the IKEv2 protocol implementation caused by insufficient input validation, which could be exploited by crafted packets to trigger memory access errors and system...

7.5CVSS7.3AI score0.00182EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2018/02/15 4:0 p.m.45 views

CVE-2017-17295

CVE-2017-17295 describes buffer overflow vulnerabilities in numerous Huawei products caused by insufficient validation of SIP package values. An unauthenticated, remote attacker may send crafted SIP packages to affected devices (e.g., AR120-S, AR1200, AR150/AR200 families and others listed) to tr...

5.3CVSS5.6AI score0.00162EPSS
Exploits0References1Affected Software1
CNVD
CNVDadded 2017/12/08 12:0 a.m.2 views

PEM module heap overflow vulnerability in multiple Huawei products

Huawei DP300, IPS Module, and NGFW Module are all products of Huawei China. A heap overflow vulnerability exists in the PEM module of multiple Huawei products, which can be exploited by an authenticated local attacker to launch a denial-of-service attack by constructing a malicious certificate th...

5.5CVSS6.8AI score0.00016EPSS
Exploits0References1
CNVD
CNVDadded 2017/12/07 12:0 a.m.1 views

IKEv2 protocol memory out-of-bounds access vulnerability in multiple Huawei products (CNVD-2017-38287)

Huawei IPS Module, NGFW Module, NIP6300/6600 series products and Secospace USG series are the new generation of professional intrusion prevention and firewall products launched by Huawei for enterprise, IDC, campus network and carrier customers. A memory out-of-bounds access vulnerability exists ...

7.5CVSS6.8AI score0.00182EPSS
Exploits0References1
Rows per page
Query Builder