CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OpenVAS•added 2019/11/14 12:0 a.m.•19 views

Huawei Data Communication: Memory Leak Vulnerability in Some Huawei Products (huawei-sa-20191023-01-memory)

Some Huawei products have a memory leak vulnerability when handling some messages. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if descripti...

6.5CVSS6.5AI score0.00365EPSS

OpenVAS•added 2019/11/01 12:0 a.m.•22 views

Huawei Data Communication: Out-Of-Bound Read Vulnerability in Some Huawei Products (huawei-sa-20191023-01-buffer)

There is an out of bound read vulnerability in some Huawei products. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

7.5CVSS7.6AI score0.00615EPSS

Prion•added 2018/04/24 3:29 p.m.•15 views

Null pointer dereference

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20,...

5CVSS7.4AI score0.00148EPSS

Exploits0References1Affected Software45

NVD•added 2018/04/24 3:29 p.m.•17 views

CVE-2017-17257

7.5CVSS7.4AI score0.00265EPSS

CVE-2017-17253

7.5CVSS5.8AI score

5.3CVSS5.8AI score0.00154EPSS

CVE-2017-17251

7.5CVSS5.8AI score0.00147EPSS

CVE-2017-17258

CVE-2017-17254

7.5CVSS5.8AI score

Cvelist•added 2018/04/24 3:0 p.m.•16 views

CVE-2017-17258

7.5AI score0.00147EPSS

Cvelist•added 2018/04/24 3:0 p.m.•18 views

CVE-2017-17251

6.2AI score0.00154EPSS

NVD•added 2018/02/15 4:29 p.m.•17 views

CVE-2017-17291

5.5CVSS5.3AI score0.00021EPSS

Prion•added 2018/02/15 4:29 p.m.•24 views

Memory corruption

5CVSS5.3AI score0.00229EPSS

Exploits0References1Affected Software43

Prion•added 2018/02/15 4:29 p.m.•15 views

Input validation

2.1CVSS4.4AI score0.00023EPSS

Exploits0References1Affected Software26

Prion•added 2018/02/15 4:29 p.m.•14 views

Buffer overflow

Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C02, AR200...

7.1CVSS6.1AI score0.00265EPSS

Exploits0References1Affected Software17

Cvelist•added 2018/02/15 4:0 p.m.•16 views

CVE-2017-17294

4.4AI score0.00023EPSS

CVE•added 2018/02/15 4:0 p.m.•57 views

CVE-2017-17160

The CVE-2017-17160 issue is a buffer overflow in multiple Huawei enterprise routers (e.g., AR, AR1200/120-S/150/160/200-series, SRG, NetEngine16EX, etc.) caused by incomplete input range checks. An unauthenticated, remote attacker can send malicious IKE packets to the device, potentially writing ...

7.1CVSS6.1AI score0.00265EPSS

CVE•added 2018/02/15 4:0 p.m.•59 views

CVE-2017-17287

The CVE-2017-17287 issue affects a broad set of Huawei devices (AR/AR1200, AR150/AR160/AR200 families, NetEngine16EX, SRG/SRG-like series, etc.) and is tied to an out-of-bounds read triggered by insufficient input validation when processing crafted signatures. The vulnerability allows a remote, u...

5.3CVSS5.2AI score0.00162EPSS

CVE•added 2018/02/15 4:0 p.m.•53 views

CVE-2017-17299

CVE-2017-17299 affects multiple Huawei router-like devices (e.g., AR120-S/AR1200/AR150/AR160/AR200/AR2200/AR3200/AR3600/AR510, IPS/NIP/NetEngine16EX, and related models) where an unauthenticated, remote attacker can establish via crafted IKEv2 messages due to insufficient input validation. The un...

7.5CVSS7.4AI score0.00147EPSS

CVE•added 2018/02/15 4:0 p.m.•45 views

CVE-2017-17295

CVE-2017-17295 describes buffer overflow vulnerabilities in numerous Huawei products caused by insufficient validation of SIP package values. An unauthenticated, remote attacker may send crafted SIP packages to affected devices (e.g., AR120-S, AR1200, AR150/AR200 families and others listed) to tr...

5.3CVSS5.6AI score0.00162EPSS