Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A bind authentication bypass vulnerability exists in Huawei HarmonyOS devicemanager, which can be exploited by an attacker to compromise confidentiality...

PT-2025-32029 · Unknown · Devicemanager Module

Name of the Vulnerable Software and Affected Versions: devicemanager module affected versions not specified Description: A binding authentication bypass issue exists in the devicemanager module. Successful exploitation of this issue may affect service confidentiality. Recommendations: At the...

The vulnerability of the DeviceManager component in the Visteon Infotainment automotive application platform allows a hacker to execute arbitrary SQL code within the root context.

The vulnerability of the DeviceManager component in the Visteon Infotainment automotive application platform relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL code within the root context...

CVE-2024-8355

Visteon Infotainment System DeviceManager iAP Serial Number SQL Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment system. Authentication is not required to exploit this vulnerability. The...

CVE-2024-8355

The CVE-2024-8355 entry covers a SQL injection in Visteon Infotainment System DeviceManager’s iAP Serial Number handling. The flaw occurs when parsing the iAP Serial number, where an attacker can inject SQL via an unsafely constructed query string, allowing code execution with root privileges on ...

CVE-2024-8355 Visteon Infotainment System DeviceManager iAP Serial Number SQL Injection Vulnerability

Visteon Infotainment System DeviceManager iAP Serial Number SQL Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment system. Authentication is not required to exploit this vulnerability. The...

(0Day) Visteon Infotainment System DeviceManager iAP Serial Number SQL Injection Vulnerability

This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Visteon Infotainment system. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DeviceManager. When parsing the iAP Serial number, the proce...

Huawei OceanStor UDS DeviceManager Information Disclosure Vulnerability

Huawei OceanStor UDS is a high-density storage node and distributed storage system based on ARM architecture from Huawei, China.DeviceManager is one of the device management tools. A security vulnerability exists in DeviceManager in Huawei OceanStor UDS V100R002C01SPC101 and earlier versions. A...

Design/Logic Flaw

The DeviceManager in Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to obtain sensitive information via a crafted UDS patch with JavaScript...

CVE-2015-2251

The DeviceManager in Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to obtain sensitive information via a crafted UDS patch with JavaScript...

CVE-2015-2251

The CVE describes an information-disclosure vulnerability in Huawei OceanStor UDS DeviceManager. A remote attacker could obtain sensitive data by injecting JavaScript into a patch loaded by DeviceManager. Affected software: Huawei OceanStor UDS devices with DeviceManager before V100R002C01SPC102....

CVE-2015-2251

The DeviceManager in Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to obtain sensitive information via a crafted UDS patch with JavaScript...

Security Advisory - Multiple Injection Vulnerabilities in UDS

The OceanStor UDS has some vulnerability: Attacker injects JavaScript into patch. After the patch is loaded through the OceanStor DeviceManager, the returned content contains the injected script. After the script is parsed and executed on the OceanStor DeviceManager, information leak occurs...

Design/Logic Flaw

Unspecified vulnerability in Hitachi JP1/HiCommand DeviceManager, Global Link Availability Manager, Replication Monitor, Tiered Storage Manager, and Tuning Manager allows local users to obtain authentication information via unspecified vectors...

CVE-2007-1853

Unspecified vulnerability in Hitachi JP1/HiCommand DeviceManager, Global Link Availability Manager, Replication Monitor, Tiered Storage Manager, and Tuning Manager allows local users to obtain authentication information via unspecified vectors...

CVE-2007-1853

Unspecified vulnerability in Hitachi JP1/HiCommand DeviceManager, Global Link Availability Manager, Replication Monitor, Tiered Storage Manager, and Tuning Manager allows local users to obtain authentication information via unspecified vectors...

CVE-2007-1853

Technical details about CVE-2007-1853 are not publicly provided in the supplied documents; no affected products, root cause, vectors, or fixes are stated. Monitor for updates.