45 matches found
CVE-2021-22361
There is an improper authorization vulnerability in eCNS280 V100R005C00, V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200. A file access is not authorized correctly. Attacker with low access may launch privilege escalation in a specific scenario. This may compromise the normal...
EUVD-2021-26355
Malware in sbrugna...
EUVD-2021-9511
Malicious code in bioql PyPI...
EUVD-2021-9507
Malicious code in bioql PyPI...
EUVD-2021-9529
Malicious code in bioql PyPI...
EUVD-2021-9512
Malicious code in bioql PyPI...
CVE-2021-22366
There is an out-of-bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a function that handles an internal message contains an out-of-bounds read vulnerability. An attacker could crafted messages between system process,...
CVE-2021-39999
There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition...
CVE-2021-22383
There is an out-of-bounds read vulnerability in eCNS280TD V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a message-handling function that contains an out-of-bounds read vulnerability. An attacker can exploit this vulnerability by...
CVE-2021-22365
There is an out of bounds read vulnerability in eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. A local attacker can exploit this vulnerability by sending specific message to the target device. Due to insufficient validation of internal message, successful exploit may cause...
CVE-2021-39999
There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition...
CVE-2021-39999
There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition...
Buffer overflow
There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition...
CVE-2021-39999
There is a buffer overflow in Huawei eSE620X vESS (V100R001C10SPC200 and V100R001C20SPC200) caused by insufficient packet validation, allowing a remote attacker to trigger a denial-of-service by sending a crafted message. Connected advisories confirm Huawei has released software updates to fix th...
CVE-2021-39999
There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition...
Huawei ESE620X vESS 缓冲区错误漏洞
Huawei ESE620X vESS is a virtual enterprise service controller from Huawei, China. It provides voice, video, trunking communications and industry-related services. A buffer error vulnerability exists in the Huawei eSE620X vESS, which arises from the product not adequately validating packet conten...
CVE-2021-39995
Some Huawei products use the OpenHpi software for hardware management. A function that parses data returned by OpenHpi contains an out-of-bounds read vulnerability that could lead to a denial of service. Affected product versions include: eCNS280TD V100R005C10; eSE620X vESS V100R001C10SPC200,...
CVE-2021-39995
The CVE-2021-39995 issue affects Huawei devices using OpenHpi for hardware management. A parsing function on data returned by OpenHpi has an out-of-bounds read that can lead to a denial of service. Affected products and versions include: eCNS280_TD V100R005C10; eSE620X vESS V100R001C10SPC200, V10...
CVE-2021-22396
There is a privilege escalation vulnerability in some Huawei products. Due to improper privilege management, a local attacker with common privilege may access some specific files in the affected products. Successful exploit will cause privilege escalation.Affected product versions include:eCNS280...
CVE-2021-22396
Affecting Huawei products (eCNS280_TD V100R005C00/C10; eSE620X vESS V100R001C10SPC200/V100R001C20SPC200), CVE-2021-22396 is a local privilege-escalation vulnerability caused by improper privilege management. A local attacker with basic privileges can access certain files, enabling privilege escal...