Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

CVE
CVEadded 2018/03/09 9:0 p.m.54 views

CVE-2016-8786

CVE-2016-8786 affects multiple Huawei routing switches (e.g., S12700, S5700, S6700, S7700, S9700) across V200R005C00 to V200R008C00 revisions. The flaw is in RSVP packet handling due to insufficient input validation, enabling a remote attacker to trigger buffer overflows and cause occasional rebo...

7.8CVSS7.5AI score0.01831EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2017/11/22 7:29 p.m.1 views

CVE-2017-8136

HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability. An attacker could exploit it to download arbitrary files on a target device to cause information leak...

5.5CVSS5.9AI score0.00627EPSS
Exploits0References1
NVD
NVDadded 2017/11/22 7:29 p.m.16 views

CVE-2017-8139

HedEx Earlier than V200R006C00 versions have the stored cross-site scripting XSS vulnerability. Attackers can exploit the vulnerability to plant malicious scripts into the configuration file to interrupt the services of legitimate users...

6.1CVSS6.4AI score0.00529EPSS
Exploits0References1
NVD
NVDadded 2017/11/22 7:29 p.m.14 views

CVE-2017-8137

HedEx Earlier than V200R006C00 versions has a dynamic link library DLL hijacking vulnerability due to calling the DDL file by accessing a relative path. An attacker could exploit this vulnerability to tamper with the DLL file, leading to DLL hijacking...

9.3CVSS7.8AI score0.00726EPSS
Exploits0References1
NVD
NVDadded 2017/11/22 7:29 p.m.12 views

CVE-2017-8136

HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability. An attacker could exploit it to download arbitrary files on a target device to cause information leak...

5.5CVSS6.2AI score0.00627EPSS
Exploits0References1
OSV
OSVadded 2017/11/22 7:29 p.m.1 views

CVE-2017-8138

HedEx Earlier than V200R006C00 versions has a cross-site request forgery CSRF vulnerability. An attacker could trick a user into accessing a website containing malicious scripts which may tamper with configurations and interrupt normal services...

8.8CVSS5.7AI score0.00391EPSS
Exploits0References1
NVD
NVDadded 2017/11/22 7:29 p.m.15 views

CVE-2017-8138

HedEx Earlier than V200R006C00 versions has a cross-site request forgery CSRF vulnerability. An attacker could trick a user into accessing a website containing malicious scripts which may tamper with configurations and interrupt normal services...

8.8CVSS8.8AI score0.00391EPSS
Exploits0References1
Prion
Prionadded 2017/11/22 7:29 p.m.13 views

Arbitrary file deletion

HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability. An attacker could exploit it to download arbitrary files on a target device to cause information leak...

4.3CVSS6.1AI score0.00627EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2017/11/22 7:29 p.m.15 views

Design/Logic Flaw

HedEx Earlier than V200R006C00 versions has a dynamic link library DLL hijacking vulnerability due to calling the DDL file by accessing a relative path. An attacker could exploit this vulnerability to tamper with the DLL file, leading to DLL hijacking...

9.3CVSS7.7AI score0.00726EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2017/11/22 7:29 p.m.17 views

Cross site scripting

HedEx Earlier than V200R006C00 versions have the stored cross-site scripting XSS vulnerability. Attackers can exploit the vulnerability to plant malicious scripts into the configuration file to interrupt the services of legitimate users...

4.3CVSS6.4AI score0.00529EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2017/11/22 7:29 p.m.16 views

Cross site request forgery (csrf)

HedEx Earlier than V200R006C00 versions has a cross-site request forgery CSRF vulnerability. An attacker could trick a user into accessing a website containing malicious scripts which may tamper with configurations and interrupt normal services...

6.8CVSS8.7AI score0.00391EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2017/11/22 7:0 p.m.43 views

CVE-2017-8138

Huawei HedEx (Huawei Electronic Documentation Explorer), versions earlier than V200R006C00, suffer a cross-site request forgery (CSRF) vulnerability. An attacker can entice a logged-in user to access a malicious page, causing unauthorized configuration changes and potential service disruption. Th...

8.8CVSS8.6AI score0.00391EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2017/11/22 7:0 p.m.18 views

CVE-2017-8136

HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability. An attacker could exploit it to download arbitrary files on a target device to cause information leak...

6.2AI score0.00627EPSS
Exploits0References1
CVE
CVEadded 2017/11/22 7:0 p.m.45 views

CVE-2017-8137

Huawei HedEx (HedEx Lite) prior to V200R006C00 suffers a DLL hijacking vulnerability caused by calling a DLL via a relative path. The issue enables tampering with the DLL file and is described for HedEx products in CVE-2017-8137. Affected versions are earlier than V200R006C00; Huawei’s advisory r...

9.3CVSS7.4AI score0.00726EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2017/11/22 7:0 p.m.15 views

CVE-2017-8138

HedEx Earlier than V200R006C00 versions has a cross-site request forgery CSRF vulnerability. An attacker could trick a user into accessing a website containing malicious scripts which may tamper with configurations and interrupt normal services...

8.8AI score0.00391EPSS
Exploits0References1
CNVD
CNVDadded 2017/06/01 12:0 a.m.3 views

Huawei HedEx Lite Cross-Site Scripting Vulnerability

Huawei HedEx Lite is a document management software from Huawei China. A cross-site scripting vulnerability exists in versions prior to Huawei HedEx Lite V200R006C00. A remote attacker can exploit this vulnerability to embed malicious scripts into the device's configuration file and interfere wit...

6.1CVSS6.2AI score0.00529EPSS
Exploits0References1
CNVD
CNVDadded 2017/06/01 12:0 a.m.4 views

Huawei HedEx Lite DLL Hijacking Vulnerability

Huawei HedEx Lite is a document management software from Huawei China. A DLL hijacking vulnerability exists in Huawei HedEx Lite versions prior to V200R006C00, which originates from accessing a relative path to call a DLL file during HedEx operation. A remote attacker could exploit this...

9.3CVSS6.7AI score0.00726EPSS
Exploits0References1
NVD
NVDadded 2017/04/02 8:59 p.m.25 views

CVE-2016-8797

Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software...

7.5CVSS7.5AI score0.00874EPSS
Exploits0References1
OSV
OSVadded 2017/04/02 8:59 p.m.4 views

CVE-2016-8275

Huawei AnyOffice V200R006C00 could allow an authenticated, remote attacker to cause the software to deny services by uploading an XML bomb...

6.5CVSS5.8AI score
Exploits0References2
Prion
Prionadded 2017/04/02 8:59 p.m.18 views

Design/Logic Flaw

Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software...

5CVSS7.2AI score0.00874EPSS
Exploits0References1Affected Software9
Rows per page
Query Builder