Lucene search
+L

78 matches found

Cvelist
Cvelist
added 2017/04/02 8:0 p.m.25 views

CVE-2014-8570

Huawei S9300, S9303, S9306, S9312 with software V100R002; S7700, S7703, S7706, S7712 with software V100R003, V100R006, V200R001, V200R002, V200R003, V200R005; S9300E, S9303E, S9306E, S9312E with software V200R001; S9700, S9703, S9706, S9712 with software V200R002, V200R003, V200R005; S12708, S127...

5.2AI score0.00605EPSS
Exploits0References1
CVE
CVE
added 2017/04/02 8:0 p.m.62 views

CVE-2014-8572

CVE-2014-8572 affects Huawei VRP-based devices (e.g., AC6605, ACU, S2300/S3300/S2700/S3700, S5300/S5700/S6300/S6700, S7700/S9300/S9300E/S9700) where the SSH server processes a message without valid checksums, allowing remote attackers to send a crafted SSH packet to cause a denial of service. Con...

7.8CVSS7.4AI score0.00943EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/04/02 8:0 p.m.68 views

CVE-2014-8570

The CVE-2014-8570 entry maps to a Huawei VRP information-leak vulnerability where MPLS LSP Ping binds to unnecessary interfaces, enabling leakage of device IP addresses. Affected Huawei VRP-equipped devices include S-series and S9300/S9700 families across multiple software train versions (e.g., V...

5.3CVSS5.2AI score0.00605EPSS
Exploits0References1Affected Software1
Huawei
Huawei
added 2017/01/18 12:0 a.m.37 views

Security Advisory - EFM Flapping Vulnerability in Huawei Products

Some Huawei VRP-based products have an Ethernet in the First Mile EFM flapping vulnerability due to the lack of type-length-value TLV consistency check. An attacker may craft malformed packets and send them to a device to cause EFM flapping. Vulnerability ID: HWPSIRT-2016-09025 This vulnerability...

5.3CVSS5.2AI score0.01125EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/12/28 12:0 a.m.42 views

Security Advisory - Input Validation Vulnerability in Huawei VRP Platform

There is an input validation vulnerability in some Huawei devices using VRP. Due to the lack of input validation, an attacker may craft a malformed packet and send it to the device using VRP, causing the device to display additional memory data and possibly leading to sensitive information leakag...

4.3CVSS4.5AI score0.00827EPSS
Exploits0Affected Software4
OpenVAS
OpenVAS
added 2016/07/29 12:0 a.m.22 views

Huawei VRP Detection (SNMP)

SNMP based detection of Huawei Versatile Routing Platform VRP devices. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

7.1AI score
Exploits0References1
CNVD
CNVD
added 2016/05/26 12:0 a.m.5 views

Denial of Service Vulnerability in Multiple Huawei Products (CNVD-2016-03649)

Huawei AC6605 and others are wireless access controller products from Huawei, China. A security vulnerability exists in the SSH module of several Huawei products, which originates from the program processing a message without valid checksums for a field in the message content. An attacker could...

7.8CVSS6.7AI score0.00943EPSS
Exploits0References1
seebug.org
seebug.org
added 2016/01/26 12:0 a.m.33 views

Huawei VRP telnet 弱口令

No description provided by source...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2015/02/09 6:50 p.m.47 views

Internet Bug Bounty: Use After Free in Flash MessageChannel.send can cause arbitrary code execution

Sending messages between workers while having the animation reloaded can cause an object to be freed while a reference remains in memory. An attacker can use this issue to control eip and potentially execute arbitrary code. Identified as CVE-2015-0320, and reported to Adobe via Chrome VRP:...

10CVSS6.7AI score0.09983EPSS
Exploits0
Hacker One
Hacker One
added 2015/02/09 6:44 p.m.55 views

Internet Bug Bounty: Use after free during the StageVideoAvailabilityEvent can result in arbitrary code execution

An attacker can register the StageVideoAvailabilityEvent and have the SWF movie reloaded at the same time with LoadMovie. During this process, an object may be freed allowing the attacker to take control of the code flow. Identified as CVE-2015-0315, and reported to Adobe via Chrome VRP:...

10CVSS6.5AI score0.09619EPSS
Exploits0
Hacker One
Hacker One
added 2015/02/09 6:36 p.m.47 views

Internet Bug Bounty: Race condition in workers may cause an exploitable double free by abusing bytearray.compress()

The issue occurs while sharing a bytearray between two workers. If one worker calls bytearray.compress while the other uses that bytearray, Flash does not correctly handle the race and may double free the array. Identified as CVE-2015-0312, and reported to Adobe via Chrome VRP:...

9.3CVSS6.3AI score0.07078EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/12/17 12:0 a.m.15 views

Information Leakage Vulnerability via MPLS Ping in Huawei VRP Platform (HWPSIRT-2014-0418)

The firmware version of the remote host is affected by an information disclosure vulnerability. The MPLS LSP ping service is bound to unnecessary interfaces which may allow a remote attacker to determine IP addresses of devices. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5.5AI score
Exploits0References1
Hacker One
Hacker One
added 2014/11/24 8:10 a.m.55 views

Internet Bug Bounty: Race condition in Flash workers may cause an exploitabl​e double free

The issue occurs while sharing a bytearray between two workers. If both call bytearray.clear at the same time, Flash does not correctly handle the race and may double free the array. Indentified as CVE-2014-0574, and reported to Adobe via Chrome VRP:...

10CVSS6.2AI score0.0826EPSS
Exploits0
Huawei
Huawei
added 2014/10/10 12:0 a.m.41 views

Security Advisory-VRP SSH Denial of Service Vulnerability

The SSH of the VRP has an input verification issue. Remote attackers can send a special SSH packet to the device to cause a denial of service Vulnerability ID: HWPSIRT-2014-0701. This Vulnerability has been assigned Common Vulnerabilities and Exposures CVE ID: CVE-2014-8572...

7.8CVSS7.1AI score0.00943EPSS
Exploits0Affected Software14
Huawei
Huawei
added 2014/09/24 12:0 a.m.41 views

Security Advisory-Information Leakage Vulnerability via MPLS Ping in VRP Platform

VRP Versatile Routing Platform has been developed by Huawei to provide improved IP routing services. The VRP has been widely applied to network devices, including high-end and low-end switches and routers, wireless and transmission devices. Information leakage vulnerability exists in several...

5.3CVSS5.3AI score0.00605EPSS
Exploits0Affected Software26
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2014/03/14 12:0 a.m.64 views

Stable Channel Update for Chrome OS

The Stable channel has been updated to 33.0.1750.152 Platform version: 5116.115.4/5116.115.5 for all devices. This build contains security fixes for Pwnium. Systems will be receiving the updates over the next few days. Security Fixes and Rewards Congratulations to geohot for an epic Pwnium...

10CVSS10AI score0.04822EPSS
Exploits6Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/02/01 12:0 a.m.9 views

Huawei VRP Compliance Checks

Binary data huaweicompliancecheck.nbin...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2012/08/10 7:59 p.m.8 views

Researchers uncover security holes in China-based Huawei routers

Routers made by China-based Huawei Technologies have very few modern security protections and easy-to-find vulnerabilities, two network-security experts stated at the Defcon hacking convention. Huawei is one of the fastest-growing network and telecommunications equipment makers in the world. The...

7.2AI score
Exploits0
Rows per page
Query Builder