Lucene search
K
HuaweiMost viewed

1006 matches found

Huawei
Huawei
added 2017/12/20 12:0 a.m.27 views

Security Advisory - Improper Resource Management Vulnerability on Huawei Smartphones

There is an improper resource management vulnerability on Huawei smartphones. The software does not properly manage the resource when do device register operation. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could cause certain service...

5.5CVSS5.4AI score0.0055EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/12/13 12:0 a.m.27 views

Security Advisory - Multiple Vulnerabilities in Some Huawei Products

There is a memory leak vulnerability in some Huawei products. An authenticated, local attacker may craft a specific XML file to the affected products. Due to not free the memory to parse the XML file, successful exploit will result in memory leak of the affected products. Vulnerability ID:...

5.5CVSS4.3AI score0.00211EPSS
Exploits0Affected Software26
Huawei
Huawei
added 2017/11/20 12:0 a.m.27 views

Security Advisory - Multiple Security Vulnerabilities in Huawei iReader

Huawei iReader app has three security vulnerabilities. The app has an input validation vulnerability due to insufficient validation on the URL used for loading network data. An attacker can control app access and load malicious websites created by the attacker, and the code in webpages would be...

8.8CVSS7.1AI score0.00976EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/09/27 12:0 a.m.27 views

Security Advisory - Improper Authorization Vulnerability in Some Huawei Products

Some Huawei products have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine. An authenticated attacker could create a large number of virtual machine VM processes to exhaust system resources. Successful exploit could make new VMs...

6.5CVSS6.4AI score0.00199EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/09/08 12:0 a.m.27 views

Security Advisory - MITM Vulnerability in Huawei Themes App in Some Mobile Phones

The Themes App in some Huawei mobile phones has a man-in-the-middle MITM vulnerability due to the use of the insecure HTTP protocol for theme download. An attacker may exploit this vulnerability to tamper with downloaded themes. Vulnerability ID: HWPSIRT-2017-06263 This vulnerability has been...

5.3CVSS5.1AI score0.00379EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/08/16 12:0 a.m.27 views

Security Advisory - Lack of Signature Verification Vulnerability in Some Huawei APP

Some Huawei APP do not support signature verification for APK file. An attacker could exploit this vulnerability to hijack the APK and upload modified APK file. Successful exploit could lead to the APP is hijacking. Vulnerability ID: HWPSIRT-2017-07089 This vulnerability has been assigned a Commo...

5.3CVSS5.2AI score0.00489EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/06/28 12:0 a.m.27 views

Security Advisory - DoS Vulnerability of isub Service in Some Huawei Smartphones

Isub service has a denial of service DoS vulnerability in some Huawei smart phones due to the input parameters validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can send given parameter to specific interface, which make a...

7.1CVSS5.3AI score0.00628EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2017/05/17 12:0 a.m.27 views

Security Advisory - DoS Vulnerability in Some Huawei Products

There is a DoS Vulnerability in some Huawei products. Due to the lack of adequate input validation, the attacker can send malformed packets to the device, which causes the device memory leaks, leading to DoS attacks. Vulnerability ID: HWPSIRT-2017-02118 This vulnerability has been assigned a Comm...

7.5CVSS7.1AI score0.00935EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2017/04/05 12:0 a.m.27 views

Authentication Bypass Vulnerability in Huawei SkyTone

Huawei SkyTone products have an authentication bypass vulnerability. An unauthenticated attacker may craft specific message to the affected products' server. Due to insufficient authentication, the attacker may bypass the authentication and make some functions abnormal. Vulnerability ID:...

8.8CVSS8.9AI score0.00923EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/12/14 12:0 a.m.27 views

Security Advisory - DoS Vulnerability in Huawei Firewall

There is a denial of service DoS vulnerability in Huawei firewalls due to no memory release after the execution of a specific command. A remote attacker with specific permission can log in to a device and deliver a large number of such commands to exhaust memory, causing a DoS condition...

6.5CVSS6.5AI score0.01253EPSS
Exploits2Affected Software3
Huawei
Huawei
added 2016/07/13 12:0 a.m.27 views

Security Advisory - Input Validation Vulnerability in WiFi Driver of Huawei Smart Phone

There is an input validation vulnerability in the WiFi driver of some Huawei products. An attacker may trick a user into installing a malicious application, and the application can send given parameter to WiFi driver to crash the system or escalate user privilege. Vulnerability ID:...

7CVSS7AI score0.0025EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/07/08 12:0 a.m.27 views

Security Advisory - Two Buffer Overflow Vulnerabilities in Wi-Fi Driver of Huawei Smart Phone

Wi-Fi driver of some Huawei products have two buffer overflow vulnerabilities due to the lack of a parameters check. An attacker may trick a user into installing a malicious application, and the application can send given parameter to Wi-Fi driver to crash the system or escalate user privilege...

9.3CVSS7.9AI score0.00888EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2016/06/07 12:0 a.m.27 views

Security Advisory - Several Vulnerabilities in Huawei Honor Routers

Huawei Honor routers do not verify some parameters. As a result, sensitive information may be displayed, causing the leak of sensitive information. Vulnerability ID: HWPSIRT-2016-05053 This vulnerability has been assigned Common Vulnerabilities and Exposures CVE ID: CVE-2016-5367. Huawei Honor...

10CVSS8AI score0.02081EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2016/03/02 12:0 a.m.27 views

Security Advisory - DLL Hijacking Vulnerability on Huawei UTPS

Huawei UTPS software runs on USB modem products to manage data cards. It provides data card setting, dial-up setting, message sending and receiving, and contacts management functions. UTPS contains a DLL hijacking vulnerability. This vulnerability exists due to some DLL file is loaded by UTPS...

7.8CVSS7.8AI score0.00339EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/01/30 12:0 a.m.27 views

Security Advisory - Input Validation Vulnerability in the Video0 Driver of Huawei Smart Phones

There is an input validation vulnerability in Video0 driver of some Huawei smart phones. An attacker may trick a user into installing a malicious application and application can exploit the vulnerability to print stack memory content or crash the system when the application accesses invalid...

7.8CVSS6.2AI score0.0054EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2016/01/04 12:0 a.m.27 views

Security Advisory - Buffer Overflow Vulnerability in HIFI Driver of Huawei Smart Phone

HIFI driver of some Huawei products have a buffer overflow vulnerability due to the lack of a parameters check. An attacker may trick a user into installing a malicious application, and the application can send given parameter to HIFI driver to crash the system or escalate user privilege...

9.3CVSS8.1AI score0.01127EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2015/12/10 12:0 a.m.27 views

Security Advisory - DoS Vulnerabilities in JPU Driver of Huawei Products

There are two Denial of Service DoS vulnerabilities in Joint Photographic Experts Group Processing Unit JPU drivers of some Huawei products. An attacker who tricks a user into installing a malicious application which has the system or camera permission may input invalid parameters into the JPU...

7.1CVSS5.8AI score0.00712EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2015/11/18 12:0 a.m.27 views

Security Advisory - Information Leak Vulnerability in Huawei DSM Product

There is a information leak vulnerability in DSM Product. The DSM does not clear the clipboard after data in a secure file opened using the DSM is copied and the secure file is closed. Data in the clipboard can be copied in common documents that do not use the DSM, leading to information leaks...

4CVSS4.2AI score0.00215EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2014/09/23 12:0 a.m.27 views

Security Advisory-Screen Capture Vulnerability on Huawei Ascend P6 Mobile Phones

Apps on Huawei Ascend P6 mobile phones can capture screens without the root permission. As a result, user information can be leaked by malware on Ascend P6 mobile phones. Vulnerability ID: HWPSIRT-2014-0893. This Vulnerability has been assigned Common Vulnerabilities and Exposures CVE ID:...

4.3CVSS4.3AI score0.00458EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2021/01/27 12:0 a.m.26 views

Security Advisory - Use After Free Vulnerability in Huawei Smartphone

There is a use after free vulnerability in smartphone. A module may refer to some memory after it has been freed while dealing with some messages. Attackers can exploit this vulnerability by sending specific message to the affected module. This may lead to module crash, compromising normal servic...

3.3CVSS4AI score0.00212EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/09/09 12:0 a.m.26 views

Security Advisory - Information Leak Vulnerability in Huawei Smartphone

There is an information vulnerability in Huawei smartphones. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak. Vulnerability ID: HWPSIRT-2018-03100 This vulnerability has been...

5.5CVSS5.3AI score0.00242EPSS
Exploits0Affected Software13
Huawei
Huawei
added 2020/06/24 12:0 a.m.26 views

Security Advisory - Denial of Service Vulnerability in Several Products

There is a denial of service vulnerability in several products. The device does not properly handle certain message from base station, the attacker should craft a fake base station to launch the attack, successful exploit could cause a denial of signal service condition. Vulnerability ID:...

5.3CVSS5.2AI score0.00265EPSS
Exploits0Affected Software11
Huawei
Huawei
added 2019/10/30 12:0 a.m.26 views

Security Advisory - Information Leakage Vulnerability on Some Smart Phones

There is an information leakage vulnerability on some Huawei smart phones. An attacker tricks the user into installing a malicious application, which can copy specific files to the sdcard, resulting in information leakage. Vulnerability ID: HWPSIRT-2019-04072 This vulnerability has been assigned ...

5.5CVSS5.3AI score0.00546EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/10/17 12:0 a.m.26 views

Security Advisory - Information Leak Vulnerability in Some Huawei Smart Phones

Some Huawei phones have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vulnerability to obtain specific device information of the mobile phone. Vulnerability ID:...

2.4CVSS3.3AI score0.0023EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/07/11 12:0 a.m.26 views

Security Advisory - Use After Free Vulnerability on Smartphone

There is a use after free vulnerability on mediaserver component in smartphone. An attacker tricks the user install a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause execution of arbitrary code. Vulnerability ID:...

9.3CVSS7.7AI score0.0106EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/07/04 12:0 a.m.26 views

Security Advisory - Information Leakage Vulnerability on Huawei Smart Phone

There is an information leakage vulnerability. Because an interface does not verify authorization correctly, attackers can exploit an application with the authorization of phone state to obtain user location additionally. Vulnerability ID: HWPSIRT-2018-03117 This vulnerability has been assigned a...

3.3CVSS3.7AI score0.00214EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/06/13 12:0 a.m.26 views

Security Advisory - Privilege Escalation Vulnerability in Some Huawei Smart Phones

Some Huawei smart phones has a privilege escalation vulnerability. An authenticated, local attacker can crafts malformed packets after tricking a user to install a malicious application and exploit this vulnerability when in the exception handling process. Successful exploitation may cause the...

7.3CVSS7.2AI score0.00249EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/05/30 12:0 a.m.26 views

Security Advisory - Privilege Escalation Vulnerability in Some Huawei Servers

The iBMC Intelligent Baseboard Management Controller of some Huawei servers have a privilege escalation vulnerability. A remote attacker may send some specially crafted login messages to the affected products. Due to improper authentication design, successful exploit enables low privileged users ...

8.8CVSS8.9AI score0.01119EPSS
Exploits0Affected Software20
Huawei
Huawei
added 2018/05/02 12:0 a.m.26 views

Security Advisory - Path Traversal Vulnerability in Some Huawei Home Gateway Products

There is a path traversal vulnerability on some Huawei home gateway products. Due to the lack of validation while these home gateway products install APK plugins, an attacker tricks a user into installing a malicious APK plugin, and plugin can overwrite arbitrary file of devices. Successful explo...

7.8CVSS8AI score0.01041EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2018/03/14 12:0 a.m.26 views

Security Advisory - Memory Double Free Vulnerability on Huawei Smartphones

There is a memory double free vulnerability on Huawei smartphones. The system does not manage the memory properly, that frees on the same memory address twice. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in malicious code...

9.3CVSS7.7AI score0.01009EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/02/07 12:0 a.m.26 views

Security Advisory - Six Vulnerabilities in Some Huawei Products

There are two out-of-bounds read vulnerability in some Huawei products. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could make the device access invalid memory and might reset a process...

5.5CVSS5.2AI score0.00967EPSS
Exploits0Affected Software6
Huawei
Huawei
added 2018/02/07 12:0 a.m.26 views

Security Advisory - Out-of-Bounds Memory Access Vulnerability in the GPU Driver of Huawei Mobile Phones

There is a out-of-bounds memory access vulnerability in the GPU driver of some Huawei smart phones due to the input parameters validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can call the driver with special parameter and cause...

9.3CVSS7.8AI score0.01009EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/01/31 12:0 a.m.26 views

Security Advisory - Integer Overflow Vulnerability in Some Huawei Products

There is an integer overflow vulnerability in some Huawei products. An unauthenticated, remote attacker may send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause integer overflow and some process abnormal. Vulnerability ID:...

5.3CVSS5.4AI score0.01248EPSS
Exploits0Affected Software6
Huawei
Huawei
added 2017/12/13 12:0 a.m.26 views

Security Advisory - Resource Management Errors Vulnerability in Some Huawei Products

The Light Directory Access Protocol LDAP clients of some Huawei products have a resource management errors vulnerability. An unauthenticated, remote attacker may make the LDAP server not respond to the client's request by controlling the LDAP server. Due to improper management of LDAP connection...

7.5CVSS7.6AI score0.01279EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2017/12/06 12:0 a.m.26 views

Security Advisory - Two Vulnerabilities of License Module in Some Huawei Products

There is a uncontrolled format string vulnerability when the license module of some Huawei products output the log information. An authenticated local attacker could exploit this vulnerability to cause a denial of service. Vulnerability ID: HWPSIRT-2017-06138 This vulnerability has been assigned ...

5.5CVSS5.3AI score0.00211EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/10/25 12:0 a.m.26 views

Security Advisory - Two Buffer overflow Vulnerabilities on Huawei Smart Phone

Some Huawei smart phones have two buffer overflow vulnerabilities due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a specific parameter to the smart phone, causing the smartphone restart or arbitrary...

9.3CVSS8.3AI score0.01001EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/10/20 12:0 a.m.26 views

Security Advisory - Information Disclosure Vulnerability in the Synaptics Touchscreen Driver

An information disclosure vulnerability in the Synaptics touchscreen driver. An attacker tricks a user into installing a malicious application on the smart phone, and it could enable to access data outside of its permission levels. And cause to the sensitive information leaks. Vulnerability ID:...

4.7CVSS4.6AI score0.00742EPSS
Exploits0Affected Software9
Huawei
Huawei
added 2017/10/19 12:0 a.m.26 views

Security Advisory - App Lock Bypass Vulnerability in Huawei Mobile Phones

App Lock is a function provided by the Phone Manager app to prevent unauthorized use of apps on mobile phones. Some Huawei mobile phones have an App Lock bypass vulnerability. An attacker could perform specific operations to bypass the App Lock to use apps on a target mobile phone. Vulnerability...

7.2CVSS6.5AI score0.00298EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/08/16 12:0 a.m.26 views

Security Advisory - Integer Overflow Vulnerability in Some Huawei Products

There is an integer overflow vulnerability in some Huawei products. The attacker sends a response message to the device, which contains an illegal length field, it could produce an integer overflow and restart the modem system. Vulnerability ID: HWPSIRT-2017-06005 This vulnerability has been...

6.5CVSS6.5AI score0.00365EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/06/15 12:0 a.m.26 views

Security Advisory - Use After Free Vulnerability in TEE Module of Some Huawei Smart Phones

The Trusted Execution Environment TEE module driver of some Huawei smart phones has a use after free UAF vulnerability. An attacker tricks a user into installing a malicious application, and the application can start multiple threads and try to create and free specific memory, which could trigger...

9.3CVSS8AI score0.01067EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2017/04/26 12:0 a.m.26 views

Security Advisory - Buffer Overflow Vulnerability in Driver of Huawei Smart Phone

The camerafs driver of some Huawei products has buffer overflow vulnerability due to the lack of input validation. An attacker tricks a user into installing a malicious application which has the system privilege of the Android system and sends a specific parameter to the driver of the smart phone...

9.3CVSS7.8AI score0.00743EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/03/29 12:0 a.m.26 views

Security Advisory - Exposed System Interface Vulnerability on Huawei Smart Phones

There is a exposed system interface vulnerability on smart phones. The software provides a system interface for interaction with external applications, but calling the interface is not properly restricted. An attacker could trick the user into installing a malicious application to call the...

7.1CVSS6.8AI score0.00556EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/11/23 12:0 a.m.26 views

Security Advisory - Buffer Overflow Vulnerability in TP Driver of Huawei Smart Phone

Touch Panel TP driver of some Huawei products have one buffer overflow vulnerability due to the lack of a parameters check. An attacker can get ROOT privilege and to send given parameter to TP driver to crash the system or execute arbitrary code. Vulnerability ID: HWPSIRT-2016-05224 This...

7.2CVSS7.1AI score0.00319EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/09/05 12:0 a.m.26 views

Security Advisory - Information Leak Vulnerability in Huawei eSpace IAD

Huawei eSpace IAD products have an information leak vulnerability. Some Web pages do not verify the validity of the permission. An attacker can check and download the fault information by access special URL. Vulnerability ID: HWPSIRT-2016-08001 This vulnerability has been assigned a CVE ID:...

5.3CVSS5.1AI score0.00611EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/08/24 12:0 a.m.26 views

Security Advisory - Weak Encryption Algorithm Vulnerability in Huawei Servers

Some Huawei servers have a weak encryption algorithm vulnerability in the iBMC Intelligent Baseboard Management Controller. The software provide an option for users to select SSL encryption algorithms. If an insecure encryption algorithm is selected, an attacker may decrypt encrypted data, causin...

7.5CVSS7.5AI score0.00967EPSS
Exploits0Affected Software7
Huawei
Huawei
added 2016/08/17 12:0 a.m.26 views

Security Advisory - Brute Force Cracking Vulnerability in Huawei Servers

Huawei server has a brute-force cracking vulnerability due to the lack of authentication protection mechanisms. A remote attacker may obtain user passwords via a brute force attack. Vulnerability ID: HWPSIRT-2016-05247 This vulnerability has been assigned Common Vulnerabilities and Exposures CVE...

9.8CVSS9.5AI score0.02134EPSS
Exploits0Affected Software8
Huawei
Huawei
added 2016/06/22 12:0 a.m.26 views

Security Advisory - DoS Vulnerability in the OceanStor 5800

The OceanStor 5800 Storage Systems are mid-range storage products newly developed by Huawei. Huawei Oceanstor 5800 has a DoS vulnerability. An attacker may send massive abnormal HTTP packets to the device. As a result, the HTTP service generates a high CPU usage, and the device denies services...

7.8CVSS7.6AI score0.02464EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/04/19 12:0 a.m.26 views

Security Advisory - Cross-Site Script Vulnerability in Policy Center

Huawei Policy Center dynamically allocates network resources in a unified manner, enabling the network to provide services with more agility. A cross-site scripting XSS vulnerability exists in Huawei Policy Center. The vulnerability is caused by incomplete input validation. An attacker with a...

5.4CVSS5.5AI score0.00552EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/01/04 12:0 a.m.26 views

Security Advisory - Integer Overflowing Vulnerability in Huawei Smart Phone

An integer overflowing vulnerability exists in a Huawei smart phone. The attacker tricks the user to install a malicious application to obtain system or camera privilege and exploit the vulnerability to obtain the root privilege. Vulnerability ID: HWPSIRT-2015-11025 This vulnerability has been...

9.3CVSS7.6AI score0.01422EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2015/11/26 12:0 a.m.26 views

Security Advisory - Replay Attack Vulnerability of Users Abnormal Exit in VCN500

The operation and maintenance unit OMU of Huawei VCN500 Video Cloud Node does not process users’ abnormal exit properly in a specific scenario, which leaves the user’s session ID still valid. An attacker may exploit this vulnerability to launch replay attacks. Vulnerability ID: HWPSIRT-2015-07042...

7.4CVSS7.3AI score0.00843EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1006