Lucene search
K
HuaweiMost viewed

1006 matches found

Huawei
Huawei
added 2020/03/11 12:0 a.m.76 views

Security Advisory - Information Leakage Vulnerability in Motion Sensor

Motion sensor in some Huawei smart phones has an information leakage vulnerability. An attacker may exploit this vulnerability to obtain specific information from the motion sensor through an APP installed on the smart phone and track the user. Successful exploit may cause information leak...

3.3CVSS5AI score0.00334EPSS
Exploits0Affected Software36
Huawei
Huawei
added 2020/01/22 12:0 a.m.76 views

Security Advisory - Digital Balance Bypass Vulnerability in Huawei Smart Phones

There is a digital balance bypass vulnerability in some Huawei smart phones. When re-configuring the mobile phone at the digital balance mode, an attacker can perform some operations to bypass the startup wizard, and then open some switch. As a result, the digital balance function is bypassed...

4.6CVSS4.6AI score0.00214EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2019/11/13 12:0 a.m.76 views

Security Advisory - Two Vulnerabilities in Some Huawei Home Routers

Some Huawei home routers have an input validation vulnerability. Due to input parameter is not correctly verified, an attacker can exploit this vulnerability by sending special constructed packets to obtain files in the device and upload files to some directories. Vulnerability ID:...

8.1CVSS8AI score0.00382EPSS
Exploits0Affected Software26
Huawei
Huawei
added 2020/05/27 12:0 a.m.75 views

Security Advisory - Stack Buffer Overflow Vulnerability in Several Products

There is a stack buffer overflow vulnerability in several products. The program copies an input buffer to an output buffer without verification. An attacker in the adjacent network could send a crafted message, successful exploit could lead to stack buffer overflow which may cause malicious code...

8.8CVSS8.8AI score0.00478EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2019/12/04 12:0 a.m.75 views

Security Advisory - Out-of-bounds Read Vulnerability in Advanced Packages of Gauss100 OLTP Database

There is an out-of-bounds read vulnerability in the Advanced Packages feature of the Gauss100 OLTP database. Attackers who gain the specific permission can use this vulnerability by sending elaborate SQL statements to the database. Successful exploit of this vulnerability may cause the database t...

6.5CVSS6.7AI score0.00634EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/07/12 12:0 a.m.75 views

Security Advisory - Escalation of Privilege Vulnerability in Intel AMT, Intel ISM and Intel SMT

Intel disclosed an escalation of privilege vulnerability in Intel Active Management Technology AMT, Intel Standard Manageability ISM, and Intel Small Business Technology in Security Center advisory INTEL-SA-00075. Unprivileged attackers could exploit this vulnerability to gain control of the...

10CVSS7.4AI score0.92189EPSS
Exploits7
Huawei
Huawei
added 2014/10/24 12:0 a.m.75 views

Security Advisory-Bash Code Injection Vulnerability

This security advisory SA describes the impact of 6 Bash vulnerabilities discovered in third-party software Vulnerability ID: HWPSIRT-2014-0951. 1.OS Command Injections vulnerability CVE-2014-6271. GNU Bash through 4.3 processes trailing strings after function definitions in the values of...

10CVSS9.6AI score0.99999EPSS
Exploits158Affected Software68
Huawei
Huawei
added 2020/05/20 12:0 a.m.74 views

Security Advisory - Information Leakage Vulnerability in Some Huawei Products

There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent attacker could exploit this vulnerability to decrypt data. Successful exploitation may leak information randomly. Vulnerability ID: HWPSIRT-2020-02166 This vulnerability has been assigned a Common...

6.5CVSS6.3AI score0.00337EPSS
Exploits0Affected Software68
Huawei
Huawei
added 2019/12/04 12:0 a.m.74 views

Security Advisory - Improper Authorization Vulnerability in Several Smartphones

There is an improper authorization vulnerability in several smartphones. The software does not properly restrict certain operation of certain privilege, the attacker should trick the user into installing a malicious application before the user turns on student mode function. Successful exploit...

7.8CVSS7.5AI score0.006EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2019/09/30 12:0 a.m.74 views

Security Advisory - Improper Authorization Vulnerability in Several Smartphones

There is an improper authorization vulnerability in several smartphones. The software does incorrectly performs an authorization check when a user attempts to perform certain action. Successful exploit could allow the attacker to update a crafted package. Vulnerability ID: HWPSIRT-2019-07075 This...

4.6CVSS4.6AI score0.00198EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/09/02 12:0 a.m.73 views

Security Advisory - Remote Code Execution vulnerability in Apache Struts2

The Apache Struts frameworks, when forced, performs double evaluation of attributes' values assigned to certain tags attributes such as id so it is possible to pass in a value that will be evaluated again when a tag's attributes will be rendered. With a carefully crafted request, this can lead to...

9.8CVSS9.3AI score0.97399EPSS
Exploits15Affected Software4
Huawei
Huawei
added 2020/04/22 12:0 a.m.73 views

Security Advisory - Improper Authentication Vulnerability in Several Huawei Products

Some Huawei products have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device. Vulnerability ID: HWPSIRT-2020-04035 This vulnerability has been assigned a Common...

9.8CVSS9.5AI score0.01079EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/01/15 12:0 a.m.73 views

Security Advisory - Insufficient Authentication Vulnerability in Some Huawei Smart Phones

There is an insufficient authentication vulnerability in some Huawei smart phones. A local attacker with high privilege can execute a specific command to exploit this vulnerability. Successful exploitation may cause information leak and compromise the availability of the smart phones. Vulnerabili...

6CVSS6.1AI score0.00222EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/01/02 12:0 a.m.73 views

Security Advisory - Information Leak Vulnerability in Some Huawei Smart Phones

There is an information leak vulnerability in some Huawei smart phones. An attacker could send specific command in the local area network LAN to exploit this vulnerability. Successful exploitation may cause information leak. Vulnerability ID: HWPSIRT-2019-10001 This vulnerability has been assigne...

6.5CVSS6.3AI score0.00336EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/01/02 12:0 a.m.73 views

Security Advisory - Buffer Error Vulnerability in Some Huawei Products

There is a buffer error vulnerability in some Huawei products. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset...

7.8CVSS7.6AI score0.00971EPSS
Exploits0Affected Software26
Huawei
Huawei
added 2019/12/04 12:0 a.m.73 views

Security Advisory - Improper Authentication Vulnerability in Several Products

There is an improper authentication vulnerability in several products. The device does not perform a sufficient authentication when doing certain operation, successful exploit could allow an attacker to cause the device to reboot after launch a man in the middle attack. Vulnerability ID:...

7.1CVSS5.8AI score0.00631EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/08/05 12:0 a.m.72 views

Security Advisory - Remote Code Execution Vulnerability in Microsoft Windows SMBv1

Microsoft released a security advisory about a remote code execution vulnerability in Server Message Block Version 1 SMBv1. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server. Vulnerability ID: HWPSIRT-2020-06149 This vulnerability...

8.8CVSS8.5AI score0.36708EPSS
Exploits1
Huawei
Huawei
added 2020/02/05 12:0 a.m.72 views

Security Advisory - Improper Authorization Vulnerability in Several Smartphones

There is an improper authorization vulnerability in several smartphones. The system has a logic judging error under certain scenario, successful exploit could allow the attacker to switch to third desktop after a series of operation in ADB mode. Vulnerability ID: HWPSIRT-2019-10114 This...

2.4CVSS3.5AI score0.00209EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/01/20 12:0 a.m.72 views

Security Advisory - Improper Authentication Vulnerability in Smartphones

There is an improper authentication vulnerability in smartphones. Due to improperly validate of certain application, an attacker should trick the user into installing a malicious application to exploit this vulnerability. Successful exploit could allow the attacker to bypass the authentication to...

7.8CVSS7.6AI score0.00566EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/12/20 12:0 a.m.72 views

Security Advisory - Remote Code Execution Vulnerability in Microsoft Office

Microsoft released a security advisory to disclose a remote code execution vulnerability in Microsoft Office. Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office. The attacker could exploit the vulnerability to run...

9.3CVSS7.8AI score0.81627EPSS
Exploits3
Huawei
Huawei
added 2024/04/24 12:0 a.m.71 views

Security Advisory - Connection Hijacking Vulnerability in Some Huawei Home Routers

A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause DoS or information leakage.Vulnerability ID:HWPSIRT-2023-34408 This vulnerability has been assigned a CVEID:CVE-2023-52718...

8.1CVSS6.5AI score0.0015EPSS
Exploits0Affected Software9
Huawei
Huawei
added 2020/01/22 12:0 a.m.71 views

Security Advisory - Improper Authorization Vulnerability in Several Huawei Smart Phones

Some Huawei mobile phones have an improper authorization vulnerability. Due to improper authorization of some function, attackers can bypass the authorization to perform some operations. Vulnerability ID: HWPSIRT-2019-08002 This vulnerability has been assigned a Common Vulnerabilities and Exposur...

4.6CVSS4.7AI score0.00214EPSS
Exploits0Affected Software7
Huawei
Huawei
added 2019/11/13 12:0 a.m.71 views

Security Advisory - Improper Access Control Vulnerability in Huawei Share

There is an improper access control vulnerability in Huawei Share. The software does not properly restrict access to certain file from certain application. An attacker tricks the user into installing a malicious application then establishing a connect to the attacker through Huawei Share,...

5.5CVSS5.1AI score0.00526EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2014/12/19 12:0 a.m.71 views

Security Advisory-Multiple Vulnerabilities in the RomPager Component of Home Gateway

RomPager is the embedded web server from AllegroSoft. RomPager component has two vulnerabilities. Some Huawei Home Gateway products use RomPager component and are affected by these two vulnerabilities. RomPager Authentication Security Bypass –Misfortune Cookie: The vulnerability is due to an...

10CVSS2.7AI score0.63748EPSS
Exploits12Affected Software2
Huawei
Huawei
added 2019/11/20 12:0 a.m.70 views

Security Advisory - Use of Insufficiently Random Values Vulnerability in Huawei ViewPoint Products

There is a use of insufficiently random values vulnerability in Huawei ViewPoint products. An unauthenticated, remote attacker can guess information by a large number of attempts. Successful exploitation may cause information leak. Vulnerability ID: HWPSIRT-2019-10076 This vulnerability has been...

7.5CVSS7.5AI score0.00972EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2020/06/03 12:0 a.m.69 views

Security Advisory - Memory Leak Vulnerability in Some Huawei Products

Some Huawei products have a memory leak vulnerability. An attacker with high privileges exploits this vulnerability by continuously performing specific operations. Successful exploitation of this vulnerability can cause service abnormal. Vulnerability ID: HWPSIRT-2019-12421 This vulnerability has...

4.9CVSS5AI score0.00795EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2020/02/05 12:0 a.m.69 views

Security Advisory - Information leakage Vulnerability in Some Huawei Products

There is an information leakage vulnerability in some Huawei products. Due to improper processing of some data, a local authenticated attacker can exploit this vulnerability through a series of operations. Successful exploitation may cause information leakage.Vulnerability ID: HWPSIRT-2019-12399...

5.5CVSS5.2AI score0.00207EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2019/12/04 12:0 a.m.69 views

Security Advisory - Improper Authentication Vulnerability in Smartphones

There is an improper authentication vulnerability in smartphones. The applock does not perform a sufficient authentication in a rare condition, successful exploit could allow the attacker to use the application locked by applock in an instant. Vulnerability ID: HWPSIRT-2019-04103 This vulnerabili...

3.6CVSS4AI score0.00222EPSS
Exploits0Affected Software81
Huawei
Huawei
added 2017/04/20 12:0 a.m.69 views

Security Advisory - Buffer Overflow vulnerability in the FusionSphere OpenStack

The GaussDB of the FusionSphere OpenStack has a stack overflow vulnerability due to the lack of input validation on some parameters. An authenticated attacker on the LAN can exploit this vulnerability to execute arbitrary code or cause a denial of service DoS condition in the affected system...

6.3AI score0.00339EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/02/26 12:0 a.m.68 views

Security Advisory - Out of Bounds Write Vulnerability in Several Smartphones

There is an out of bounds write vulnerability in several smartphones. The software writes data past the end of the intended buffer because of insufficient validation of certain parameter when initializing certain driver program. An attacker could trick the user into installing a malicious...

7.1CVSS5.5AI score0.00478EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/01/02 12:0 a.m.68 views

Security Advisory - Denial of Service Vulnerability in Several Smartphones

There is a denial of service vulnerability in several smartphones. The system does not properly check the status of certain module during certain operations, an attacker should trick the user into installing a malicious application, successful exploit could cause reboot of the smartphone...

7.1CVSS5.3AI score0.00478EPSS
Exploits0Affected Software14
Huawei
Huawei
added 2020/08/05 12:0 a.m.67 views

Security Advisory - Elevation of Privilege Vulnerability in Some Microsoft Windows Systems

Microsoft released a security advisory to disclose an elevation of privilege vulnerability which exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability...

7.8CVSS8AI score0.04447EPSS
Exploits2
Huawei
Huawei
added 2020/07/16 12:0 a.m.67 views

Security Advisory - Windows DNS Server Remote Code Execution Vulnerability

Microsoft's security update in July 2020 addresses the CVE-2020-1350 vulnerability. To exploit the vulnerability, an unauthenticated attacker could send specially crafted requests to a Windows DNS server. An attacker who successfully exploited the vulnerability could run arbitrary code remotely...

10CVSS9.3AI score0.92178EPSS
Exploits21Affected Software1
Huawei
Huawei
added 2020/05/27 12:0 a.m.67 views

Security Advisory - Improper Authorization Vulnerability in Several Smartphones

There is an improper authorization vulnerability in several smartphones. The digital balance function does not sufficiently restrict the using time of certain user, successful exploit could allow the user break the limit of digital balance function after a series of operations with a PC...

2.4CVSS3.5AI score0.00196EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/05/27 12:0 a.m.67 views

Security Advisory - Improper Authorization Vulnerability in Several Smartphones

There is an improper authorization vulnerability in several smartphones. The system does not properly restrict certain operation in ADB mode, successful exploit could allow certain user break the limit of digital balance function. Vulnerability ID: HWPSIRT-2019-08104 This vulnerability has been...

2.4CVSS3.5AI score0.00209EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/02/19 12:0 a.m.67 views

Security Advisory - Invalid Pointer Access Vulnerability in Some Huawei Products

There is an invalid pointer access vulnerability in some products. The software system access an invalid pointer when administrator log in to the device and performs some operations. Successful exploit could cause certain process reboot. Vulnerability ID: HWPSIRT-2019-12412 This vulnerability has...

4.9CVSS4.6AI score0.002EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2020/01/20 12:0 a.m.67 views

Security Advisory - Path Traversal Vulnerability in Huawei GaussDB

There is a path traversal vulnerability in Huawei GaussDB. Due to insufficient input path validation, an authenticated attacker can traverse directories and download files to a specific directory. Successful exploit may cause information leakage. Vulnerability ID: HWPSIRT-2019-10053 This...

6.5CVSS6.5AI score0.00725EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/01/15 12:0 a.m.67 views

Security Advisory - Information Leakage Vulnerability in some Huawei Firewall Product

There is an information leakage vulnerability in some Huawei firewall products. Due to improper processing of the initialization vector used in a specific encryption algorithm, an attacker who gains access to this cryptographic primitive may exploit this vulnerability to cause the value of the...

4.3CVSS4AI score0.01238EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2019/02/18 12:0 a.m.67 views

Security Advisory - Information Leakage Vulnerability on Some Smartphones

There is an information leak vulnerability in some Huawei phones. When a local attacker use the camera of a smartphone, the attacker can exploit this vulnerability to obtain sensitive information by performing a series of operations. Vulnerability ID: HWPSIRT-2019-01101 This vulnerability has bee...

4.6CVSS4.4AI score0.00251EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/08/19 12:0 a.m.66 views

Security Advisory - Improper Privilege Management Vulnerability in Huawei Smartphone Product

There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated attacker could craft a specific input to exploit this vulnerability. Successful exploitation may lead to local privilege escalation. Vulnerability ID: HWPSIRT-2020-05272 This vulnerabilit...

7.8CVSS7.4AI score0.00127EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2020/05/20 12:0 a.m.66 views

Security Advisory - Use After Free Vulnerability in Several Products

There is a use after free vulnerability in several products. The software references memory after it has been freed in certain scenario, the attacker does a series of crafted operations through web portal, successful exploit could cause a use after free condition which may lead to malicious code...

7.5CVSS7.7AI score0.00367EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/02/05 12:0 a.m.66 views

Security Advisory - Denial of Service Vulnerability in Some Huawei Products

Products Switches Routers WLAN Storage See All Solutions Cloud Data Center Enterprise Networking Intelligent Computing Solutions by Industry See All Services Training and Certification Industry Cloud Enablement Service Improvement Service Customer Support Service See All Partner Find a Partner...

7.2AI score0.00767EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2020/01/15 12:0 a.m.66 views

Security Advisory - Three DoS Vulnerabilities in the SIP Module of Some Huawei Products

There are three denial of service DoS vulnerabilities in the SIP module of some Huawei products. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit...

7.5CVSS7.9AI score0.00883EPSS
Exploits0Affected Software50
Huawei
Huawei
added 2020/01/15 12:0 a.m.66 views

Security Advisory - Improper Authentication Vulnerability in Smartphones

There is an improper authentication vulnerability in smartphones. Certain application does not properly validate the identity of another application who would call its interface, an attacker should trick the user into installing a malicious application, successful exploit could allow unauthorized...

5.5CVSS5.3AI score0.00591EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2019/01/23 12:0 a.m.66 views

Security Advisory - FragmentSmack Vulnerability in Linux Kernel

There is a DoS vulnerability in the Linux Kernel versions 3.9+ known as a FragmentSmack attack. Remote attackers could send fragmented IPv4 or IPv6 packets to the affected device to trigger time and calculation reassembly algorithms that could consume excessive CPU resources, resulting in a DoS...

7.8CVSS7.6AI score0.24575EPSS
Exploits0Affected Software37
Huawei
Huawei
added 2020/05/27 12:0 a.m.65 views

Security Advisory - Improper Authentication Vulnerability in Several Smartphones

There is an improper authentication vulnerability in several smartphones. A logic error occurs when handling clock function, an attacker should do a series of crafted operations quickly before the phone is unlocked, successful exploit could allow the attacker to access clock information without...

2.4CVSS3.5AI score0.00247EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2020/02/12 12:0 a.m.65 views

Security Advisory - Dangling Pointer Reference Vulnerability in Some Huawei Firewall Products

There is a dangling pointer reference vulnerability in some Huawei firewall products. An authenticated attacker may do some special operations in the affected products in some special scenarios to exploit the vulnerability. Due to improper race conditions of different operations, successful explo...

5.3CVSS5.2AI score0.0041EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2019/04/17 12:0 a.m.65 views

Security Advisory - Information Disclosure Vulnerability on Smartphones

There is an information disclosure vulnerability on certain Huawei smartphones. An attacker could view the photos after a series of operation without unlock the screen lock. Successful exploit could cause an information disclosure condition. Vulnerability ID: HWPSIRT-2019-01143 This vulnerability...

4.6CVSS4.4AI score0.00251EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2016/03/04 12:0 a.m.65 views

Security Advisory - GNU Glibc Buffer Overflow Security Vulnerability

Google security research team disclosed a buffer overflow vulnerability in GNU C library glibc CVE-2015-7547 on February 16, 2016, remote attackers can exploit the vulnerability to execute arbitrary code on an affected device. Vulnerability ID: HWPSIRT-2016-02018 This vulnerability has been...

6.8CVSS2.2AI score0.89557EPSS
Exploits17Affected Software47
Huawei
Huawei
added 2020/02/12 12:0 a.m.64 views

Security Advisory - Small OOB Read Vulnerability in Huawei Product

There is an out-of-bound read vulnerability that a memory management error exists when IPSec Module handing a specific message. Attackers can send specific message to cause 1 byte out-of-bound read, compromising normal service. Vulnerability ID: HWPSIRT-2019-12417 This vulnerability has been...

5.3CVSS5.1AI score0.00733EPSS
Exploits0Affected Software3
Total number of security vulnerabilities1006