Lucene search
K
HuaweiMost viewed

1006 matches found

Huawei
Huawei
•added 2016/07/06 12:0 a.m.•64 views

Security Advisory - Multiple Vulnerabilities in OpenSSL in May 2016

On May 3, 2016, the OpenSSL Software Foundation released a security advisory that included six vulnerabilities. Of the six vulnerabilities disclosed, four of them may cause memory corruption or excessive memory usage, one could allow a padding oracle attack to decrypt traffic when the connection...

10CVSS8.6AI score0.89058EPSS
Exploits7Affected Software61
Huawei
Huawei
•added 2020/06/03 12:0 a.m.•63 views

Security Advisory - Improper Handling of Exceptional Condition Vulnerability in Huawei Smartphones

There is an improper handling of exceptional condition Vulnerability in Huawei Smartphones. A component cannot deal with an exception correctly. Attackers can exploit this vulnerability by sending malformed message. This could compromise normal service of affected phones. Vulnerability ID:...

5.3CVSS5.2AI score0.00733EPSS
Exploits0Affected Software3
Huawei
Huawei
•added 2020/03/18 12:0 a.m.•63 views

Security Advisory - Improper Authorization Vulnerability in Several Smartphones

There is an improper authorization vulnerability in several smartphones. The software incorrectly performs an authorization to certain user, successful exploit could allow a low privilege user to do certain operation which the user are supposed not to do. Vulnerability ID: HWPSIRT-2019-12104 This...

6.6CVSS6.4AI score0.00197EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2020/01/20 12:0 a.m.•63 views

Security Advisory - Command Injection Vulnerability in GaussDB 200 Product

There is a command injection vulnerability in GaussDB 200 product. Due to insufficient input validation, remote attackers with low permissions could exploit this vulnerability by sending crafted commands to the affected device. Successful exploit could allow an attacker to execute commands...

8.8CVSS8.9AI score0.01144EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2019/09/25 12:0 a.m.•63 views

Security Advisory - Insufficient Verification Vulnerability in Several Smartphones

There is an insufficient verification vulnerability in several smartphones. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack, successful exploit could cause malicious code execution. Vulnerability ID:...

6.2CVSS6.5AI score0.00171EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/09/07 12:0 a.m.•63 views

Security Advisory - TCP Connection Hijack Vulnerability

There is a vulnerability in the implementation of the RFC 5961, due to the improper determination of the rate of challenge ACK responses by the global rate limit feature. Successful exploit could allow an unauthenticated, remote attacker to reset or hijack into a TCP connections between two...

5.8CVSS7AI score0.15073EPSS
Exploits3Affected Software22
Huawei
Huawei
•added 2021/07/07 12:0 a.m.•62 views

Security Advisory - Bluetooth Function Denial of Service Vulnerability in Some Huawei Smartphone Products

The Bluetooth function of some Huawei smartphones has a DoS vulnerability. Attackers can install third-party apps to send specific broadcasts, causing the Bluetooth module to crash. This vulnerability is successfully exploited to cause the Bluetooth function to become abnormal. Vulnerability ID:...

5.5CVSS5.4AI score0.00166EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2016/03/30 12:0 a.m.•62 views

Security Advisory - OpenSSL DROWN Security Vulnerability

OpenSSL official website released a security advisory about a high risk vulnerability dubbed DROWN CVE-2016-0800 on March 1st, 2016. The vulnerability is: Once SSLv2 is used, an attacker can capture packets or act as a man in the middle MIMT to obtain SSL session keys, decrypt encrypted traffic,...

5.9CVSS6AI score0.82112EPSS
Exploits2Affected Software44
Huawei
Huawei
•added 2021/03/24 12:0 a.m.•61 views

Security Advisory - XSS Injection Vulnerability in a Huawei Product

There is a XSS injection vulnerability in a Huawei product. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client. Vulnerability ID:...

5.4CVSS5.3AI score0.00315EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2021/01/20 12:0 a.m.•61 views

Security Advisory - Inconsistent Interpretation of HTTP Requests Vulnerability in Some Huawei Products

Some Huawei products have an inconsistent interpretation of HTTP requests vulnerability. Attackers can exploit this vulnerability to cause information leak. Vulnerability ID: HWPSIRT-2020-05294 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2021-22293...

7.5CVSS7.4AI score0.00912EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2020/07/15 12:0 a.m.•61 views

Security Advisory - Denial of Service Vulnerability in OpenSSL

There is a Denial of Service DoS vulnerability in Openssl. Specific function in Openssl may crash during or after the TLS 1.3 handshake due to a NULL pointer dereference. Attacker may send crafted request packet to the target host service to exploit this vulnerability. Successful exploit may caus...

7.5CVSS7.6AI score0.53336EPSS
Exploits2Affected Software3
Huawei
Huawei
•added 2020/05/13 12:0 a.m.•61 views

Security Advisory - Out of Bounds Read Vulnerability in Several Smartphones

There is an out of bound read vulnerability in several smartphones. The software reads data past the end of the intended buffer. The attacker tricks the user into installing a crafted application, successful exploit may cause information disclosure or service abnormal. Vulnerability ID:...

7.1CVSS6.6AI score0.0054EPSS
Exploits0Affected Software18
Huawei
Huawei
•added 2020/04/15 12:0 a.m.•61 views

Security Advisory - Out of Bounds Read Vulnerability in Some Huawei Products

There is a few bytes out-of-bounds read vulnerability in some Huawei products. The software reads data past the end of the intended buffer when parsing certain message, an authenticated attacker could exploit this vulnerability by sending crafted messages to the device. Successful exploit may cau...

6.5CVSS6.4AI score0.00634EPSS
Exploits0Affected Software17
Huawei
Huawei
•added 2020/04/01 12:0 a.m.•61 views

Security Advisory - Buffer Overflow Vulnerability in Some Huawei Products

There is a buffer overflow vulnerability in some Huawei products. The vulnerability can be exploited by an attacker to perform remote code execution on the affected products when the affected product functions as an optical line terminal OLT. Vulnerability ID: HWPSIRT-2019-09333 This vulnerabilit...

8CVSS8.3AI score0.00617EPSS
Exploits0Affected Software3
Huawei
Huawei
•added 2020/01/22 12:0 a.m.•61 views

Security Advisory - Insufficient Verification Vulnerability in Some Huawei Products

There is an insufficient verification vulnerability in some Huawei products. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit may cause service abnormal.Vulnerability ID: HWPSIRT-2019-10092 This vulnerability has bee...

6.1CVSS6.2AI score0.00208EPSS
Exploits0Affected Software6
Huawei
Huawei
•added 2020/01/15 12:0 a.m.•61 views

Security Advisory - Two Integer Overflow Vulnerabilities in LDAP of Some Huawei Products

There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash. Vulnerability I...

7.8CVSS7.6AI score0.00958EPSS
Exploits0Affected Software7
Huawei
Huawei
•added 2019/12/04 12:0 a.m.•61 views

Security Advisory - Weak Algorithm Vulnerability in Some Huawei Products

There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks. Vulnerability ID: HWPSIRT-2019-02008 This vulnerability has been assigned a Common Vulnerabilities and Exposur...

7.5CVSS7.3AI score0.00764EPSS
Exploits0Affected Software31
Huawei
Huawei
•added 2017/09/20 12:0 a.m.•61 views

Security Advisory - Information Exposure Vulnerability on FusionSphere OpenStack

There is an information exposure vulnerability on FusionSphere OpenStack. The software uses hard-coded cryptographic key to encrypt messages between certain components, which significantly increases the possibility that encrypted data may be recovered and results in information exposure...

5.3CVSS5.1AI score0.0071EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/07/27 12:0 a.m.•61 views

Security Advisory - BroadPwn Remote Code Execute Vulnerability

Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue. Successful exploit of this vulnerability could allow an attacker to remotely execute arbitrary code on affected devices. Vulnerability ID: HWPSIRT-2017-07072 This...

9.8CVSS8.9AI score0.47537EPSS
Exploits1Affected Software1
Huawei
Huawei
•added 2017/06/13 12:0 a.m.•61 views

Security Advisory - Samba Remote Code Execution Vulnerability in Some Huawei Products

All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing an authenticated attacker to upload a shared library to a writable share and execute arbitrary code remotely on a targeted system. Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as security...

10CVSS2.2AI score0.99448EPSS
Exploits24Affected Software3
Huawei
Huawei
•added 2017/03/06 12:0 a.m.•61 views

Security Advisory - Arbitrary Memory Read Write Vulnerability in Huawei Smart Phones

There is a arbitrary memory read/write vulnerability in the hardware security module of some Huawei smart phones due to the input parameters validation. An attacker with the root privilege of the Android system could exploit this vulnerability to read and write memory data anywhere or execute...

7.2CVSS6.7AI score0.00309EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2020/12/16 12:0 a.m.•60 views

Security Advisory - Information Leak Vulnerability in Huawei Product

There is an information leak vulnerability in Huawei product. A module is lack of authentication. Attackers without access to the module can exploit this vulnerability to obtain extra information, leading to information leak. Vulnerability ID: HWPSIRT-2020-06053 This vulnerability has been assign...

6.5CVSS6.3AI score0.00622EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/07/22 12:0 a.m.•60 views

Security Advisory - Improper Authorization Vulnerability in Several Smartphones

There is an improper authorization vulnerability in several smartphones. The software does not properly restrict certain operation in certain scenario, the attacker should do certain configuration before the user turns on student mode function. Successful exploit could allow the attacker to bypas...

2.4CVSS3.4AI score0.00214EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/04/22 12:0 a.m.•60 views

Security Advisory - Local Privilege Escalation Vulnerability in Huawei PCManager Product

There is a local privilege escalation vulnerability in Huawei PCManager product. An authenticated, local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Vulnerability ID: HWPSIRT-2020-02134 This...

6.7CVSS6.6AI score0.00217EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/03/18 12:0 a.m.•60 views

Security Advisory - Logic Error Vulnerability in Several Smartphones

There is a logic error vulnerability in several smartphones. The software does not properly restrict certain operation when the Digital Balance function is on. Successful exploit could allow the attacker to bypass the Digital Balance limit after a series of operations. Vulnerability ID:...

2.4CVSS3.5AI score0.00214EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2020/02/19 12:0 a.m.•60 views

Security Advisory - Invalid Pointer Access Vulnerability in Some Huawei Products

There is a invalid pointer access vulnerability in some products. The software system access an invalid pointer when operator logs in to the device and performs some operations. Successful exploit could cause certain process reboot. Vulnerability ID: HWPSIRT-2019-12413 This vulnerability has been...

5.5CVSS5.4AI score0.00199EPSS
Exploits0Affected Software3
Huawei
Huawei
•added 2020/02/05 12:0 a.m.•60 views

Security Advisory - Information leakage Vulnerability in Some Huawei Products

There is an information leakage vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending specific request packets to affected devices. Successful exploit may lead to information leakage. Vulnerability ID: HWPSIRT-2019-11212 This vulnerability has been assigned ...

7.5CVSS7.4AI score0.00764EPSS
Exploits0Affected Software6
Huawei
Huawei
•added 2019/11/20 12:0 a.m.•60 views

Security Advisory - Improper Validation of Array Index Vulnerability in Several Smartphones

There is an improper validation of array index vulnerability in several smartphones. The system does not properly validate the input value before use it as an array index when processing certain image information. The attacker tricks the user into installing a malicious application, successful...

7.8CVSS7.7AI score0.00267EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2019/08/21 12:0 a.m.•60 views

Security Advisory - Null Pointer Reference Vulnerability in Some Huawei Smart Phones

There is a null pointer reference vulnerability in some Huawei smart phones. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal. Vulnerability ID: HWPSIRT-2019-05097 This vulnerability...

5.3CVSS5.2AI score0.01045EPSS
Exploits0Affected Software50
Huawei
Huawei
•added 2020/02/12 12:0 a.m.•59 views

Security Advisory - Input Validation Vulnerability in Huawei Products

Products Switches Routers WLAN Storage See All Solutions Cloud Data Center Enterprise Networking Intelligent Computing Solutions by Industry See All Services Training and Certification Industry Cloud Enablement Service Improvement Service Customer Support Service See All Partner Find a Partner...

7.2AI score0.00745EPSS
Exploits0Affected Software3
Huawei
Huawei
•added 2020/01/22 12:0 a.m.•59 views

Security Advisory - Command Injection Vulnerability in GaussDB 200

There is a command injection vulnerability in GaussDB 200. The software constructs part of a command using external input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands. Vulnerability ID:...

8.8CVSS8.8AI score0.01093EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2019/11/27 12:0 a.m.•59 views

Security Advisory - Buffer Overflow Vulnerability in Huawei Atlas Product

There is a buffer overflow vulnerability in Huawei Atlas product. A local, authenticated attacker may craft specific parameter and send to the process to exploit this vulnerability. Successfully exploit may cause service crash. Vulnerability ID: HWPSIRT-2019-08062 This vulnerability has been...

5.5CVSS5.6AI score0.00188EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2019/11/06 12:0 a.m.•59 views

Security Advisory - Insufficient Authentication Vulnerability in Several Band Products

There is an insufficient authentication vulnerability in several products. The band does not sufficiently authenticate the device try to connect to it in certain scenario. Successful exploit could allow the attacker to spoof then connect to the band. Vulnerability ID: HWPSIRT-2019-09490 This...

8.8CVSS8.6AI score0.00392EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2020/05/27 12:0 a.m.•58 views

Security Advisory - Information Disclosure Vulnerability in Several Smartphones

There is an information disclosure vulnerability in several smartphones. The attacker could wake up voice assistant then do a series of crafted voice operation, successful exploit could allow the attacker read certain files without unlock the phone leading to information disclosure. Vulnerability...

4.6CVSS4.2AI score0.00235EPSS
Exploits0Affected Software10
Huawei
Huawei
•added 2019/09/25 12:0 a.m.•58 views

Security Advisory - Out-of-bounds Read Vulnerability in Gauss100 OLTP Database of Some Huawei Products

There is an out-of-bounds read vulnerability in the Gauss100 OLTP database of some Huawei products due to the insufficient checks of the specific packet length. Attackers can construct invalid packets to attack the active and standby communication channels. Successful exploit of this vulnerabilit...

7.5CVSS7.3AI score0.00745EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2021/07/14 12:0 a.m.•57 views

Security Advisory - Privilege Escalation Vulnerability in some Huawei Products

There is a privilege escalation vulnerability in some Huawei products. Due to improper privilege management, a local attacker with common privilege may access some specific files in the affected products. Successful exploit will cause privilege escalation. Vulnerability ID: HWPSIRT-2020-05256 Thi...

7.8CVSS7.7AI score0.00148EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2020/09/30 12:0 a.m.•57 views

Security Advisory - QEMU Out-of-bound Read and Write Vulnerability in Huawei Product

An out-of-bound read and write access vulnerability was found in the USB emulator of the QEMU. It occurs while processing USB packets from a guest. Attackers can use this vulnerability to crash the QEMU process resulting in DoS or potentially execute arbitrary code with the privileges of the QEMU...

5CVSS6.8AI score0.05447EPSS
Exploits1Affected Software9
Huawei
Huawei
•added 2020/09/30 12:0 a.m.•57 views

Security Advisory - Insufficient Input Verification Vulnerability in Some Huawei Products

Some Huawei products have an insufficient input verification vulnerability. Attackers can exploit this vulnerability in the LAN to cause service abnormal on affected devices. Vulnerability ID: HWPSIRT-2020-00006 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID:...

6.5CVSS6.4AI score0.00351EPSS
Exploits0Affected Software7
Huawei
Huawei
•added 2020/03/25 12:0 a.m.•57 views

Security Advisory - Improper Authentication Vulnerability in Some Huawei Smartphones

There is an improper authentication vulnerability in some Huawei smartphones. The Application doesn't perform proper authentication when user performs certain operations. An attacker can trick user into installing a malicious plug-in to exploit this vulnerability. Successful exploit could allow t...

7.8CVSS7.6AI score0.00566EPSS
Exploits0Affected Software6
Huawei
Huawei
•added 2020/03/18 12:0 a.m.•57 views

Security Advisory - Double Free Vulnerability in Some Huawei Products

There is a double free vulnerability in some Huawei products. A local attacker with low privilege may perform some operations to exploit the vulnerability. Due to doubly freeing memory, successful exploit may cause some service abnormal. Vulnerability ID: HWPSIRT-2019-09024 This vulnerability has...

3.3CVSS3.8AI score0.00189EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2019/09/21 12:0 a.m.•57 views

Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for DB exceptions that are deferred by MOV SS or POP SS, as demonstrated ...

7.8CVSS7.2AI score0.18404EPSS
Exploits9Affected Software11
Huawei
Huawei
•added 2018/12/12 12:0 a.m.•57 views

Security Advisory - Cache Timing Vulnerability in OpenSSL RSA Key Generation

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack CVE-2018-0737. An attacker could exploit this vulnerability to recover the private key. Vulnerability ID: HWPSIRT-2018-06015 Huawei has released software updates to fix this vulnerabilit...

5.9CVSS6.6AI score0.12046EPSS
Exploits0Affected Software4
Huawei
Huawei
•added 2018/06/13 12:0 a.m.•57 views

Security Advisory - OpenSSL Vulnerability in Some Huawei Products

Constructed ASN.1 types with a recursive definition in some OpenSSL versions could eventually exceed the stack given malicious input with excessive recursion. Successful exploit of this vulnerability may result in a Denial of Service attack. Vulnerability ID: HWPSIRT-2018-03073 This vulnerability...

6.5CVSS6.2AI score0.19295EPSS
Exploits0Affected Software22
Huawei
Huawei
•added 2017/08/02 12:0 a.m.•57 views

Security Advisory - 'Phoenix Talon' Vulnerabilities in Linux Kernel

The Linux operating system has four security vulnerabilities called 'Phoenix Talon', which affect Linux kernel 2.5.69 to Linux kernel 4.11. Successful exploit of these vulnerabilities can allow an attacker to launch DoS attacks and can lead to arbitrary code execution when certain conditions are...

7.8CVSS8.6AI score0.01372EPSS
Exploits5Affected Software5
Huawei
Huawei
•added 2017/06/12 12:0 a.m.•57 views

Security Advisory - Multiple Vulnerabilities in UMA Products

The Unified Maintenance Audit UMA system provides a unified portal for O&M operations, controls and records users' O&M operations, and supports auditing by way of command display and video replay. The UMA product has the following vulnerabilities, which are introduced by software provided by...

9.8CVSS8AI score0.01345EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2017/04/05 12:0 a.m.•57 views

Security Advisory - Multiple Buffer Overflow Vulnerabilities in Bastet of Huawei Smart Phone

The Bastet of some Huawei mobile phones have three buffer overflow vulnerabilities due to the lack of parameter validation. An attacker with the root privilege of an Android system may trick a user into installing a malicious APP. The APP can modify specific data to cause buffer overflow in the...

9.3CVSS8.6AI score0.01351EPSS
Exploits0Affected Software2
Huawei
Huawei
•added 2021/07/14 12:0 a.m.•56 views

Security Advisory - Privilege Escalation Vulnerability in Huawei Products

There is a privilege escalation vulnerability in Huawei products. External parameters of some files are lack of verification when they are be called. Attackers can exploit this vulnerability by performing these files to cause privilege escalation attack. This can compromise normal service...

6.7CVSS6.7AI score0.00173EPSS
Exploits0Affected Software1
Huawei
Huawei
•added 2020/09/09 12:0 a.m.•57 views

Security Advisory - MITM Vulnerability on Huawei Share

There is a man-in-the-middleMITM vulnerability on Huawei Share of certain smartphones. When users establish connection and transfer data through Huawei Share, an attacker could sniffer, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attac...

4.3CVSS6AI score0.00329EPSS
Exploits0Affected Software22
Huawei
Huawei
•added 2020/09/02 12:0 a.m.•56 views

Security Advisory - Command Injection Vulnerability in Some Huawei Products

Some Huawei products have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the LAN. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject commands to the target...

7.7CVSS7AI score0.00796EPSS
Exploits0Affected Software3
Huawei
Huawei
•added 2020/08/26 12:0 a.m.•56 views

Security Advisory - Buffer Error Vulnerability in Some Huawei Product

There is a buffer error vulnerability in some Huawei product. An unauthenticated attacker may send special UPNP message to the affected products. Due to insufficient input validation of some value, successful exploit may cause some service abnormal. Vulnerability ID: HWPSIRT-2017-08234 This...

4.3CVSS6.6AI score0.00202EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1006