Lucene search
K
HuaweiMost viewed

1006 matches found

Huawei
Huawei
added 2021/12/01 12:0 a.m.50 views

Security Advisory - Buffer Overflow Vulnerability in Some Huawei Products

There is a buffer overflow vulnerability in DOPRA SSP products. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition. Vulnerability ID: HWPSIRT-2020-823...

7.8CVSS7.6AI score0.0059EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2021/02/03 12:0 a.m.50 views

Security Advisory - Improper Resource Management Vulnerability in eUDC660 Product

The eUDC660 product has a resource management vulnerability. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper resource management of the device, as a result, the key file can be obtained and data can be...

6.7CVSS6.4AI score0.00185EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/09/23 12:0 a.m.50 views

Security Advisory - Buffer Overflow Vulnerability BootHole in GRUB2 Secure Boot

Eclypsium researchers have discovered a vulnerability named“BootHole”in the GRUB2 bootloader. There is a buffer overflow vulnerability that can be used to gain arbitrary code execution during the boot process, even when Secure Boot is enabled. Attackers exploiting this vulnerability can install...

8.2CVSS8.8AI score0.01068EPSS
Exploits0Affected Software6
Huawei
Huawei
added 2020/09/16 12:0 a.m.50 views

Security Advisory - Use-after-free Vulnerability in Some Huawei Smart Phone

There is a use-after-free UAF vulnerability in some Huawei smart phone. An authenticated, local attacker may perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service. Vulnerability ID:...

6.5CVSS6.4AI score0.00225EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/08/12 12:0 a.m.50 views

Security Advisory - Improper Authorization Vulnerability in Several Products

There is an improper authorization vulnerability in several products. The device does not restrict certain data received from WAN port. Successful exploit could allow an attacker at WAN side to manage certain service of the device. Vulnerability ID: HWPSIRT-2020-05063 This vulnerability has been...

7CVSS6.8AI score0.00468EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/08/05 12:0 a.m.50 views

Security Advisory - Information Leak Vulnerabilities in Huawei FusionCompute Product

There are two information disclosure vulnerability in Huawei FusionCompute product. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information. Vulnerability ID: HWPSIRT-2020-05013 and HWPSIRT-2020-05065 The two vulnerabilities ha...

7.5CVSS5.8AI score0.00777EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/04/15 12:0 a.m.50 views

Security Advisory - Denial of Service Vulnerability on Huawei Smartphone

There is an denial of service vulnerability on some Huawei smartphone. An attacker crafted specially file to the affected device. Due to insufficient input validation of the value when executing the file, successful exploit may cause device abnormal. Vulnerability ID: HWPSIRT-2019-12057 This...

5.5CVSS5.4AI score0.00526EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/01/24 12:0 a.m.50 views

Security Advisory - Two Vulnerabilities in MGCP Protocol of Some Huawei Products

There is an out-of-bounds read vulnerability in Media Gateway Control Protocol MGCP of some Huawei products. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may cause...

5.9CVSS6.2AI score0.00977EPSS
Exploits0Affected Software6
Huawei
Huawei
added 2017/12/15 12:0 a.m.50 views

Security Advisory - Numeric Errors Vulnerability in Some Huawei Routers

Some Huawei routers have a numeric errors vulnerability. An unauthenticated, remote attacker may send specific TCP messages with keychain authentication option to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages...

7.8CVSS7.7AI score0.01621EPSS
Exploits0Affected Software5
Huawei
Huawei
added 2015/10/21 12:0 a.m.50 views

Security Advisory - VRF Hopping Vulnerability in Multiple Routers

A VPN routing and forwarding VRF hopping vulnerability exists in Huawei routers. The routers do not strictly check received MPLS forwarding packets, and an attacker may exploit this vulnerability to forward crafted packets to MPLS links, which leads to flood attacks against the destination VPN...

5CVSS6.3AI score0.00896EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2022/01/26 12:0 a.m.49 views

Security Advisory - Laser Command Injection Vulnerability on Huawei Terminals

The laser command injection vulnerability exists on some Huawei devices. The devices cannot effectively defend against external malicious interference. Attackers need the device to be visually exploitable and successful triggering of this vulnerability could execute voice commands on the device...

7.8CVSS8AI score0.00394EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/09/30 12:0 a.m.49 views

Security Advisory - Improper Authorization Vulnerability in Huawei Product

There is an improper authorization vulnerability in some Huawei products. A command is authorized with incorrect privilege. Attackers with other privilege can execute the command to exploit this vulnerability. This may compromise normal service of the affected product. Vulnerability ID:...

7.8CVSS7.8AI score0.00219EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/09/30 12:0 a.m.49 views

Security Advisory - Path Traversal Vulnerability in Several Smartphones

There is a path traversal vulnerability in several smartphones. The system does not sufficiently validate certain pathname, successful exploit could allow the attacker access files and cause information disclosure. Vulnerability ID: HWPSIRT-2020-03127 This vulnerability has been assigned a Common...

4.6CVSS4.4AI score0.00288EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/08/26 12:0 a.m.49 views

Security Advisory - Improper Authorization Vulnerability in some Huawei Smartphones

There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. Successful exploit could allow the attacker to bypass app lock. Vulnerability ID: HWPSIRT-2019-12144 This vulnerability has...

6.8CVSS6.3AI score0.00196EPSS
Exploits0Affected Software7
Huawei
Huawei
added 2020/04/22 12:0 a.m.49 views

Security Advisory - Improper Authorization Vulnerability in Several Smartphones

There is an improper authorization vulnerability in several smartphones. The software does not properly restrict certain user's modification of certain configuration file, successful exploit could allow the attacker to bypass app lock after a series of operation in ADB mode. Vulnerability ID:...

3.6CVSS3.9AI score0.00223EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/04/08 12:0 a.m.49 views

Security Advisory - Improper Authentication Vulnerability in Several Smartphones

There is an improper authentication vulnerability in several smartphones. Certain function interface in the system does not sufficiently validate the caller's identity in certain share scenario, successful exploit could cause information disclosure. Vulnerability ID: HWPSIRT-2020-01073 This...

5.5CVSS5.3AI score0.00591EPSS
Exploits0Affected Software6
Huawei
Huawei
added 2019/12/18 12:0 a.m.49 views

Security Advisory - Information Disclosure Vulnerability in Some Huawei Products

Some Huawei products have an information disclosure vulnerability. Attackers with low privilege can exploit this vulnerability by performing some specific operations. Successful exploit of this vulnerability can cause some information disclosure. Vulnerability ID: HWPSIRT-2019-10408 This...

5.5CVSS5.2AI score0.00222EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/05/31 12:0 a.m.49 views

Security Advisory - Buffer Overflow Vulnerability in The GaussDB

There is a buffer overflow vulnerability in the handling code for regular expressions on GaussDB. An authenticated, remote attacker could use a specially crafted regular expression to cause GaussDB to crash or possibly execute arbitrary code. Vulnerability ID: HWPSIRT-2017-05046 This vulnerabilit...

7.5CVSS8.3AI score0.06948EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/11/11 12:0 a.m.48 views

Security Advisory - Command Injection Vulnerability in Some Huawei Products

Some Huawei products have a command injection vulnerability. Due to insufficient input validation, an attacker with high privilege may inject some malicious codes in some files of the affected products. Successful exploit may cause command injection. Vulnerability ID: HWPSIRT-2020-59877 This...

6.7CVSS6.9AI score0.00383EPSS
Exploits0Affected Software6
Huawei
Huawei
added 2020/07/15 12:0 a.m.48 views

Security Advisory - Information Disclosure Vulnerability on some Huawei Products

There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the username information leak. Vulnerability...

3.3CVSS3.5AI score0.00199EPSS
Exploits0Affected Software6
Huawei
Huawei
added 2020/04/29 12:0 a.m.48 views

Security Advisory - Privilege Escalation Vulnerability in Huawei PCManager Product

Huawei PCManager has a privilege escalation vulnerability. Due to improper permission management of specific files, local attackers with low permissions can inject commands to exploit this vulnerability. Successful exploit may cause privilege escalation. Vulnerability ID: HWPSIRT-2019-12143 This...

7.8CVSS7.8AI score0.00221EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2019/12/18 12:0 a.m.48 views

Security Advisory - Insufficient Input Validation Vulnerability in Huawei Share

There is an insufficient input validation vulnerability in Huawei Share. Attackers can exploit this vulnerability by sending crafted packets to the affected device. Successful exploit may cause the function will be disabled. Vulnerability ID: HWPSIRT-2019-09454 This vulnerability has been assigne...

7.5CVSS7.5AI score0.00856EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2019/08/21 12:0 a.m.48 views

Security Advisory - Out of Bounds Read Vulnerability on Several Smartphones

There is an out of bounds read vulnerability on several smartphones, the system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successful exploit could cause out of bounds read and...

5.5CVSS5.2AI score0.00611EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2019/08/19 12:0 a.m.48 views

Security Advisory - Four Remote Code Execution Vulnerabilities in Some Microsoft Windows Systems

Microsoft released four security advisories to disclose four remote code execution vulnerabilities in Remote Desktop Services. An unauthenticated attacker connects to the target system using RDP and sends specially crafted requests to exploit the vulnerabilities. Successful exploit may cause...

10CVSS10AI score0.75194EPSS
Exploits0
Huawei
Huawei
added 2022/11/02 12:0 a.m.47 views

Security Advisory - Path Traversal Vulnerability in a Huawei Children's Watch

Huawei Aslan Children's Watch has a path traversal vulnerability. Successful exploitation may allow attackers to access or modify protected system resources. Vulnerability ID:HWPSIRT-2022-99716 This vulnerability has been assigned a CVE ID: CVE-2022-44564...

7.8CVSS7.2AI score0.00183EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2021/01/27 12:0 a.m.47 views

Security Advisory - CSV Injection Vulnerability in ManageOne Product

There has a CSV injection vulnerability in ManageOne Product. An attacker with common privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files ...

4.9CVSS5.2AI score0.00624EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/12/02 12:0 a.m.47 views

Security Advisory - Privilege Escalation Vulnerability in Some Huawei Products

There is a privilege escalation vulnerability in some Huawei products. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful exploit will cause privilege escalation. Vulnerability ID:...

6.7CVSS6.6AI score0.00213EPSS
Exploits0Affected Software4
Huawei
Huawei
added 2020/09/30 12:0 a.m.47 views

Security Advisory - Information Disclosure Vulnerability in Several Smartphones

There is an information disclosure vulnerability in several smartphones. The device does not sufficiently validate the identity of smart wearable device in certain specific scenario, the attacker need to gain certain information in the victim's smartphone to launch the attack, and successful...

4.6CVSS4.5AI score0.00217EPSS
Exploits0Affected Software6
Huawei
Huawei
added 2020/09/09 12:0 a.m.47 views

Security Advisory - Buffer Overflow Vulnerability on Several Mobile Broadband Products

There is a buffer overflow vulnerability on several mobile broadband products. The software does not sufficiently validate the length of certain fields in DHCP message which is received. Successful exploit could cause the device to reboot. Vulnerability ID: HWPSIRT-2017-09083 This vulnerability h...

4.7CVSS4.9AI score0.00494EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/09/02 12:0 a.m.47 views

Security Advisory - Information Disclosure Vulnerability in Several Smartphones

There is an information vulnerability in Huawei smartphones. A module has a design error that is lack of control of input. Attackers can exploit this vulnerability to obtain some information. This can lead to information leak. Vulnerability ID: HWPSIRT-2020-02156 This vulnerability has been...

5.5CVSS5.3AI score0.00242EPSS
Exploits0Affected Software10
Huawei
Huawei
added 2020/08/26 12:0 a.m.47 views

Security Advisory - Information Disclosure Vulnerability in Several Smartphones

There is an information disclosure vulnerability in several smartphones. The system has a logic judging error under certain scenario, the attacker should gain the permit to execute commands in ADB mode and then do a series of operation on the phone. Successful exploit could allow the attacker to...

4.6CVSS6.6AI score0.00226EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/01/22 12:0 a.m.47 views

Security Advisory - Insufficient Verification Vulnerability in Some Huawei products

There is an insufficient verification vulnerability in some Huawei products. An attacker can perform specific operations to exploit this vulnerability by physical access methods. Successful exploitation may cause the attacker perform an illegal operation. Vulnerability ID: HWPSIRT-2019-10094 This...

6.8CVSS6.4AI score0.00227EPSS
Exploits0Affected Software5
Huawei
Huawei
added 2019/09/25 12:0 a.m.47 views

Security Advisory - Insufficient Verification Vulnerability in Several Smartphones

There is an insufficient verification vulnerability in several smartphones. The system does not verify certain parameters sufficiently, an attacker should connect to the phone and gain high privilege to launch the attack, successful exploit could cause DOS or malicious code execution. Vulnerabili...

6.2CVSS6.5AI score0.00171EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/06/01 12:0 a.m.47 views

Security Advisory - Multiple Security Vulnerabilities in HedEx product

HedExHuawei Electronic Documentation Explorer,Huawei electronic document browser, mainly used to browse Huawei products electronic documents. HedEx exist some vulnerabilities. HedEx has an arbitrary file download vulnerability. An attacker could exploit it to download arbitrary files on a target...

9.3CVSS6.7AI score0.00726EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2021/11/03 12:0 a.m.46 views

Security Advisory - Privilege Escalation Vulnerability in Huawei Product

There is a privilege escalation vulnerability in some Huawei products. Due to lack of privilege restrictions, an authenticated local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Vulnerability ID...

7.8CVSS7.6AI score0.00172EPSS
Exploits0Affected Software4
Huawei
Huawei
added 2020/01/21 12:0 a.m.46 views

Security Advisory - Insufficient Authentication Vulnerability in OSCA Products

There is an insufficient authentication vulnerability in OSCA products. The software does not require a strong credential when the user trying to do certain operations. Successful exploit could allow an attacker to pass the authentication and do certain operations by a weak credential...

6.8CVSS6.6AI score0.00245EPSS
Exploits0Affected Software4
Huawei
Huawei
added 2019/12/18 12:0 a.m.46 views

Security Advisory - Improper Access Control Vulnerability in Huawei Share

There is an improper access control vulnerability in Huawei Share. The function incorrectly controls certain access messages, attackers can simulate a sender to steal P2P network information. Successful exploit may cause information leakage. Vulnerability ID: HWPSIRT-2019-09452 This vulnerability...

7.5CVSS7.4AI score0.00764EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2018/10/31 12:0 a.m.46 views

Security Advisory - SegmentSmack Vulnerability in Linux Kernel

There is a DoS vulnerability in the Linux Kernel versions 4.9+ known as a SegmentSmack attack. Remote attackers may send TCP packets to Linux kernel to make it calls the very expensive functions tcpcollapseofoqueue and tcppruneofoqueue of the affected device which can lead to a denial of service...

7.8CVSS7.3AI score0.7354EPSS
Exploits0Affected Software68
Huawei
Huawei
added 2018/05/09 12:0 a.m.46 views

Security Advisory - Authentication Bypass Vulnerability in Huawei iBMC Products

There is an authentication bypass vulnerability in Huawei iBMC products. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validation of the upload authority, successful exploit may cause privilege...

8.8CVSS8.9AI score0.00766EPSS
Exploits0Affected Software20
Huawei
Huawei
added 2016/12/28 12:0 a.m.46 views

Security Advisory - Chrome V8 engine has a remote code execution vulnerability

Chrome V8 is a Google Chrome engine for parsing JavaScript. Chrome V8 v3.20 to v4.2 has a remote code execution vulnerability due to misspelling of exception name observeacceptinvalid into observeinvalidaccept in source code, leading to the leak of kMessages. Successful exploit of this...

8.8CVSS8.9AI score0.04587EPSS
Exploits3Affected Software2
Huawei
Huawei
added 2016/11/16 12:0 a.m.46 views

Security Advisory - Multiple Input Validation Vulnerabilities in Huawei Smart Phone

There are four input validation vulnerabilities in some Huawei Smart phones. An attacker gets the graphic or Camera privilege and tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege...

7.1CVSS7.1AI score0.00628EPSS
Exploits0Affected Software3
Huawei
Huawei
added 2015/11/11 12:0 a.m.46 views

Security Advisory - DoS Vulnerability in Huawei U2990 and U2980

Huawei U2990 and U2980 have a DoS vulnerability caused by no error correction mechanism when handling specific signaling packets. An attacker can send malformed packets to cause a denial of service condition in some services of the U2990 and U2980. Vulnerability ID: HWPSIRT-2015-09025 This...

4CVSS0.6AI score0.00725EPSS
Exploits0Affected Software2
Huawei
Huawei
added 2022/08/19 12:0 a.m.45 views

Security Advisory - Permission Bypass Vulnerability in Huawei Products

A permission bypass vulnerability in Huawei cross device task management could allow an attacker to access certain resource in the attacked devices. Vulnerability ID: HWPSIRT-2021-96118 This vulnerability has been assigned a Common Vulnerabilities and Exposures CVE ID: CVE-2021-46834. For product...

5.5CVSS5.4AI score0.00156EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/12/23 12:0 a.m.45 views

Security Advisory - Memory Leak Vulnerability in Huawei CloudEngine Product

There is a memory leak vulnerability in Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak. Vulnerability ID:...

7.5CVSS7.5AI score0.00916EPSS
Exploits0Affected Software4
Huawei
Huawei
added 2020/11/25 12:0 a.m.45 views

Security Advisory - Command Injection Vulnerability in ManageOne Product

There has a command injection vulnerability in ManageOne Product. An attacker with high privileges may exploit this vulnerability through some operations on the plug-in component. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject comman...

9CVSS7.2AI score0.01361EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/10/14 12:0 a.m.45 views

Security Advisory - JavaScript Injection Vulnerability in Huawei Smartphone

There is a JavaScript injection vulnerability in Huawei smartphone. A module does not verify a specific input. This could allow attackers to bypass filter mechanism to launch JavaScript injection. This could compromise normal service of the affected module. Vulnerability ID: HWPSIRT-2020-04153 Th...

4.6CVSS5.1AI score0.00279EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2020/07/01 12:0 a.m.45 views

Security Advisory - Type Confusion Vulnerability in Several Smartphones

There is a type confusion vulnerability in several smartphones. The system does not properly check and transform the type of certain variable, the attacker tricks the user into installing then running a crafted application, successful exploit could cause code execution. Vulnerability ID:...

7.8CVSS7.6AI score0.00792EPSS
Exploits0
Huawei
Huawei
added 2019/12/18 12:0 a.m.45 views

Security Advisory - Buffer Overflow Vulnerability in Some Huawei Smart Phones

There is a buffer overflow vulnerability in some Huawei smart phones. An attacker may intercept and tamper with the packet in the local area network LAN to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal. Vulnerability ID: HWPSIRT-2019-09447 This...

8.8CVSS8.7AI score0.00372EPSS
Exploits0Affected Software1
Huawei
Huawei
added 2017/12/06 12:0 a.m.45 views

Security Advisory - Input Validation Vulnerability in H323 Protocol of Huawei products

There is an insufficient validation vulnerability in some Huawei products. Since packet validation is insufficient, an unauthenticated attacker may send special H323 packets to exploit the vulnerability. Successful exploit could allow the attacker to send malicious packets and result in DOS...

5.9CVSS5.7AI score0.00788EPSS
Exploits0Affected Software31
Huawei
Huawei
added 2017/04/19 12:0 a.m.45 views

Security Advisory - OpenSSL Montgomery multiplication may produce incorrect results Vulnerability

The Broadwell-specific Montgomery multiplication procedure has a denial of service DoS vulnerability when handling input longer than 256 bits.Only EC algorithms that use Brainpool P-512 curves are affected. An attacker could exploit this vulnerability to cause DoS during ECDH key...

5.9CVSS6.7AI score0.14225EPSS
Exploits1Affected Software8
Total number of security vulnerabilities1006