6 matches found
CVE-2021-22293
CVE-2021-22293 concerns an inconsistency in how some Huawei products interpret HTTP requests, allowing information leakage. Affected products include CampusInsight (V100R019C10), ManageOne (6.5.1.1, 6.5.1.SPC100, 6.5.1.SPC200, 6.5.1RC1, 6.5.1RC2, 8.0.RC2) and Taurus-AL00A (10.0.0.1(C00E1R1P1)). T...
CVE-2021-22302
CVE-2021-22302 describes an out-of-bounds read in Huawei Taurus-AL00A smartphones (version 10.0.0.1, build C00E1R1P1). A module fails to properly validate input, allowing attackers to trigger an out-of-bounds condition by sending malicious input through a specific app, potentially impacting servi...
CVE-2021-22303
The CVE-2021-22303 entry concerns Huawei Taurus-AL00A smartphone running 10.0.0.1 (C00E1R1P1). The vulnerability is a pointer double free caused by lack of multi-thread reentry protection when a function is called, potentially enabling a crash of the affected module and disruption of normal servi...
CVE-2021-22304
The CVE-2021-22304 entry corresponds to a use-after-free vulnerability in Huawei Taurus-AL00A devices (firmware version 10.0.0.1, build C00E1R1P1). The issue arises when a module references memory after it has been freed while processing certain messages, which can cause the module to crash and p...
CVE-2020-9087
CVE-2020-9087 affects Huawei Taurus-AL00A smartphones (version 10.0.0.1, build C00E1R1P1). The vulnerability is an out-of-bounds read in the XFRM module caused by insufficient parameter validation, allowing an authenticated, local attacker to trigger an information leak. Documents consistently de...
CVE-2020-9093
This CVE (CVE-2020-9093) affects Huawei Taurus-AL00A smartphones, specifically version 10.0.0.1 (C00E1R1P1). The underlying issue is a use-after-free vulnerability in a module that mishandles certain messages, allowing a memory-after-free reference and potential service disruption. Exploitation i...