Filtered by vendor Huawei
Subscriptions
Total
2040 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-22296 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.5 Medium |
| A component of HarmonyOS 2.0 has a DoS vulnerability. Local attackers may exploit this vulnerability to mount a file system to the target device, causing DoS of the file system. | ||||
| CVE-2021-22295 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.5 Medium |
| A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler. | ||||
| CVE-2021-22294 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 3.3 Low |
| A component API of the HarmonyOS 2.0 has a permission bypass vulnerability. Local attackers may exploit this vulnerability to issue commands repeatedly, exhausting system service resources. | ||||
| CVE-2021-22293 | 1 Huawei | 4 Campusinsight, Manageone, Taurus-al00a and 1 more | 2024-11-21 | 7.5 High |
| Some Huawei products have an inconsistent interpretation of HTTP requests vulnerability. Attackers can exploit this vulnerability to cause information leak. Affected product versions include: CampusInsight versions V100R019C10; ManageOne versions 6.5.1.1, 6.5.1.SPC100, 6.5.1.SPC200, 6.5.1RC1, 6.5.1RC2, 8.0.RC2. Affected product versions include: Taurus-AL00A versions 10.0.0.1(C00E1R1P1). | ||||
| CVE-2021-22292 | 1 Huawei | 2 Ecns280, Ecns280 Firmware | 2024-11-21 | 7.5 High |
| There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS. | ||||
| CVE-2020-9263 | 1 Huawei | 4 Mate 30, Mate 30 Firmware, P30 and 1 more | 2024-11-21 | 7.8 High |
| HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) and HUAWEI P30 version earlier than 10.1.0.160(C00E160R2P11) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with common privilege, successful exploit could cause code execution. | ||||
| CVE-2020-9262 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2024-11-21 | 7.8 High |
| HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with high privilege, successful exploit could cause code execution. | ||||
| CVE-2020-9261 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2024-11-21 | 7.8 High |
| HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a type confusion vulnerability. The system does not properly check and transform the type of certain variable, the attacker tricks the user into installing then running a crafted application, successful exploit could cause code execution. | ||||
| CVE-2020-9260 | 1 Huawei | 4 P30, P30 Firmware, P30 Pro and 1 more | 2024-11-21 | 6.5 Medium |
| HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E22R2P5) and versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Certain WI-FI function's default configuration in the system seems insecure, an attacker should craft a WI-FI hotspot to launch the attack. Successful exploit could cause information disclosure. | ||||
| CVE-2020-9259 | 1 Huawei | 2 Honor V30, Honor V30 Firmware | 2024-11-21 | 6.5 Medium |
| Huawei Honor V30 smartphones with versions earlier than 10.1.0.212(C00E210R5P1) have an improper authentication vulnerability. The system does not sufficiently validate certain parameter passed from the bottom level, the attacker should trick the user into installing a malicious application and control the bottom level, successful exploit could cause information disclosure. | ||||
| CVE-2020-9258 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 5.5 Medium |
| HUAWEI P30 smartphone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper input verification vulnerability. An attribution in a module is not set correctly and some verification is lacked. Attackers with local access can exploit this vulnerability by injecting malicious fragment. This may lead to user information leak. | ||||
| CVE-2020-9257 | 1 Huawei | 2 P30 Pro, P30 Pro Firmware | 2024-11-21 | 8.8 High |
| HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution. | ||||
| CVE-2020-9256 | 1 Huawei | 2 Mate 30 Pro, Mate 30 Pro Firmware | 2024-11-21 | 6.5 Medium |
| Huawei Mate 30 Pro smartphones with versions earlier than 10.1.0.150(C00E136R5P3) have an improper authorization vulnerability. The system does not properly restrict the use of system service by applications, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of audio service. | ||||
| CVE-2020-9255 | 1 Huawei | 2 Honor 10, Honor 10 Firmware | 2024-11-21 | 5.5 Medium |
| Huawei Honor 10 smartphones with versions earlier than 10.0.0.178(C00E178R1P4) have a denial of service vulnerability. Certain service in the system does not sufficiently validate certain parameter which is received, the attacker should trick the user into installing a malicious application, successful exploit could cause a denial of service condition. | ||||
| CVE-2020-9254 | 1 Huawei | 2 P30 Pro, P30 Pro Firmware | 2024-11-21 | 7.8 High |
| HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution. | ||||
| CVE-2020-9252 | 1 Huawei | 8 Magic2, Magic2 Firmware, Mate 20 and 5 more | 2024-11-21 | 2.3 Low |
| HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8), HUAWEI Mate 20 X versions earlier than 10.1.0.135(C00E135R2P8), HUAWEI Mate 20 RS versions earlier than 10.1.0.160(C786E160R3P8), and Honor Magic2 smartphones versions earlier than 10.1.0.160(C00E160R2P11) have a path traversal vulnerability. The system does not sufficiently validate certain pathname from certain process, successful exploit could allow the attacker write files to a crafted path. | ||||
| CVE-2020-9251 | 1 Huawei | 2 Mate 20, P30 Firmware | 2024-11-21 | 2.4 Low |
| HUAWEI Mate 20 smartphones with versions earlier than 10.1.0.160(C00E160R2P11) have an improper authorization vulnerability. The software does not properly restrict certain operation in certain scenario, the attacker should do certain configuration before the user turns on student mode function. Successful exploit could allow the attacker to bypass the limit of student mode function. Affected product versions include: HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8). | ||||
| CVE-2020-9249 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 6.5 Medium |
| HUAWEI P30 smartphones with versions earlier than 10.1.0.160(C00E160R2P11) have a denial of service vulnerability. A module does not deal with mal-crafted messages and it leads to memory leak. Attackers can exploit this vulnerability to make the device denial of service.Affected product versions include: HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11). | ||||
| CVE-2020-9248 | 1 Huawei | 1 Fusioncompute | 2024-11-21 | 6.7 Medium |
| Huawei FusionComput 8.0.0 have an improper authorization vulnerability. A module does not verify some input correctly and authorizes files with incorrect access. Attackers can exploit this vulnerability to launch privilege escalation attack. This can compromise normal service. | ||||
| CVE-2020-9247 | 1 Huawei | 26 Hima-l29c, Hima-l29c Firmware, Honor 20 Pro and 23 more | 2024-11-21 | 7.8 High |
| There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B. | ||||