Filtered by vendor Huawei
Subscriptions
Total
2040 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-5213 | 1 Huawei | 2 Honor Play, Honor Play Firmware | 2024-11-21 | 2.4 Low |
| Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0.321(C00E320R1P1T8) have an insufficient authentication vulnerability. The system has a logic judge error under certain scenario. Successful exploit could allow the attacker to modify the alarm clock settings after a serious of uncommon operations without unlock the screen lock. | ||||
| CVE-2019-5212 | 1 Huawei | 2 P20, P20 Firmware | 2024-11-21 | 5.5 Medium |
| There is an improper access control vulnerability in Huawei Share. The software does not properly restrict access to certain file from certain application. An attacker tricks the user into installing a malicious application then establishing a connect to the attacker through Huawei Share, successful exploit could cause information disclosure. | ||||
| CVE-2019-5211 | 1 Huawei | 2 P20, P20 Firmware | 2024-11-21 | 5.7 Medium |
| The Huawei Share function of P20 phones with versions earlier than Emily-L29C 9.1.0.311 has an improper file management vulnerability. The attacker tricks the victim to perform certain operations on the mobile phone during file transfer. Because the file is not properly processed, successfully exploit may cause some files on the victim's mobile phone are deleted. | ||||
| CVE-2019-5210 | 1 Huawei | 4 Nova 5, Nova 5 Firmware, Nova 5i Pro and 1 more | 2024-11-21 | 7.8 High |
| Nova 5i pro and Nova 5 smartphones with versions earlier than 9.1.1.190(C00E190R6P2)and Versions earlier than 9.1.1.175(C00E170R3P2) have an improper validation of array index vulnerability. The system does not properly validate the input value before use it as an array index when processing certain image information. The attacker tricks the user into installing a malicious application, successful exploit could cause malicious code execution. | ||||
| CVE-2019-19441 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 6.5 Medium |
| HUAWEI P30 smart phones with versions earlier than 10.0.0.166(C00E66R1P11) have an information leak vulnerability. An attacker could send specific command in the local area network (LAN) to exploit this vulnerability. Successful exploitation may cause information leak. | ||||
| CVE-2019-19417 | 1 Huawei | 100 Ar120-s, Ar120-s Firmware, Ar1200 and 97 more | 2024-11-21 | 7.5 High |
| The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en. | ||||
| CVE-2019-19416 | 1 Huawei | 100 Ar120-s, Ar120-s Firmware, Ar1200 and 97 more | 2024-11-21 | 7.5 High |
| The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en. | ||||
| CVE-2019-19415 | 1 Huawei | 100 Ar120-s, Ar120-s Firmware, Ar1200 and 97 more | 2024-11-21 | 7.5 High |
| The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en. | ||||
| CVE-2019-19414 | 1 Huawei | 14 Dbs3900 Tdd Lte, Dbs3900 Tdd Lte Firmware, Dp300 and 11 more | 2024-11-21 | 7.5 High |
| There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash. | ||||
| CVE-2019-19413 | 1 Huawei | 14 Dbs3900 Tdd Lte, Dbs3900 Tdd Lte Firmware, Dp300 and 11 more | 2024-11-21 | 7.5 High |
| There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash. | ||||
| CVE-2019-19412 | 1 Huawei | 56 Alp-al00b, Alp-al00b Firmware, Alp-l09 and 53 more | 2024-11-21 | 4.6 Medium |
| Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en. | ||||
| CVE-2019-19411 | 1 Huawei | 2 Usg9500, Usg9500 Firmware | 2024-11-21 | 3.7 Low |
| USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 have an information leakage vulnerability. Due to improper processing of the initialization vector used in a specific encryption algorithm, an attacker who gains access to this cryptographic primitive may exploit this vulnerability to cause the value of the confidentiality associated with its use to be diminished. | ||||
| CVE-2019-19398 | 1 Huawei | 2 M5 Lite 10, M5 Lite 10 Firmware | 2024-11-21 | 9.8 Critical |
| M5 lite 10 with versions of 8.0.0.182(C00) have an insufficient input validation vulnerability. Due to the input validation logic is incorrect, an attacker can exploit this vulnerability to modify the memory of the device by doing a series of operations. Successful exploit may lead to malicious code execution. | ||||
| CVE-2019-19397 | 1 Huawei | 14 S12700, S12700 Firmware, S1700 and 11 more | 2024-11-21 | 7.5 High |
| There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks. | ||||
| CVE-2019-14835 | 8 Canonical, Debian, Fedoraproject and 5 more | 49 Ubuntu Linux, Debian Linux, Fedora and 46 more | 2024-11-21 | 7.8 High |
| A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. | ||||
| CVE-2018-7994 | 1 Huawei | 7 Ips Module, Ngfw Module, Nip6300 and 4 more | 2024-11-21 | N/A |
| Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50 have a memory leak vulnerability. The software does not release allocated memory properly when processing Protal questionnaire. A remote attacker could send a lot questionnaires to the device, successful exploit could cause the device to reboot since running out of memory. | ||||
| CVE-2018-7993 | 1 Huawei | 2 Mate 10, Mate 10 Firmware | 2024-11-21 | N/A |
| HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulnerability on mediaserver component. An attacker tricks the user install a malicious application, which make the software to reference memory after it has been freed. Successful exploit could cause execution of arbitrary code. | ||||
| CVE-2018-7992 | 1 Huawei | 8 Mate 9, Mate 9 Firmware, Mate 9 Pro and 5 more | 2024-11-21 | N/A |
| Mdapt Driver of Huawei MediaPad M3 BTV-W09C128B353CUSTC128D001; Mate 9 Pro versions earlier than 8.0.0.356(C00); P10 Plus versions earlier than 8.0.0.357(C00) has a buffer overflow vulnerability. The driver does not sufficiently validate the input, an attacker could trick the user to install a malicious application which would send crafted parameters to the driver. Successful exploit could cause a denial of service condition. | ||||
| CVE-2018-7991 | 1 Huawei | 2 Mate10, Mate10 Firmware | 2024-11-21 | N/A |
| Huawei smartphones Mate10 with versions earlier before ALP-AL00B 8.0.0.110(C00) have a Factory Reset Protection (FRP) bypass vulnerability. The system does not sufficiently verify the permission, an attacker uses a data cable to connect the smartphone to the computer and then perform some specific operations. Successful exploit could allow the attacker bypass the FRP protection to access the system setting page. | ||||
| CVE-2018-7990 | 1 Huawei | 2 Mate 10 Pro, Mate 10 Pro Firmware | 2024-11-21 | N/A |
| Mate10 Pro Huawei smart phones with the versions before 8.1.0.326(C00) have a FRP bypass vulnerability. During the mobile phone reseting process, an attacker could bypass "Find My Phone" protect after a series of voice and keyboard operations. Successful exploit could allow an attacker to bypass FRP. | ||||