Filtered by vendor Huawei
Subscribe
Total
2317 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-37134 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components.
|
|||||
| CVE-2021-37132 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability .Successful exploitation of this vulnerability may cause that Third-party apps can obtain the complete list of Harmony apps without permission.
|
|||||
| CVE-2021-37131 | 1 Huawei | 3 Imanager Neteco, Imanager Neteco 6000, Manageone | 2024-11-21 | 6.0 MEDIUM | 6.8 MEDIUM |
|
There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device.
|
|||||
| CVE-2021-37130 | 1 Huawei | 2 Fusioncube, Fusioncube Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a path traversal vulnerability in Huawei FusionCube 6.0.2.The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a directory that is located underneath a restricted parent directory, but the software does not properly validate the pathname. Successful exploit could allow the attacker to access a location that is outside of the restricted directory by a crafted filename.
|
|||||
| CVE-2021-37129 | 1 Huawei | 22 Ips Module, Ips Module Firmware, Ngfw Module and 19 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC ...
Show More |
|||||
| CVE-2021-37128 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file.
|
|||||
| CVE-2021-37127 | 1 Huawei | 4 Imanager Neteco, Imanager Neteco 6000, Imanager Neteco 6000 Firmware and 1 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
|
There is a signature management vulnerability in some huawei products. An attacker can forge signature and bypass the signature check. During firmware update process, successful exploit this vulnerability can cause the forged system file overwrite the correct system file. Affected product versions include:iManager NetEco V600R010C00CP2001,V600R010C00CP2002,V600R010C00SPC100,V600R010C00SPC110,V600R010C00SPC120,V600R010C00SPC200,V600R010C00SPC210,V600R010C00SPC300;iManager NetEco 6000 V600R009C00S ...
Show More |
|||||
| CVE-2021-37126 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause the directory is traversed.
|
|||||
| CVE-2021-37125 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause confidentiality is affected.
|
|||||
| CVE-2021-37124 | 1 Huawei | 2 Pc Smart Full Scene, Pcmanager | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain path.Affected product versions include:PC Smart Full Scene 11.1 versions PCManager 11.1.1.97.
|
|||||
| CVE-2021-37123 | 1 Huawei | 2 Hero-ct060, Hero-ct060 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
There is an improper authentication vulnerability in Hero-CT060 before 1.0.0.200. The vulnerability is due to that when an user wants to do certain operation, the software does not insufficiently validate the user's identity. Successful exploit could allow the attacker to do certain operations which the user are supposed not to do.
|
|||||
| CVE-2021-37122 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
There is a use-after-free (UAF) vulnerability in Huawei products. An attacker may craft specific packets to exploit this vulnerability. Successful exploitation may cause the service abnormal. Affected product versions include:CloudEngine 12800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 5800 V200R005C10SPC800,V200R019C00SPC800;CloudEngine 6800 V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800;CloudEngine 7800 V200R005C10SPC800,V200R019C00SPC800.
|
|||||
| CVE-2021-37121 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
There is a Configuration defects in Smartphone.Successful exploitation of this vulnerability may elevate the MEID (IMEI) permission.
|
|||||
| CVE-2021-37120 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
There is a Double free vulnerability in Smartphone.Successful exploitation of this vulnerability may cause a kernel crash or privilege escalation.
|
|||||
| CVE-2021-37119 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.
|
|||||
| CVE-2021-37118 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
The HwNearbyMain module has a Improper Handling of Exceptional Conditions vulnerability.Successful exploitation of this vulnerability may lead to message leak.
|
|||||
| CVE-2021-37117 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.
|
|||||
| CVE-2021-37116 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed.
|
|||||
| CVE-2021-37115 | 1 Huawei | 1 Emui | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU.Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2021-37114 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2021-37113 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2021-37112 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability may lead to Firmware leak.
|
|||||
| CVE-2021-37111 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a Memory leakage vulnerability in Smartphone.Successful exploitation of this vulnerability may cause memory exhaustion.
|
|||||
| CVE-2021-37110 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a Timing design defects in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2021-37109 | 1 Huawei | 1 Emui | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
There is a security protection bypass vulnerability with the modem.Successful exploitation of this vulnerability may cause memory protection failure.
|
|||||
| CVE-2021-37107 | 1 Huawei | 1 Emui | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
There is an improper memory access permission configuration on ACPU.Successful exploitation of this vulnerability may cause out-of-bounds access.
|
|||||
| CVE-2021-37106 | 1 Huawei | 1 Fusioncompute | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
|
There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands to the system.
|
|||||
| CVE-2021-37105 | 1 Huawei | 1 Fusioncompute | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
|
There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service abnormal.
|
|||||
| CVE-2021-37104 | 1 Huawei | 2 P40, P40 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a server-side request forgery vulnerability in HUAWEI P40 versions 10.1.0.118(C00E116R3P3). This vulnerability is due to insufficient validation of parameters while dealing with some messages. A successful exploit could allow the attacker to gain access to certain resource which the attacker are supposed not to do.
|
|||||
| CVE-2021-37103 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2021-37102 | 1 Huawei | 1 Fusioncompute | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
There is a command injection vulnerability in CMA service module of FusionCompute product when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands to the system. Affected product versions include: FusionCompute 6.0.0, 6.3.0, 6.3.1, 6.5.0, 6.5.1, 8.0.0.
|
|||||
| CVE-2021-37101 | 1 Huawei | 2 Ais-bw50-00, Ais-bw50-00 Firmware | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
|
There is an improper authorization vulnerability in AIS-BW50-00 9.0.6.2(H100SP10C00) and 9.0.6.2(H100SP15C00). Due to improper authorization mangement, an attakcer can exploit this vulnerability by physical accessing the device and implant malicious code. Successfully exploit could leads to arbitrary code execution in the target device.
|
|||||
| CVE-2021-37100 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a Improper Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to account authentication bypassed.
|
|||||
| CVE-2021-37099 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete any file.
|
|||||
| CVE-2021-37098 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Hilinksvc service exists a Data Processing Errors vulnerability .Successful exploitation of this vulnerability may cause application crash.
|
|||||
| CVE-2021-37097 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
There is a Code Injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system restart.
|
|||||
| CVE-2021-37096 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to user privacy disclosed.
|
|||||
| CVE-2021-37095 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to remote denial of service and potential remote code execution.
|
|||||
| CVE-2021-37094 | 1 Huawei | 1 Harmonyos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to system denial of service.
|
|||||
| CVE-2021-37093 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages.
|
|||||