Filtered by vendor Huawei
Subscribe
Total
2317 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-9241 | 1 Huawei | 2 E6878-370, E6878-370 Firmware | 2024-11-21 | 6.8 MEDIUM | 7.0 HIGH |
|
Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233) have an improper authorization vulnerability. The device does not restrict certain data received from WAN port. Successful exploit could allow an attacker at WAN side to manage certain service of the device.
|
|||||
| CVE-2020-9240 | 1 Huawei | 2 Taurus-an00b, Taurus-an00b Firmware | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buffer overflow vulnerability. A function in a module does not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected device.
|
|||||
| CVE-2020-9239 | 1 Huawei | 26 Berkeley-l09, Berkeley-l09 Firmware, Bla-a09 and 23 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions earlier than 8.0.0.123(C567),versions earlier than 8.0.0.123(C797);BLA-TL00B versions earlier than 8.1.0.326(C01);Berkeley-L09 versions earlier than 8.0.0.163(C10),versions earlier than 8.0.0.163(C432),Versions earlier than 8.0.0.163(C636),Versions earlier than 8.0.0.172(C10);Duke-L09 versions Duke-L09C10B187, versions Duke-L09C432B189, versions Duke-L09C636B189;HUAWEI P20 versions earlier than 8.0.1.16(C00);HUAWEI P20 Pro versions ear ...
Show More |
|||||
| CVE-2020-9238 | 1 Huawei | 2 Taurus-an00b, Taurus-an00b Firmware | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buffer overflow vulnerability. A function in a module does not verify inputs sufficiently. Attackers can exploit this vulnerability by sending specific request. This could compromise normal service of the affected device.
|
|||||
| CVE-2020-9237 | 1 Huawei | 2 Taurus-al00b, Taurus-al00b Firmware | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
|
Huawei smartphone Taurus-AL00B with versions earlier than 10.1.0.126(C00E125R5P3) have a user after free vulnerability. A module is lack of lock protection. Attackers can exploit this vulnerability by launching specific request. This could compromise normal service of the affected device.
|
|||||
| CVE-2020-9235 | 1 Huawei | 20 Honor 20 Pro, Honor 20 Pro Firmware, Honor View 20 and 17 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier ...
Show More |
|||||
| CVE-2020-9233 | 1 Huawei | 1 Fusioncompute | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the vulnerability to delete some files and cause some services abnormal.
|
|||||
| CVE-2020-9230 | 1 Huawei | 2 Ws5800-10, Ws5800-10 Firmware | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
WS5800-10 version 10.0.3.25 has a denial of service vulnerability. Due to improper verification of specific message, an attacker may exploit this vulnerability to cause specific function to become abnormal.
|
|||||
| CVE-2020-9229 | 1 Huawei | 1 Fusioncompute | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information.
|
|||||
| CVE-2020-9228 | 1 Huawei | 1 Fusioncompute | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information.
|
|||||
| CVE-2020-9227 | 1 Huawei | 2 Moana-al00b, Moana-al00b Firmware | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Huawei Smart Phones Moana-AL00B with versions earlier than 10.1.0.166 have a missing initialization of resource vulnerability. An attacker tricks the user into installing then running a crafted application. Due to improper initialization of specific parameters, successful exploit of this vulnerability may cause device exceptions.
|
|||||
| CVE-2020-9226 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
HUAWEI P30 with versions earlier than 10.1.0.135(C00E135R2P11) have an improper signature verification vulnerability. The system does not improper check signature of specific software package, an attacker may exploit this vulnerability to load a crafted software package to the device.
|
|||||
| CVE-2020-9225 | 1 Huawei | 1 Fusionsphere Openstack | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software does not correctly perform a privilege assignment when an actor attempts to perform an action. Successful exploit could allow certain user to do certain operations beyond its privilege.
|
|||||
| CVE-2020-9223 | 1 Huawei | 8 Honor 20 Pro, Honor 20 Pro Firmware, Princeton-al10d and 5 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a denial of service vulnerability in some Huawei smartphones. Due to the improper processing of received abnormal messages, remote attackers may exploit this vulnerability to cause a denial of service (DoS) on the specific module.
|
|||||
| CVE-2020-9213 | 1 Huawei | 16 Ngfw Module, Ngfw Module Firmware, Nip6300 and 13 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft many specific packets. Successful exploit may cause some services to be abnormal. Affected products include some versions of NGFW Module, NIP6300, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500, Secospace USG6600 and SG9500.
|
|||||
| CVE-2020-9212 | 1 Huawei | 2 Usg9500, Usg9500 Firmware | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
There is a vulnerability in some version of USG9500 that the device improperly handles the information when a user logs in to device. The attacker can exploit the vulnerability to perform some operation and can get information and cause information leak.
|
|||||
| CVE-2020-9209 | 1 Huawei | 2 Smc2.0, Smc2.0 Firmware | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
|
There is a privilege escalation vulnerability in SMC2.0 product. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this vulnerability by crafting malicious file to launch privilege escalation. This can compromise normal service of affected products.
|
|||||
| CVE-2020-9208 | 1 Huawei | 1 Imanager Neteco 6000 | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
There is an information leak vulnerability in iManager NetEco 6000 versions V600R021C00. A module is lack of authentication. Attackers without access to the module can exploit this vulnerability to obtain extra information, leading to information leak.
|
|||||
| CVE-2020-9207 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service.
|
|||||
| CVE-2020-9206 | 1 Huawei | 2 Eudc660, Eudc660 Firmware | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
|
The eUDC660 product has a resource management vulnerability. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper resource management of the device, as a result, the key file can be obtained and data can be decrypted, affecting confidentiality, integrity, and availability of the device.
|
|||||
| CVE-2020-9205 | 1 Huawei | 1 Manageone | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
There has a CSV injection vulnerability in ManageOne 8.0.1. An attacker with common privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device.
|
|||||
| CVE-2020-9203 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 2.1 LOW | 3.3 LOW |
|
There is a resource management errors vulnerability in Huawei P30. Local attackers construct broadcast message for some application, causing this application to send this broadcast message and impact the customer's use experience.
|
|||||
| CVE-2020-9202 | 1 Huawei | 1 Te Mobile | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
There is an information disclosure vulnerability in TE Mobile software versions V600R006C10,V600R006C10SPC100. Due to the improper storage of some information in certain specific scenario, the attacker can gain information in the victim's device to launch the attack, successful exploit could cause information disclosure.
|
|||||
| CVE-2020-9201 | 1 Huawei | 6 Nip6800, Nip6800 Firmware, Secospace Usg6600 and 3 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
There is an out-of-bounds read vulnerability in some versions of NIP6800, Secospace USG6600 and USG9500. The software reads data past the end of the intended buffer when parsing DHCP messages including crafted parameter. Successful exploit could cause certain service abnormal.
|
|||||
| CVE-2020-9200 | 1 Huawei | 1 Imanager Neteco 6000 | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. An attacker with common privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device.
|
|||||
| CVE-2020-9199 | 1 Huawei | 6 B2368-22, B2368-22 Firmware, B2368-57 and 3 more | 2024-11-21 | 7.7 HIGH | 6.8 MEDIUM |
|
B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the LAN. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject commands to the target device.
|
|||||
| CVE-2020-9158 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
There is a Missing Cryptographic Step vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS of Samgr.
|
|||||
| CVE-2020-9149 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
An application error verification vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to modify and delete user SMS messages.
|
|||||
| CVE-2020-9148 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
An application bypass mechanism vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to delete user SMS messages.
|
|||||
| CVE-2020-9147 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
|
A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers may exploit this vulnerability by carefully constructing attack scenarios to cause out-of-bounds read.
|
|||||
| CVE-2020-9146 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 1.9 LOW | 5.5 MEDIUM |
|
A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios.
|
|||||
| CVE-2020-9145 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
There is an Out-of-bounds Write vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability may cause out-of-bounds access to the physical memory.
|
|||||
| CVE-2020-9144 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
There is a heap overflow vulnerability in some Huawei smartphone, attackers can exploit this vulnerability to cause heap overflows due to improper restriction of operations within the bounds of a memory buffer.
|
|||||
| CVE-2020-9143 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
There is a missing authentication vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability may lead to low-sensitive information exposure.
|
|||||
| CVE-2020-9142 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly processes the update file.
|
|||||
| CVE-2020-9141 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity.
|
|||||
| CVE-2020-9140 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
There is a vulnerability with buffer access with incorrect length value in some Huawei Smartphone.Unauthorized users may trigger code execution when a buffer overflow occurs.
|
|||||
| CVE-2020-9139 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service.
|
|||||
| CVE-2020-9138 | 1 Huawei | 2 Emui, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
There is a heap-based buffer overflow vulnerability in some Huawei Smartphone, Successful exploit of this vulnerability can cause process exceptions during updating.
|
|||||
| CVE-2020-9137 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
|
There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful exploit will cause privilege escalation.
|
|||||