Filtered by vendor Huawei
Subscribe
Total
2259 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-5368 | 1 Huawei | 2 Ar3200, Ar3200 Firmware | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
| Memory leak in Huawei AR3200 before V200R007C00SPC900 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted Multiprotocol Label Switching (MPLS) packets. | |||||
| CVE-2016-6158 | 1 Huawei | 2 Ws331a Router, Ws331a Router Firmware | 2025-04-12 | 7.1 HIGH | 6.1 MEDIUM |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allow remote attackers to hijack the authentication of administrators for requests that (1) restore factory settings or (2) reboot the device via unspecified vectors. | |||||
| CVE-2016-8277 | 1 Huawei | 3 Usg9520, Usg9560, Usg9580 | 2025-04-12 | 6.8 MEDIUM | 6.5 MEDIUM |
| Huawei USG9520, USG9560, and USG9580 unified security gateways with software before V300R001C01SPCa00 allow remote authenticated users to cause a denial of service (device restart) via an unspecified command parameter. | |||||
| CVE-2016-4005 | 1 Huawei | 1 Hilink App | 2025-04-12 | 7.5 HIGH | 5.5 MEDIUM |
| The Huawei Hilink App application before 3.19.2 for Android does not validate SSL certificates, which allows local users to have unspecified impact via unknown vectors, aka HWPSIRT-2016-03008. | |||||
| CVE-2016-4087 | 1 Huawei | 4 S12700, S12700 Firmware, S5700 and 1 more | 2025-04-12 | 5.1 MEDIUM | 8.1 HIGH |
| Huawei S12700 switches with software before V200R008C00SPC500 and S5700 switches with software before V200R005SPH010, when the debug switch is enabled, allows remote attackers to cause a denial of service or execute arbitrary code via crafted DNS packets. | |||||
| CVE-2015-8331 | 1 Huawei | 1 Vcn500 | 2025-04-12 | 5.8 MEDIUM | 7.4 HIGH |
| The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 does not properly invalidate the session ID when an "abnormal exit" occurs, which allows remote attackers to conduct replay attacks via the session ID. | |||||
| CVE-2015-8318 | 1 Huawei | 4 Mate S, Mate S Firmware, P8 and 1 more | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
| Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2015-8319. | |||||
| CVE-2016-7109 | 1 Huawei | 1 Uma | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
| Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7110. | |||||
| CVE-2016-6826 | 1 Huawei | 1 Anyoffice Secureapp | 2025-04-12 | 7.1 HIGH | 6.5 MEDIUM |
| Huawei AnyMail before 2.6.0301.0060 allows remote attackers to cause a denial of service (application crash) via a crafted compressed email attachment. | |||||
| CVE-2014-9415 | 1 Huawei | 1 Espace Desktop | 2025-04-12 | 1.9 LOW | N/A |
| Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted QES file. | |||||
| CVE-2016-6827 | 1 Huawei | 1 Fusioncompute | 2025-04-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| Huawei FusionCompute before V100R005C10CP7002 stores cleartext AES keys in a file, which allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2016-5365 | 1 Huawei | 2 Honor Ws851, Honor Ws851 Firmware | 2025-04-12 | 10.0 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in Huawei Honor WS851 routers with software 1.1.21.1 and earlier allows remote attackers to execute arbitrary commands with root privileges via unspecified vectors, aka HWPSIRT-2016-05051. | |||||
| CVE-2014-5328 | 1 Huawei | 2 E5332, E5332 Firmware | 2025-04-12 | 6.8 MEDIUM | N/A |
| Buffer overflow in the Webserver component on the Huawei E5332 router before 21.344.27.00.1080 allows remote authenticated users to cause a denial of service (reboot) via a long parameter in an API service request message. | |||||
| CVE-2015-8085 | 1 Huawei | 14 Ar, Ar Firmware, Quidway S5300 and 11 more | 2025-04-12 | 4.0 MEDIUM | 4.9 MEDIUM |
| Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC500 make it easier for remote authenticated administrators to obtain and decrypt passwords by leveraging selection of a reversible encryption algorithm. | |||||
| CVE-2014-4190 | 1 Huawei | 13 Campus Lsw S9700, Campus S2350, Campus S2750 and 10 more | 2025-04-12 | 7.8 HIGH | N/A |
| Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6700, S5300, and S6300 with software V200R002 before V200R002SPH005; S7700, S9300, S9300E, S5300, S5700, S6300, S6700, S2350, S2750, and LSW S9700 with software V200R003 before V200R003SPH005; and S7700, S9300, S9300E, and LSW S9700 with software V200R005 before V200R005C00SPC300 allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet. | |||||
| CVE-2015-8083 | 1 Huawei | 7 Espace Firmware, Espace Unified Gateway U1910, Espace Unified Gateway U1911 and 4 more | 2025-04-12 | 7.8 HIGH | N/A |
| An unspecified module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V200R003C00SPC300 does not properly initialize memory when processing timeout messages, which allows remote attackers to cause a denial of service (out-of-bounds memory access and device restart) via unknown vectors. | |||||
| CVE-2016-4086 | 1 Huawei | 1 Hisuite | 2025-04-12 | 2.9 LOW | 5.3 MEDIUM |
| Huawei HiSuite (In China) before 4.0.4.301 and (Out of China) before 4.0.4.204_ove allows remote attackers to install arbitrary apps on a connected phone via unspecified vectors. | |||||
| CVE-2015-7254 | 1 Huawei | 3 Hg532e, Hg532n, Hg532s | 2025-04-12 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote attackers to read arbitrary files via a .. (dot dot) in an icon/ URI. | |||||
| CVE-2014-8331 | 1 Huawei | 2 E3236 Firmware, E3276 Firmware | 2025-04-12 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3236 before E3276sTCPU-V200R002B470D13SP00C00 and E3276sWebUI-V100R007B100D03SP01C03 and E3276 before E3236sTCPU-V200R002B146D41SP00C00 and E3236sWebUI-V100R007B100D03SP01C03 allow remote attackers to hijack the authentication of administrators for requests that (1) change configuration settings or (2) use device functions. | |||||
| CVE-2016-1495 | 1 Huawei | 2 Mate S, Mate S Firmware | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
| Integer overflow in the graphics drivers in Huawei Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, which triggers a heap-based buffer overflow. | |||||