Filtered by vendor Huawei
Subscribe
Total
2106 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-3676 | 1 Huawei | 2 E3276s, E3276s Firmware | 2025-04-12 | 5.8 MEDIUM | 6.4 MEDIUM |
| Huawei E3276s USB modems with software before E3276s-150TCPU-V200R002B436D09SP00C00 allow man-in-the-middle attackers to intercept, spoof, or modify network traffic via unspecified vectors related to a fake network. | |||||
| CVE-2016-5231 | 1 Huawei | 2 Mate 8, Mate 8 Firmware | 2025-04-12 | 5.0 MEDIUM | 7.8 HIGH |
| Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to bypass permission checks and delete user data via a crafted app. | |||||
| CVE-2016-3677 | 1 Huawei | 2 Hilink App, Wear App | 2025-04-12 | 6.8 MEDIUM | 6.5 MEDIUM |
| The Huawei Wear App application before 15.0.0.307 for Android does not validate SSL certificates, which allows local users to have unspecified impact via unknown vectors, aka HWPSIRT-2016-03008. | |||||
| CVE-2016-2314 | 1 Huawei | 2 Mt882, Mt882 Firmware | 2025-04-12 | 6.3 MEDIUM | 4.9 MEDIUM |
| GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices V200R002B022 Arg, allows remote authenticated users to cause a denial of service (device outage) by using the FTP MKD command to create a directory with a long name, and then using certain other commands. | |||||
| CVE-2016-6178 | 1 Huawei | 10 Cloudengine 12800, Cloudengine 12800 Firmware, Cx600 and 7 more | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| Huawei NE40E and CX600 devices with software before V800R007SPH017; PTN 6900-2-M8 devices with software before V800R007SPH019; NE5000E devices with software before V800R006SPH018; and CloudEngine devices 12800 with software before V100R003SPH010 and V100R005 before V100R005SPH006 allow remote attackers with control plane access to cause a denial of service or execute arbitrary code via a crafted packet. | |||||
| CVE-2015-8088 | 1 Huawei | 4 Mate 7, Mate 7 Firmware, P8 and 1 more | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
| Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 and P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, and GRA-UL10 before GRA-UL10C00B220 allows attackers to cause a denial of service (reboot) or execute arbitrary code via a crafted application. | |||||
| CVE-2016-8277 | 1 Huawei | 3 Usg9520, Usg9560, Usg9580 | 2025-04-12 | 6.8 MEDIUM | 6.5 MEDIUM |
| Huawei USG9520, USG9560, and USG9580 unified security gateways with software before V300R001C01SPCa00 allow remote authenticated users to cause a denial of service (device restart) via an unspecified command parameter. | |||||
| CVE-2015-8305 | 1 Huawei | 2 P7, P7 Firmware | 2025-04-12 | 7.1 HIGH | 5.5 MEDIUM |
| Huawei Sophia-L10 smartphones with software before P7-L10C900B852 allow attackers to cause a denial of service (system panic) via a crafted application with the system or camera privilege. | |||||
| CVE-2014-8359 | 1 Huawei | 4 Ec156, Ec176, Ec177 and 1 more | 2025-04-12 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll in the Mobile Partner directory. | |||||
| CVE-2016-8278 | 1 Huawei | 3 Usg9520, Usg9560, Usg9580 | 2025-04-12 | 7.8 HIGH | 7.5 HIGH |
| Huawei USG9520, USG9560, and USG9580 unified security gateways with software before V300R001C01SPCa00 allow remote attackers to cause a denial of service (device restart) via an unspecified URL. | |||||
| CVE-2015-8229 | 1 Huawei | 3 Espace Firmware, Espace Unified Gateway U2980, Espace Unified Gateway U2990 | 2025-04-12 | 4.0 MEDIUM | N/A |
| Huawei eSpace U2980 unified gateway with software before V100R001C10 and U2990 with software before V200R001C10 allow remote authenticated users to cause a denial of service via crafted signaling packets from a registered device. | |||||
| CVE-2016-6839 | 1 Huawei | 1 Fusionaccess | 2025-04-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| CRLF injection vulnerability in Huawei FusionAccess before V100R006C00 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | |||||
| CVE-2014-5327 | 1 Huawei | 2 E5332, E5332 Firmware | 2025-04-12 | 6.8 MEDIUM | N/A |
| Buffer overflow in the Webserver component on the Huawei E5332 router before 21.344.27.00.1080 allows remote authenticated users to cause a denial of service (reboot) via a long URI. | |||||
| CVE-2014-9415 | 1 Huawei | 1 Espace Desktop | 2025-04-12 | 1.9 LOW | N/A |
| Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted QES file. | |||||
| CVE-2016-6898 | 1 Huawei | 1 E9000 Chassis | 2025-04-12 | 4.9 MEDIUM | 6.6 MEDIUM |
| XML external entity (XXE) vulnerability in the Hyper Management Module (HMM) in Huawei E9000 rack servers with software before V100R001C00SPC296 allows remote authenticated users to read arbitrary files or cause a denial of service (web service outage) via a crafted XML document. | |||||
| CVE-2016-3680 | 1 Huawei | 2 Mate 8, Mate 8 Firmware | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
| Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain privileges via a crafted application, aka HWPSIRT-2016-03020. | |||||
| CVE-2015-8087 | 1 Huawei | 6 Ne20e-s, Ne40e, Ne40e-m and 3 more | 2025-04-12 | 5.0 MEDIUM | N/A |
| Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and NE80E routers with software before V800R007C00SPC100 allows remote attackers to send packets to other VPNs and conduct flooding attacks via a crafted MPLS forwarding packet, aka a "VPN routing and forwarding (VRF) hopping vulnerability." | |||||
| CVE-2014-9134 | 1 Huawei | 2 Honor Cube Wireless Router Ws860s, Honor Cube Wireless Router Ws860s Firewall | 2025-04-12 | 10.0 HIGH | N/A |
| Unrestricted file upload vulnerability in Huawei Honor Cube Wireless Router WS860s before V100R001C02B222 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors. | |||||
| CVE-2015-8306 | 1 Huawei | 2 P8, P8 Firmware | 2025-04-12 | 9.3 HIGH | 7.8 HIGH |
| Buffer overflow in the HIFI driver in Huawei P8 phones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230 allows attackers to cause a denial of service (system crash) or execute arbitrary code via an unspecified parameter. | |||||
| CVE-2016-6669 | 1 Huawei | 8 Usg2100, Usg2100 Firmware, Usg2200 and 5 more | 2025-04-12 | 7.1 HIGH | 7.5 HIGH |
| Buffer overflow in the Authentication, Authorization and Accounting (AAA) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600 allows remote authenticated RADIUS servers to execute arbitrary code by sending a crafted EAP packet. | |||||