Skip to main content
CVE-2017-2729 HIGH This Week

The boot loaders in Honor 5A smart phones with software Versions earlier than CAM-TL00C01B193,Versions earlier than CAM-TL00HC00B193,Versions earlier than CAM-UL00C00B193 have a buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Honor 5A Firmware P8 Lite Firmware
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-2725 HIGH This Week

Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google P10 Firmware P10 Plus Firmware
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-2699 HIGH This Week

The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Huawei File Upload Honor 7 Firmware Mate S Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8180 HIGH This Week

The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Privilege Escalation Mtk Platform Smart Phone Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8179 HIGH This Week

The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Privilege Escalation Mtk Platform Smart Phone Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8141 HIGH This Week

The Touch Panel (TP) driver in P10 Plus smart phones with software versions earlier than VKY-AL00C00B153 has a memory double free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Google P10 Plus Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8140 HIGH This Week

The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE-AL10BC00B353 has a memory double free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE P9 Plus Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8181 HIGH This Week

The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a arbitrary memory write vulnerability.Due to the insufficient input verification,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Privilege Escalation Mtk Platform Smart Phone Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8150 HIGH This Week

The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Huawei P10 Firmware +3
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8205 HIGH This Week

The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Huawei Honor 9 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-2716 HIGH This Week

The camerafs driver in Mate 9 Versions earlier than MHA-AL00BC00B173 has buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Privilege Escalation Mate 9 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-2697 HIGH This Week

The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Gt3 Firmware Honor 5C Firmware Knt Firmware +2
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-2696 HIGH This Week

The emerg_data driver in CAM-L21C10B130 and earlier versions, CAM-L21C185B141 and earlier versions has a buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Y6Ii Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-2698 HIGH This Week

The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google P8 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8137 HIGH This Week

HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hedex Lite
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-7501 HIGH PATCH This Week

It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Privilege Escalation Rpm
NVD GitHub
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-2715 HIGH This Week

The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Huawei Information Disclosure Files
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-8192 HIGH This Week

FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Fusionsphere Openstack
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-8185 HIGH This Week

ME906s-158 earlier than ME906S_Installer_13.1805.10.3 versions has a privilege elevation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Information Disclosure Me906S 158 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-8197 HIGH This Week

FusionSphere V100R006C00SPC102(NFV) has a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Fusionsphere
NVD
CVSS 3.0
7.2
EPSS
1.9%
CVE-2017-8863 HIGH This Week

Information disclosure of .esp source code on the Cohu 3960 allows an attacker to view sensitive information such as application logic with a simple web browser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure 3960Hd Firmware
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-8167 HIGH This Week

Huawei firewall products USG9500 V500R001C50 has a DoS vulnerability.A remote attacker who controls the peer device could exploit the vulnerability by sending malformed IKE packets to the target. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Usg9500 Firmware
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-2700 HIGH This Week

AC6005 with software V200R006C10, AC6605 with software V200R006C10 have a DoS Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ac6005 Firmware Ac6605 Firmware
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2017-8147 HIGH This Week

AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ac6005 Firmware Ac6605 Firmware Ar1200 Firmware Ar200 Firmware +19
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2017-2704 HIGH This Week

Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier versions,HwParentControl 2.0.0 and earlier versions,HwParentControlParent 5.1.0.12 and earlier versions,Crowdtest 1.5.3 and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Smarthome Hiapp Hwparentcontrol +11
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2017-8174 HIGH This Week

Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Secospace Usg6300 Firmware Secospace Usg6600 Firmware
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2017-2736 HIGH This Week

VCM5010 with software versions earlier before V100R002C50SPC100 has a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Vcm5010 Firmware
NVD
CVSS 3.0
7.2
EPSS
1.2%
CVE-2017-8188 HIGH This Week

FusionSphere OpenStack V100R006C00SPC102(NFV)has a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Fusionsphere Openstack
NVD
CVSS 3.0
7.2
EPSS
0.5%
CVE-2017-8198 HIGH This Week

FusionSphere V100R006C00SPC102(NFV) has an SQL injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Fusionsphere
NVD
CVSS 3.0
7.2
EPSS
0.2%
CVE-2017-2706 HIGH This Week

Mate 9 smartphones with software MHA-AL00AC00B125 have a directory traversal vulnerability in Push module. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Mate 9 Firmware
NVD
CVSS 3.0
7.1
EPSS
0.1%
CVE-2017-8153 HIGH This Week

Huawei VMall (for Android) with the versions before 1.5.8.5 have a privilege elevation vulnerability due to improper design. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Huawei Information Disclosure Vmall
NVD
CVSS 3.0
7.1
EPSS
0.1%
CVE-2017-2735 HIGH This Week

TIT-AL00 smartphones with software versions earlier before TIT-AL00C583B214 have a exposed system interface vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Y6 Pro Firmware
NVD
CVSS 3.0
7.1
EPSS
0.1%
CVE-2017-2707 HIGH This Week

Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Mate 9 Firmware
NVD
CVSS 3.0
7.1
EPSS
0.0%
CVE-2017-2691 MEDIUM This Month

Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier before EVA-TL00C01B373 have a lock-screen bypass. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei P9 Firmware
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2017-8156 MEDIUM This Month

The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on the serial port. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass B2338 168 Firmware
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2017-8151 MEDIUM This Month

Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have an authentication bypass vulnerability due to the improper design of some components. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Honor 5S Firmware
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2017-8206 MEDIUM This Month

HONOR 7 Lite mobile phones with software of versions earlier than NEM-L21C432B352 have an App Lock bypass vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Honor 7 Lite Firmware
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2017-8166 MEDIUM This Month

Huawei mobile phones Honor V9 with the software versions before Duke-AL20C00B195 have an App Lock bypass vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Honor V9 Firmware
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2017-2703 MEDIUM This Month

Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions earlier before MHA-TL00BC00B156,Versions earlier. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mate 9 Firmware P9 Firmware
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2017-2702 MEDIUM This Month

Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mate 9 Firmware
NVD
CVSS 3.0
6.8
EPSS
0.0%
CVE-2017-12172 MEDIUM This Month

PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE PostgreSQL
NVD
CVSS 3.0
6.7
EPSS
0.1%
CVE-2017-8190 MEDIUM This Month

FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Code Injection Jwt Attack Fusionsphere Openstack
NVD
CVSS 3.0
6.7
EPSS
0.0%
CVE-2017-2723 MEDIUM This Month

The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Huawei Information Disclosure Files
NVD
CVSS 3.0
6.7
EPSS
0.0%
CVE-2017-8162 MEDIUM This Month

AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR1200-S with. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Ar120 S Firmware Ar1200 Firmware Ar1200 S Firmware Ar150 Firmware +13
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-8860 MEDIUM This Month

Information disclosure through directory listing on the Cohu 3960HD allows an attacker to view and download source code, log files, and other sensitive device information via a specially crafted web. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure 3960Hd Firmware
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-8201 MEDIUM This Month

MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an a memory leak vulnerability in H323 protocol. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Max Presence Firmware Tp3106 Firmware Tp3206 Firmware
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-8200 MEDIUM This Month

MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Max Presence Firmware Tp3106 Firmware Tp3206 Firmware
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-8199 MEDIUM This Month

MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Max Presence Firmware Tp3106 Firmware Tp3206 Firmware
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-8163 MEDIUM This Month

AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR1200-S with. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Ar120 S Firmware Ar1200 Firmware Ar1200 S Firmware +14
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2017-8130 MEDIUM This Month

The UMA product with software V200R001 and V300R001 has an information leak vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Uma
NVD
CVSS 3.0
6.5
EPSS
0.1%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy