Skip to main content

Huawei

803 CVEs vendor

Monthly

CVE-2018-7946 MEDIUM This Month

There is an information leak vulnerability in some Huawei smartphones. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Honor 7A Firmware Honor 9 Lite Firmware
NVD
CVSS 3.0
4.3
EPSS
0.3%
CVE-2018-7926 MEDIUM This Month

Huawei Watch 2 with versions and earlier than OWDD.180707.001.E1 have an improper authorization vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Watch 2 Firmware
NVD
CVSS 3.0
4.6
EPSS
0.2%
CVE-2018-7925 MEDIUM This Month

The radio module of some Huawei smartphones Emily-AL00A The versions before 8.1.0.171(C00) have a lock-screen bypass vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Emily Al00A Firmware
NVD
CVSS 3.0
6.8
EPSS
0.2%
CVE-2018-7910 MEDIUM This Month

Some Huawei smartphones ALP-AL00B 8.0.0.118D(C00), ALP-TL00B 8.0.0.118D(C01), BLA-AL00B 8.0.0.118D(C00), BLA-L09C 8.0.0.127(C432), 8.0.0.128(C432), 8.0.0.137(C432), BLA-L29C 8.0.0.129(C432),. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Alp Al00B Firmware Alp Tl00B Firmware Bla Al00B Firmware +2
NVD
CVSS 3.0
6.8
EPSS
0.3%
CVE-2018-7911 MEDIUM This Month

Some Huawei smart phones ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), 8.0.0.113(SP3C00), 8.0.0.113(SP7C00), 8.0.0.118(C00), 8.0.0.120(SP2C00), 8.0.0.125(SP1C00), 8.0.0.125(SP3C00), 8.0.0.126(SP2C00),. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Huawei Alp Al00B Firmware Alp Al00B Rsc Firmware +3
NVD
CVSS 3.0
4.6
EPSS
0.2%
CVE-2018-7989 MEDIUM This Month

Huawei Mate 10 pro smartphones with the versions before BLA-AL00B 8.1.0.326(C00) have an improper authentication vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Mate 10 Pro Firmware
NVD
CVSS 3.0
4.6
EPSS
0.2%
CVE-2018-7924 LOW Monitor

Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerability. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Anne Al00 Firmware
NVD
CVSS 3.0
2.4
EPSS
0.2%
CVE-2018-7928 MEDIUM This Month

There is a security vulnerability which could lead to Factory Reset Protection (FRP) bypass in the MyCloud APP with the versions before 8.1.2.303 installed on some Huawei smart phones. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei My Cloud
NVD
CVSS 3.0
4.6
EPSS
0.3%
CVE-2018-7907 MEDIUM This Month

Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001,. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Agassi L09 Firmware Agassi W09 Firmware Baggio2 U01A Firmware +16
NVD
CVSS 3.0
5.5
EPSS
0.7%
CVE-2018-7991 MEDIUM This Month

Huawei smartphones Mate10 with versions earlier before ALP-AL00B 8.0.0.110(C00) have a Factory Reset Protection (FRP) bypass vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Mate10 Firmware
NVD
CVSS 3.0
4.6
EPSS
0.2%
CVE-2018-7929 MEDIUM This Month

Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.167(C786) have a lock-screen bypass vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Mate Rs Firmware
NVD
CVSS 3.0
6.8
EPSS
0.2%
CVE-2018-7939 MEDIUM This Month

Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 with the versions before VNS-L53C605B120CUSTC605D103, the versions before CAM-L03C605B143CUSTC605D008, the versions before CAM-L21C10B145, the. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei G9 Lite Firmware Honor 5A Firmware Honor 5A +2
NVD
CVSS 3.0
4.6
EPSS
0.2%
CVE-2018-7923 HIGH This Week

Huawei ALP-L09 smart phones with versions earlier than ALP-L09 8.0.0.150(C432) have an insufficient input validation vulnerability due to lack of parameter check. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei RCE Alp L09 Firmware
NVD
CVSS 3.0
7.8
EPSS
1.0%
CVE-2018-7922 HIGH This Week

Huawei ALP-L09 smart phones with versions earlier than ALP-L09 8.0.0.150(C432) have an insufficient input validation vulnerability due to lack of parameter check. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei RCE Alp L09 Firmware
NVD
CVSS 3.0
7.8
EPSS
1.0%
CVE-2018-7921 MEDIUM POC THREAT This Month

Huawei B315s-22 products with software of 21.318.01.00.26 have an information leak vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Huawei Information Disclosure B315S 22 Firmware
NVD Exploit-DB
CVSS 3.0
6.5
EPSS
13.2%
CVE-2018-7906 MEDIUM This Month

Some Huawei smart phones with software of Leland-AL00 8.0.0.114(C636), Leland-AL00A 8.0.0.171(C00) have a denial of service (DoS) vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Leland Al00 Firmware Lleland Al00A Firmware
NVD
CVSS 3.0
5.5
EPSS
0.6%
CVE-2018-7990 MEDIUM This Month

Mate10 Pro Huawei smart phones with the versions before 8.1.0.326(C00) have a FRP bypass vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Mate 10 Pro Firmware
NVD
CVSS 3.0
4.6
EPSS
0.2%
CVE-2018-7938 LOW Monitor

P10 Huawei smartphones with the versions before Victoria-AL00AC00B217 have an information leak vulnerability due to the lack of permission validation. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure P10 Firmware
NVD
CVSS 3.0
3.3
EPSS
0.5%
CVE-2018-7937 HIGH This Week

In Huawei HiRouter-CD20-10 with the versions before 1.9.6 and WS5200-10 with the versions before 1.9.6, there is a plug-in signature bypass vulnerability due to insufficient plug-in verification. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Hirouter Cd20 Firmware Ws5200 10 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2018-7936 MEDIUM This Month

Mate 10 Pro Huawei smart phones with the versions before BLA-L29 8.0.0.148(C432) have a Factory Reset Protection (FRP) bypass security vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Mate 10 Pro Firmware
NVD
CVSS 3.0
4.6
EPSS
0.2%
CVE-2018-7994 HIGH This Week

Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Ips Module Ngfw Module Nip6300 +4
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2018-7993 HIGH This Week

HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulnerability on mediaserver component. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei RCE Use After Free Denial Of Service Memory Corruption +1
NVD
CVSS 3.0
7.8
EPSS
1.1%
CVE-2018-7992 MEDIUM This Month

Mdapt Driver of Huawei MediaPad M3 BTV-W09C128B353CUSTC128D001; Mate 9 Pro versions earlier than 8.0.0.356(C00); P10 Plus versions earlier than 8.0.0.357(C00) has a buffer overflow vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Buffer Overflow Mediapad M3 Firmware Mate 9 Pro Firmware +2
NVD
CVSS 3.0
5.5
EPSS
0.5%
CVE-2018-7957 LOW Monitor

Huawei smartphones with software Victoria-AL00 8.0.0.336a(C00) have an information leakage vulnerability. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Huawei Victoria Al00 Firmware
NVD
CVSS 3.0
3.3
EPSS
0.2%
CVE-2018-7947 LOW Monitor

Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Huawei Emily Al00A Firmware
NVD
CVSS 3.0
3.9
EPSS
0.2%
CVE-2018-7934 MEDIUM This Month

Some Huawei mobile phone with the versions before BLA-L29 8.0.0.145(C432) have a denial of service (DoS) vulnerability because they do not adapt to specific screen gestures. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Mate 10 Pro Firmware
NVD
CVSS 3.0
5.5
EPSS
0.6%
CVE-2018-7944 MEDIUM This Month

Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Emily Al00A Firmware
NVD
CVSS 3.0
6.8
EPSS
0.3%
CVE-2018-7943 HIGH This Week

There is an authentication bypass vulnerability in some Huawei servers. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Huawei 1288H V5 Firmware 2288H V5 Firmware 2488 V5 Firmware +17
NVD
CVSS 3.0
8.8
EPSS
1.2%
CVE-2018-7976 MEDIUM This Month

There is a stored cross-site scripting (XSS) vulnerability in Huawei eSpace Desktop V300R001C00 and V300R001C50 version. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Huawei Espace Desktop
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2018-7951 HIGH This Week

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection RCE Huawei 1288H V5 Firmware 2288H V5 Firmware +18
NVD
CVSS 3.0
8.8
EPSS
2.0%
CVE-2018-7950 HIGH This Week

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection RCE Huawei 1288H V5 Firmware 2288H V5 Firmware +18
NVD
CVSS 3.0
8.8
EPSS
2.0%
CVE-2018-7949 HIGH This Week

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a privilege escalation vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Huawei 1288H V5 Firmware 2288H V5 Firmware +18
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-7942 HIGH This Week

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have an authentication bypass vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei 1288H V5 Firmware 2288H V5 Firmware 2488 V5 Firmware +4
NVD
CVSS 3.0
7.5
EPSS
1.6%
CVE-2018-7904 HIGH This Week

Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Huawei 1288H V5 Firmware 2288H V5 Firmware
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-7903 HIGH This Week

Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Huawei 1288H V5 Firmware 2288H V5 Firmware
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-7902 HIGH This Week

Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Huawei 1288H V5 Firmware 2288H V5 Firmware
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-7941 HIGH This Week

Huawei iBMC V200R002C60 have an authentication bypass vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Ch121 V3 Firmware Ch121L V3 Firmware Ch140 V3 Firmware +17
NVD
CVSS 3.0
8.8
EPSS
0.8%
CVE-2018-7940 MEDIUM This Month

Huawei smart phones Mate 10 and Mate 10 Pro with earlier versions than 8.0.0.129(SP2C00) and earlier versions than 8.0.0.129(SP2C01) have an authentication bypass vulnerability. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Huawei Mate 9 Firmware Mate 9 Pro Firmware
NVD
CVSS 3.0
6.2
EPSS
0.3%
CVE-2018-7933 HIGH This Week

Huawei home gateway products HiRouter-CD20 and WS5200 with the versions before HiRouter-CD20-10 1.9.6 and the versions before WS5200-10 1.9.6 have a path traversal vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation Huawei Path Traversal Hirouter Cd20 Firmware +1
NVD
CVSS 3.0
7.8
EPSS
1.0%
CVE-2018-7901 MEDIUM This Month

RCS module in Huawei ALP-AL00B smart phones with software versions earlier than 8.0.0.129, BLA-AL00B smart phones with software versions earlier than 8.0.0.129 has a remote control vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Alp Al00B Firmware Bla Al00B Firmware
NVD
CVSS 3.0
4.4
EPSS
0.5%
CVE-2018-7932 HIGH This Week

Huawei AppGallery versions before 8.0.4.301 has an arbitrary Javascript running vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Appgallery
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2018-7931 MEDIUM This Month

Huawei AppGallery versions before 8.0.4.301 has a whitelist mechanism bypass vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Appgallery
NVD
CVSS 3.0
4.3
EPSS
0.7%
CVE-2018-7920 HIGH This Week

Huawei AR1200 V200R006C10SPC300, AR160 V200R006C10SPC300, AR200 V200R006C10SPC300, AR2200 V200R006C10SPC300, AR3200 V200R006C10SPC300 devices have an improper resource management vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Ar1200 Firmware Ar160 Firmware Ar200 Firmware +2
NVD
CVSS 3.0
7.5
EPSS
0.9%
CVE-2018-7899 MEDIUM This Month

The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00),. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Berkeley Al20 Firmware Berkeley Bd Firmware
NVD
CVSS 3.0
5.5
EPSS
0.6%
CVE-2018-7930 MEDIUM This Month

The Near Field Communication (NFC) module in Mate 9 Huawei mobile phones with the versions before MHA-L29B 8.0.0.366(C567) has an information leak vulnerability due to insufficient validation on data. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Mate 9 Firmware
NVD
CVSS 3.0
5.7
EPSS
0.4%
CVE-2017-15328 HIGH This Week

Huawei HG8245H version earlier than V300R018C00SPC110 has an authentication bypass vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Information Disclosure Hg8245H Firmware
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2017-15324 HIGH This Week

Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure S5700 Firmware S6700 Firmware
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2017-15322 MEDIUM This Month

Some Huawei smartphones with software of BGO-L03C158B003CUSTC158D001 and BGO-L03C331B009CUSTC331D001 have a DoS vulnerability due to insufficient input validation. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Baggio L03A Firmware
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-15321 LOW Monitor

Huawei FusionSphere OpenStack V100R006C000SPC102 (NFV) has an information leak vulnerability due to the use of a low version transmission protocol by default. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Information Disclosure Fusionsphere Openstack
NVD
CVSS 3.0
3.7
EPSS
0.1%
CVE-2017-15320 HIGH This Week

RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Rp200 Firmware Te30 Firmware +3
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2017-15319 HIGH This Week

RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Rp200 Firmware Te30 Firmware +3
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2017-15318 HIGH This Week

RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Rp200 Firmware Te30 Firmware +3
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2017-15317 HIGH This Week

AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Ar120 S Firmware Ar1200 Firmware +13
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2017-15316 HIGH This Week

The GPU driver of Mate 9 Huawei smart phones with software before MHA-AL00B 8.0.0.334(C00) and Mate 9 Pro Huawei smart phones with software before LON-AL00B 8.0.0.334(C00) has a memory double free. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Huawei Mate 9 Firmware Mate 9 Pro Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-15313 HIGH This Week

Huawei SmartCare V200R003C10 has a CSV injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Huawei Smartcare
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2017-15312 MEDIUM This Month

Huawei SmartCare V200R003C10 has a stored XSS (cross-site scripting) vulnerability in the dashboard module. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Huawei Smartcare
NVD
CVSS 3.0
5.4
EPSS
0.1%
CVE-2017-15311 HIGH This Week

The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei Denial Of Service Mate 10 Firmware +3
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-15310 MEDIUM This Month

Huawei iReader app before 8.0.2.301 has an arbitrary file deletion vulnerability due to the lack of input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Ireader
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-15309 HIGH This Week

Huawei iReader app before 8.0.2.301 has a path traversal vulnerability due to insufficient validation on file storage paths. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Huawei Ireader
NVD
CVSS 3.0
7.1
EPSS
0.1%
CVE-2017-15308 HIGH This Week

Huawei iReader app before 8.0.2.301 has an input validation vulnerability due to insufficient validation on the URL used for loading network data. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Ireader
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2017-15307 LOW Monitor

Huawei Honor 8 smartphone with software versions earlier than FRD-L04C567B389 and earlier than FRD-L14C567B389 have a permission control vulnerability due to improper authorization configuration on. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Huawei Information Disclosure Honor 8 Firmware
NVD
CVSS 3.0
2.3
EPSS
0.0%
CVE-2014-8358 HIGH POC This Week

Huawei EC156, EC176, and EC177 USB Modem products with software before UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) and before V200R003B015D02SP08C1014 (23.015.02.08.1014) use a weak ACL for the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Huawei Information Disclosure Ec156 Firmware Ec176 Firmware Ec177 Firmware
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
0.8%
CVE-2017-8216 MEDIUM This Month

Warsaw Huawei Smart phones with software of versions earlier than Warsaw-AL00C00B180, versions earlier than Warsaw-TL10C01B180 have a permission control vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Google Authentication Bypass P10 Lite Firmware
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8215 MEDIUM This Month

Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Huawei Honor 8 Firmware Honor V8 Firmware Honor 9 Firmware +6
NVD
CVSS 3.0
6.2
EPSS
0.0%
CVE-2017-8214 MEDIUM This Month

Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity. No vendor patch available.

Huawei Authentication Bypass Honor 8 Firmware Honor V8 Firmware Honor 9 Firmware +6
NVD
CVSS 3.0
6.2
EPSS
0.0%
CVE-2017-8213 MEDIUM This Month

Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, V100R005C00SPC101B001T, V100R005C00SPC102, V100R005C00SPC103, V100R005C00SPC200, V100R005C00SPC201T, V500R002C00, V600R006C00 has an. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Smc2 0 Firmware
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2017-8212 HIGH This Week

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Huawei Honor 5C Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8211 HIGH This Week

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Huawei Honor 5C Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8210 HIGH This Week

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Huawei Honor 5C Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8209 HIGH This Week

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Huawei Honor 5C Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8208 HIGH This Week

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Huawei Honor 5C Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8207 HIGH This Week

The driver of honor 5C, honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Huawei Honor 5C Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8205 HIGH This Week

The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Huawei Honor 9 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8204 HIGH This Week

The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has a buffer overflow vulnerability due to the lack of parameter validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei Honor 9 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8203 HIGH This Week

The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with software of Versions earlier than BAC-AL00C00B173,Versions earlier than PIC-AL00C00B173 has a use after free (UAF) vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Memory Corruption Huawei +2
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-8202 MEDIUM This Month

The CameraISP driver of some Huawei smart phones with software of versions earlier than Prague-AL00AC00B205,versions earlier than Prague-AL00BC00B205,versions earlier than. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Prague Al00A Firmware Prague Al00B Firmware Prague Al00C Firmware +2
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8186 MEDIUM This Month

The Bastet of some Huawei mobile phones with software of earlier than MHA-AL00BC00B231 versions has a DOS vulnerability due to the lack of parameter validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Mha Al00A
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8184 MEDIUM This Month

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory access vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Mtk Platform Smart Phone Firmware
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8183 MEDIUM This Month

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory access vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Mtk Platform Smart Phone Firmware
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8182 MEDIUM This Month

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a out-of-bound read vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure Mtk Platform Smart Phone Firmware
NVD
CVSS 3.0
6.1
EPSS
0.1%
CVE-2017-8181 HIGH This Week

The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a arbitrary memory write vulnerability.Due to the insufficient input verification,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Privilege Escalation Mtk Platform Smart Phone Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8180 HIGH This Week

The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Privilege Escalation Mtk Platform Smart Phone Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8179 HIGH This Week

The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Privilege Escalation Mtk Platform Smart Phone Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8178 MEDIUM This Month

Huawei Email APP Vicky-AL00 smartphones with software of earlier than VKY-AL00C00B171 versions has a stored cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Huawei Vicky Al00 Firmware
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-8177 MEDIUM This Month

Huawei APP HiWallet earlier than 5.0.3.100 versions do not support signature verification for APK file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Huawei Jwt Attack Hiwallet
NVD
CVSS 3.0
5.3
EPSS
0.1%
CVE-2017-8175 MEDIUM This Month

The Bastet of some Huawei mobile phones with software earlier than Vicky-AL00AC00B167 versions, earlier than Victoria-AL00AC00B167 versions, earlier than Warsaw-AL00C00B191 versions has an. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Vicky Al00A Victoria Al00A Warsaw Al00
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2017-8174 HIGH This Week

Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Secospace Usg6300 Firmware Secospace Usg6600 Firmware
NVD
CVSS 3.0
7.5
EPSS
0.1%
CVE-2017-8171 MEDIUM This Month

Huawei smart phones with software earlier than Vicky-AL00AC00B172D versions have a Factory Reset Protection (FRP) bypass security vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Huawei Information Disclosure P10 Plus Firmware
NVD
CVSS 3.0
4.6
EPSS
0.0%
CVE-2017-8170 HIGH This Week

Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei Vie L09 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8169 HIGH This Week

Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei Vie L09 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.2%
EPSS 0% CVSS 4.3
MEDIUM This Month

There is an information leak vulnerability in some Huawei smartphones. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Honor 7A Firmware +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Huawei Watch 2 with versions and earlier than OWDD.180707.001.E1 have an improper authorization vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Watch 2 Firmware
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

The radio module of some Huawei smartphones Emily-AL00A The versions before 8.1.0.171(C00) have a lock-screen bypass vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Emily Al00A Firmware
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Some Huawei smartphones ALP-AL00B 8.0.0.118D(C00), ALP-TL00B 8.0.0.118D(C01), BLA-AL00B 8.0.0.118D(C00), BLA-L09C 8.0.0.127(C432), 8.0.0.128(C432), 8.0.0.137(C432), BLA-L29C 8.0.0.129(C432),. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Alp Al00B Firmware +4
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Some Huawei smart phones ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), 8.0.0.113(SP3C00), 8.0.0.113(SP7C00), 8.0.0.118(C00), 8.0.0.120(SP2C00), 8.0.0.125(SP1C00), 8.0.0.125(SP3C00), 8.0.0.126(SP2C00),. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Huawei +5
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Huawei Mate 10 pro smartphones with the versions before BLA-AL00B 8.1.0.326(C00) have an improper authentication vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Mate 10 Pro Firmware
NVD
EPSS 0% CVSS 2.4
LOW Monitor

Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerability. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Anne Al00 Firmware
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

There is a security vulnerability which could lead to Factory Reset Protection (FRP) bypass in the MyCloud APP with the versions before 8.1.2.303 installed on some Huawei smart phones. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei My Cloud
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001,. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Agassi L09 Firmware +18
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Huawei smartphones Mate10 with versions earlier before ALP-AL00B 8.0.0.110(C00) have a Factory Reset Protection (FRP) bypass vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Mate10 Firmware
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.167(C786) have a lock-screen bypass vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Mate Rs Firmware
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 with the versions before VNS-L53C605B120CUSTC605D103, the versions before CAM-L03C605B143CUSTC605D008, the versions before CAM-L21C10B145, the. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei G9 Lite Firmware +4
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Huawei ALP-L09 smart phones with versions earlier than ALP-L09 8.0.0.150(C432) have an insufficient input validation vulnerability due to lack of parameter check. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei RCE Alp L09 Firmware
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Huawei ALP-L09 smart phones with versions earlier than ALP-L09 8.0.0.150(C432) have an insufficient input validation vulnerability due to lack of parameter check. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei RCE Alp L09 Firmware
NVD
EPSS 13% CVSS 6.5
MEDIUM POC THREAT This Month

Huawei B315s-22 products with software of 21.318.01.00.26 have an information leak vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Huawei Information Disclosure B315S 22 Firmware
NVD Exploit-DB
EPSS 1% CVSS 5.5
MEDIUM This Month

Some Huawei smart phones with software of Leland-AL00 8.0.0.114(C636), Leland-AL00A 8.0.0.171(C00) have a denial of service (DoS) vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Leland Al00 Firmware +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Mate10 Pro Huawei smart phones with the versions before 8.1.0.326(C00) have a FRP bypass vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Mate 10 Pro Firmware
NVD
EPSS 1% CVSS 3.3
LOW Monitor

P10 Huawei smartphones with the versions before Victoria-AL00AC00B217 have an information leak vulnerability due to the lack of permission validation. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure P10 Firmware
NVD
EPSS 1% CVSS 7.8
HIGH This Week

In Huawei HiRouter-CD20-10 with the versions before 1.9.6 and WS5200-10 with the versions before 1.9.6, there is a plug-in signature bypass vulnerability due to insufficient plug-in verification. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Hirouter Cd20 Firmware +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Mate 10 Pro Huawei smart phones with the versions before BLA-L29 8.0.0.148(C432) have a Factory Reset Protection (FRP) bypass security vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Mate 10 Pro Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Some Huawei products IPS Module V500R001C50; NGFW Module V500R001C50; V500R002C10; NIP6300 V500R001C50; NIP6600 V500R001C50; NIP6800 V500R001C50; Secospace USG6600 V500R001C50; USG9500 V500R001C50. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Ips Module +6
NVD
EPSS 1% CVSS 7.8
HIGH This Week

HUAWEI Mate 10 smartphones with versions earlier than ALP-AL00 8.1.0.311 have a use after free vulnerability on mediaserver component. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei RCE Use After Free +3
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

Mdapt Driver of Huawei MediaPad M3 BTV-W09C128B353CUSTC128D001; Mate 9 Pro versions earlier than 8.0.0.356(C00); P10 Plus versions earlier than 8.0.0.357(C00) has a buffer overflow vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Buffer Overflow +4
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Huawei smartphones with software Victoria-AL00 8.0.0.336a(C00) have an information leakage vulnerability. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Huawei Victoria Al00 Firmware
NVD
EPSS 0% CVSS 3.9
LOW Monitor

Huawei mobile phones with versions earlier before Emily-AL00A 8.1.0.153(C00) have an authentication bypass vulnerability. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Huawei Emily Al00A Firmware
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

Some Huawei mobile phone with the versions before BLA-L29 8.0.0.145(C432) have a denial of service (DoS) vulnerability because they do not adapt to specific screen gestures. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Mate 10 Pro Firmware
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Emily Al00A Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

There is an authentication bypass vulnerability in some Huawei servers. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Huawei 1288H V5 Firmware +19
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

There is a stored cross-site scripting (XSS) vulnerability in Huawei eSpace Desktop V300R001C00 and V300R001C50 version. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Huawei Espace Desktop
NVD
EPSS 2% CVSS 8.8
HIGH This Week

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection RCE Huawei +20
NVD
EPSS 2% CVSS 8.8
HIGH This Week

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection RCE Huawei +20
NVD
EPSS 1% CVSS 8.8
HIGH This Week

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a privilege escalation vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Huawei +20
NVD
EPSS 2% CVSS 7.5
HIGH This Week

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have an authentication bypass vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei 1288H V5 Firmware +6
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Huawei 1288H V5 Firmware +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Huawei 1288H V5 Firmware +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Huawei 1288H V5 Firmware +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Huawei iBMC V200R002C60 have an authentication bypass vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Ch121 V3 Firmware +19
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

Huawei smart phones Mate 10 and Mate 10 Pro with earlier versions than 8.0.0.129(SP2C00) and earlier versions than 8.0.0.129(SP2C01) have an authentication bypass vulnerability. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Huawei Mate 9 Firmware +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Huawei home gateway products HiRouter-CD20 and WS5200 with the versions before HiRouter-CD20-10 1.9.6 and the versions before WS5200-10 1.9.6 have a path traversal vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation Huawei +3
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

RCS module in Huawei ALP-AL00B smart phones with software versions earlier than 8.0.0.129, BLA-AL00B smart phones with software versions earlier than 8.0.0.129 has a remote control vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Alp Al00B Firmware +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Huawei AppGallery versions before 8.0.4.301 has an arbitrary Javascript running vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Appgallery
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Huawei AppGallery versions before 8.0.4.301 has a whitelist mechanism bypass vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Appgallery
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Huawei AR1200 V200R006C10SPC300, AR160 V200R006C10SPC300, AR200 V200R006C10SPC300, AR2200 V200R006C10SPC300, AR3200 V200R006C10SPC300 devices have an improper resource management vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Ar1200 Firmware +4
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00),. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Berkeley Al20 Firmware +1
NVD
EPSS 0% CVSS 5.7
MEDIUM This Month

The Near Field Communication (NFC) module in Mate 9 Huawei mobile phones with the versions before MHA-L29B 8.0.0.366(C567) has an information leak vulnerability due to insufficient validation on data. Rated medium severity (CVSS 5.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Mate 9 Firmware
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Huawei HG8245H version earlier than V300R018C00SPC110 has an authentication bypass vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Information Disclosure +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure S5700 Firmware +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Some Huawei smartphones with software of BGO-L03C158B003CUSTC158D001 and BGO-L03C331B009CUSTC331D001 have a DoS vulnerability due to insufficient input validation. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Baggio L03A Firmware
NVD
EPSS 0% CVSS 3.7
LOW Monitor

Huawei FusionSphere OpenStack V100R006C000SPC102 (NFV) has an information leak vulnerability due to the use of a low version transmission protocol by default. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Huawei Information Disclosure Fusionsphere Openstack
NVD
EPSS 0% CVSS 7.5
HIGH This Week

RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure +5
NVD
EPSS 0% CVSS 7.5
HIGH This Week

RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure +5
NVD
EPSS 0% CVSS 7.5
HIGH This Week

RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, V600R006C00; TE40 V500R002C00, V600R006C00; TE50 V500R002C00, V600R006C00; TE60 V100R001C10, V500R002C00, V600R006C00 have an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure +5
NVD
EPSS 0% CVSS 7.5
HIGH This Week

AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure +15
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The GPU driver of Mate 9 Huawei smart phones with software before MHA-AL00B 8.0.0.334(C00) and Mate 9 Pro Huawei smart phones with software before LON-AL00B 8.0.0.334(C00) has a memory double free. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Huawei Mate 9 Firmware +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Huawei SmartCare V200R003C10 has a CSV injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Huawei Smartcare
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Huawei SmartCare V200R003C10 has a stored XSS (cross-site scripting) vulnerability in the dashboard module. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Huawei Smartcare
NVD
EPSS 0% CVSS 8.8
HIGH This Week

The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei +5
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Huawei iReader app before 8.0.2.301 has an arbitrary file deletion vulnerability due to the lack of input validation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Ireader
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Huawei iReader app before 8.0.2.301 has a path traversal vulnerability due to insufficient validation on file storage paths. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Huawei Ireader
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Huawei iReader app before 8.0.2.301 has an input validation vulnerability due to insufficient validation on the URL used for loading network data. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Ireader
NVD
EPSS 0% CVSS 2.3
LOW Monitor

Huawei Honor 8 smartphone with software versions earlier than FRD-L04C567B389 and earlier than FRD-L14C567B389 have a permission control vulnerability due to improper authorization configuration on. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Huawei Information Disclosure Honor 8 Firmware
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

Huawei EC156, EC176, and EC177 USB Modem products with software before UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) and before V200R003B015D02SP08C1014 (23.015.02.08.1014) use a weak ACL for the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Huawei Information Disclosure Ec156 Firmware +2
NVD Exploit-DB
EPSS 0% CVSS 5.5
MEDIUM This Month

Warsaw Huawei Smart phones with software of versions earlier than Warsaw-AL00C00B180, versions earlier than Warsaw-TL10C01B180 have a permission control vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Google Authentication Bypass +1
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Huawei Honor 8 Firmware +8
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, versions earlier than FRD-DL00C00B391, versions. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity. No vendor patch available.

Huawei Authentication Bypass Honor 8 Firmware +8
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, V100R005C00SPC101B001T, V100R005C00SPC102, V100R005C00SPC103, V100R005C00SPC200, V100R005C00SPC201T, V500R002C00, V600R006C00 has an. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Smc2 0 Firmware
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The driver of honor 5C, honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Huawei +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has a buffer overflow vulnerability due to the lack of parameter validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with software of Versions earlier than BAC-AL00C00B173,Versions earlier than PIC-AL00C00B173 has a use after free (UAF) vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The CameraISP driver of some Huawei smart phones with software of versions earlier than Prague-AL00AC00B205,versions earlier than Prague-AL00BC00B205,versions earlier than. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Prague Al00A Firmware +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The Bastet of some Huawei mobile phones with software of earlier than MHA-AL00BC00B231 versions has a DOS vulnerability due to the lack of parameter validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Mha Al00A
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory access vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Mtk Platform Smart Phone Firmware
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory access vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Mtk Platform Smart Phone Firmware
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a out-of-bound read vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a arbitrary memory write vulnerability.Due to the insufficient input verification,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Privilege Escalation +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Privilege Escalation +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Privilege Escalation +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Huawei Email APP Vicky-AL00 smartphones with software of earlier than VKY-AL00C00B171 versions has a stored cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Huawei Vicky Al00 Firmware
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Huawei APP HiWallet earlier than 5.0.3.100 versions do not support signature verification for APK file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Huawei Jwt Attack +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The Bastet of some Huawei mobile phones with software earlier than Vicky-AL00AC00B167 versions, earlier than Victoria-AL00AC00B167 versions, earlier than Warsaw-AL00C00B191 versions has an. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Vicky Al00A +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Secospace Usg6300 Firmware +1
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Huawei smart phones with software earlier than Vicky-AL00AC00B172D versions have a Factory Reset Protection (FRP) bypass security vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Huawei Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei +1
NVD
Prev Page 6 of 9 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy