Manageone
Monthly
There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.
There is a privilege escalation vulnerability in Huawei ManageOne 8.0.0. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
There is a multiple threads race condition vulnerability in Huawei product. Rated medium severity (CVSS 4.1). No vendor patch available.
There is a denial of service vulnerability in some versions of ManageOne. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.
There is a denial of service vulnerability in some versions of ManageOne. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a local privilege escalation vulnerability in some versions of ManageOne. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
There is an improper permission assignment vulnerability in Huawei ManageOne product. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Some Huawei products have an inconsistent interpretation of HTTP requests vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is a local privilege escalation vulnerability in some Huawei products. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
There is a logic vulnerability in Huawei Gauss100 OLTP Product. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ManageOne versions 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, ,6.5.1.1.B050, 8.0.0 and 8.0.1 have a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a double free vulnerability in some Huawei products. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the specific packet length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.
There is a privilege escalation vulnerability in Huawei ManageOne 8.0.0. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
There is a multiple threads race condition vulnerability in Huawei product. Rated medium severity (CVSS 4.1). No vendor patch available.
There is a denial of service vulnerability in some versions of ManageOne. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.
There is a denial of service vulnerability in some versions of ManageOne. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a local privilege escalation vulnerability in some versions of ManageOne. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
There is an improper permission assignment vulnerability in Huawei ManageOne product. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Some Huawei products have an inconsistent interpretation of HTTP requests vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
There is a local privilege escalation vulnerability in some Huawei products. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
There is a logic vulnerability in Huawei Gauss100 OLTP Product. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ManageOne versions 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, ,6.5.1.1.B050, 8.0.0 and 8.0.1 have a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
There is a double free vulnerability in some Huawei products. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the specific packet length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.