Skip to main content

Huawei

Vendor security scorecard – 6 CVEs in the selected period

Period: 30d 90d 6m 1y All
Risk 16
6
CVEs
0
Critical
2
High
0
KEV
1
PoC
1
Unpatched C/H
83.3%
Patch Rate
0.0%
Avg EPSS

Severity Breakdown

CRITICAL
0
HIGH
2
MEDIUM
4
LOW
0

Monthly CVE Trend

Top Risky CVEs

CVE Summary Severity CVSS EPSS Priority Signals
CVE-2020-37220 Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain administrative access by retrieving the device serial number. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. HIGH 8.7 0.1% 64
PoC No patch
CVE-2023-53215 In the Linux kernel, the following vulnerability has been resolved: sched/fair: Don't balance task to its current running CPU We've run into the case that the balancer tries to balance a migration. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. HIGH 7.8 0.0% 39
CVE-2025-39782 In the Linux kernel, the following vulnerability has been resolved: jbd2: prevent softlockup in jbd2_log_do_checkpoint() Both jbd2_log_do_checkpoint() and jbd2_journal_shrink_checkpoint_list(). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. MEDIUM 5.5 0.0% 38
CVE-2026-31767 Division-by-zero denial of service in Linux kernel's Intel i915 DRM driver when loading on certain machines with DSC (Display Stream Compression) enabled in command mode. The driver incorrectly applies horizontal timing adjustments based on compression ratio in command mode, causing line_time_us to become zero and triggering a kernel panic. Affects Linux kernel versions 5.6 and later; patch available via stable kernel releases. MEDIUM 5.5 0.0% 28
CVE-2026-31466 A race condition in Linux kernel memory management causes folio objects to be accessed without proper locking during concurrent mega-transparent huge page (mTHP) splitting and zap operations on arm64, triggering a denial-of-service condition via VM_WARN_ON_ONCE() panic when the missing memory barrier allows CPU reordering to expose unlocked folio state. The vulnerability affects Linux kernel versions before 5.10.253, 5.15.203, 6.1.168, 6.6.134, 6.12.81, 6.18.21, 6.19.11, and 7.0 with EPSS score of 0.02% indicating low real-world exploitation likelihood despite moderate CVSS impact rating. MEDIUM 4.7 0.0% 24
CVE-2025-39725 In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix hwpoisoned large folio handling in shrink_folio_list In shrink_folio_list(), the hwpoisoned folio may be large. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer. MEDIUM 5.5 0.0% –

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy