Vulnerabilities (CVE)

Filtered by vendor Huawei Subscribe
Total 2136 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-2710 1 Huawei 4 Beethoven-w09a, Beethoven-w09a Firmware, Crr-l09 and 1 more 2025-04-20 2.1 LOW 4.6 MEDIUM
BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B006CUSTC100D002 versions, earlier than BTV-W09C128B003CUSTC128D002 versions, earlier than BTV-W09C199B002CUSTC199D002 versions, earlier than BTV-W09C209B005CUSTC209D001 versions, earlier than BTV-W09C331B002CUSTC331D001 versions, earlier than CRR-L09C432B390 versions, earlier than CRR-L09C605B355CUSTC605D003 versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can perform some operations to update the Google account. As a result, the FRP function is bypassed.
CVE-2016-8802 1 Huawei 6 Secospace Usg6300, Secospace Usg6300 Firmware, Secospace Usg6500 and 3 more 2025-04-20 6.8 MEDIUM 6.5 MEDIUM
The security policy processing module in Huawei Secospace USG6300 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6500 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6600 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200 allows authenticated attackers to setup a specific security policy into the devices, causing a buffer overflow and crashing the system.
CVE-2016-6177 1 Huawei 2 Oceanstor 5800 V3, Oceanstor 5800 V3 Firmware 2025-04-20 4.0 MEDIUM 6.5 MEDIUM
The Huawei OceanStor 5800 V300R003C00 has an integer overflow vulnerability. An authenticated attacker may send massive abnormal Network File System (NFS) packets, causing an anomaly in specific disk arrays.
CVE-2014-9697 1 Huawei 6 Usg9520, Usg9520 Firmware, Usg9560 and 3 more 2025-04-20 7.8 HIGH 7.5 HIGH
Huawei USG9560/9520/9580 before V300R001C01SPC300 allows remote attackers to cause a memory leak or denial of service (memory exhaustion, reboot and MPU switchover) via a crafted website.
CVE-2017-8139 1 Huawei 1 Hedex Lite 2025-04-20 4.3 MEDIUM 6.1 MEDIUM
HedEx Earlier than V200R006C00 versions have the stored cross-site scripting (XSS) vulnerability. Attackers can exploit the vulnerability to plant malicious scripts into the configuration file to interrupt the services of legitimate users.
CVE-2017-2723 1 Huawei 1 Files 2025-04-20 2.1 LOW 6.7 MEDIUM
The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. An attacker with the root privilege of an Android system could forge the Safe to read users' plaintext Safe passwords, leading to information leak.
CVE-2017-2700 1 Huawei 4 Ac6005, Ac6005 Firmware, Ac6605 and 1 more 2025-04-20 5.0 MEDIUM 7.5 HIGH
AC6005 with software V200R006C10, AC6605 with software V200R006C10 have a DoS Vulnerability. An attacker can send malformed packets to the device, which causes the device memory leaks, leading to DoS attacks.
CVE-2015-2245 1 Huawei 2 P7-l09, P7-l09 Firmware 2025-04-20 5.0 MEDIUM 7.5 HIGH
Huawei Ascend P7 allows remote attackers to cause a denial of service (phone process crash).
CVE-2015-7844 1 Huawei 1 Fusionaccess 2025-04-20 7.8 HIGH 7.5 HIGH
Huawei FusionAccess with software V100R005C10,V100R005C20 could allow attackers to craft and send a malformed HDP protocol packet to cause the virtual cloud desktop to be displaying an error and not usable.
CVE-2017-8133 1 Huawei 1 Neteco 2025-04-20 6.5 MEDIUM 8.8 HIGH
Huawei iManager NetEco with software V600R008C00 and V600R008C10 has a command injection vulnerability. An authenticated, remote attacker could exploit this vulnerability to send malicious packets to a target device. Successful exploit could enable a low privileged user to execute commands that a high privileged user could execute, causing the files to be tampered with or deleted.
CVE-2016-8759 1 Huawei 6 Honor 6, Honor 6 Firmware, P9 and 3 more 2025-04-20 9.3 HIGH 7.8 HIGH
Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege.
CVE-2016-8769 1 Huawei 1 Utps Firmware 2025-04-20 7.2 HIGH 6.7 MEDIUM
Huawei UTPS earlier than UTPS-V200R003B015D16SPC00C983 has an unquoted service path vulnerability which can lead to the truncation of UTPS service query paths. An attacker may put an executable file in the search path of the affected service and obtain elevated privileges after the executable file is executed.
CVE-2017-2733 1 Huawei 2 Honor 6x, Honor 6x Firmware 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
Honor 6X smartphones with software versions earlier than BLN-AL10C00B357 and versions earlier than BLN-AL20C00B357 have an information leak vulnerability due to improper file permission configuration. An attacker tricks a user into installing a malicious application on the smart phone, and the application can get the file that keep the cipher text of the SIM card PIN.
CVE-2016-8274 1 Huawei 1 Hisuite 2025-04-20 7.2 HIGH 7.8 HIGH
Huawei PC client software HiSuite 4.0.5.300_OVE has a dynamic link library (DLL) hijack vulnerability; an attacker can make the system load malicious DLL files to execute arbitrary code.
CVE-2016-8775 1 Huawei 8 Nem-al10, Nem-al10 Firmware, Nem-l21 and 5 more 2025-04-20 7.2 HIGH 6.7 MEDIUM
Touch Panel (TP) driver in Huawei NEM phones with software Versions before NEM-AL10C00B130, Versions before NEM-UL10C17B160, Versions before NEM-UL10C00B160, Versions before NEM-TL00C01B160 allows attackers to get root privilege or crash the system or execute arbitrary code, related to a buffer overflow.
CVE-2017-8190 1 Huawei 1 Fusionsphere Openstack 2025-04-20 4.6 MEDIUM 6.7 MEDIUM
FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high privilege may exploit this vulnerability to inject malicious software.
CVE-2016-6206 1 Huawei 2 Ar3200, Ar3200 Firmware 2025-04-20 10.0 HIGH 9.8 CRITICAL
Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet.
CVE-2016-8761 1 Huawei 6 Honor 6, Honor 6 Firmware, P9 and 3 more 2025-04-20 9.3 HIGH 7.8 HIGH
Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege.
CVE-2017-2728 1 Huawei 2 Honor 6x, Honor 6x Firmware 2025-04-20 6.9 MEDIUM 6.4 MEDIUM
Some Huawei mobile phones Honor 6X Berlin-L22C636B150 and earlier versions have a Bluetooth unlock bypassing vulnerability. If a user has enabled the smart unlock function, an attacker can impersonate the user's Bluetooth device to unlock the user's mobile phone screen.uawei mobile phones have a Bluetooth unlock bypassing vulnerability due to the lack of validation on Bluetooth devices. If a user has enabled the smart unlock function, an attacker can impersonate the user's Bluetooth device to unlock the user's mobile phone screen.
CVE-2017-2706 1 Huawei 2 Mate 9, Mate 9 Firmware 2025-04-20 5.8 MEDIUM 7.1 HIGH
Mate 9 smartphones with software MHA-AL00AC00B125 have a directory traversal vulnerability in Push module. Since the system does not verify the file name during decompression, system directories are traversed. It could be exploited to cause the attacker to replace files and impact the service.