Vulnerabilities (CVE)

Filtered by vendor Huawei Subscribe
Total 2136 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-46318 1 Huawei 2 Emui, Harmonyos 2025-04-16 N/A 5.3 MEDIUM
The HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in Settings.
CVE-2022-46317 1 Huawei 2 Emui, Harmonyos 2025-04-16 N/A 7.5 HIGH
The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-41599 1 Huawei 2 Emui, Harmonyos 2025-04-16 N/A 7.5 HIGH
The system service has a vulnerability that causes incorrect return values. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-41596 1 Huawei 2 Emui, Harmonyos 2025-04-16 N/A 7.5 HIGH
The system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of components.
CVE-2022-41591 1 Huawei 2 Emui, Harmonyos 2025-04-16 N/A 7.5 HIGH
The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files.
CVE-2022-41590 1 Huawei 1 Harmonyos 2025-04-16 N/A 5.5 MEDIUM
Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability.
CVE-2015-8228 1 Huawei 10 Ar120, Ar1200, Ar150 and 7 more 2025-04-12 4.0 MEDIUM N/A
Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V200R006SPH003 allows remote authenticated users to access arbitrary directories via unspecified vectors.
CVE-2016-6669 1 Huawei 8 Usg2100, Usg2100 Firmware, Usg2200 and 5 more 2025-04-12 7.1 HIGH 7.5 HIGH
Buffer overflow in the Authentication, Authorization and Accounting (AAA) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600 allows remote authenticated RADIUS servers to execute arbitrary code by sending a crafted EAP packet.
CVE-2016-8278 1 Huawei 3 Usg9520, Usg9560, Usg9580 2025-04-12 7.8 HIGH 7.5 HIGH
Huawei USG9520, USG9560, and USG9580 unified security gateways with software before V300R001C01SPCa00 allow remote attackers to cause a denial of service (device restart) via an unspecified URL.
CVE-2015-7845 1 Huawei 7 Espace Firmware, Espace Unified Gateway U1910, Espace Unified Gateway U1911 and 4 more 2025-04-12 5.0 MEDIUM N/A
The exception handling mechanism in the CLI Module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V100R001C20SPH605 allows remote attackers to cause a denial of service (CLI outage) via crafted SSH packets.
CVE-2016-5234 1 Huawei 6 Rse6500, Rse6500 Firmware, Vp9600 Series Firmware and 3 more 2025-04-12 9.3 HIGH 8.1 HIGH
Buffer overflow in Huawei VP9660, VP9650, and VP9630 multipoint control unit devices with software before V500R002C00SPC200 and RSE6500 videoconference devices with software before V500R002C00SPC100, when an unspecified service is enabled, allows remote attackers to execute arbitrary code via a crafted packet, aka HWPSIRT-2016-05054.
CVE-2015-8319 1 Huawei 4 Mate S, Mate S Firmware, P8 and 1 more 2025-04-12 9.3 HIGH 7.8 HIGH
Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2015-8318.
CVE-2016-5850 1 Huawei 1 Public Cloud Solution 2025-04-12 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in the volume backup service module in Huawei Public Cloud Solution before 1.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-7254 1 Huawei 3 Hg532e, Hg532n, Hg532s 2025-04-12 5.0 MEDIUM N/A
Directory traversal vulnerability on Huawei HG532e, HG532n, and HG532s devices allows remote attackers to read arbitrary files via a .. (dot dot) in an icon/ URI.
CVE-2016-4575 1 Huawei 8 Ath, Ath Firmware, Cherryplus and 5 more 2025-04-12 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in the email APP in Huawei PLK smartphones with software AL10C00 before AL10C00B211 and AL10C92 before AL10C92B211; ATH smartphones with software AL00C00 before AL00C00B361, CL00C92 before CL00C92B361, TL00HC01 before TL00HC01B361, and UL00C00 before UL00C00B361; CherryPlus smartphones with software TL00C00 before TL00C00B553, UL00C00 before UL00C00B553, and TL00MC01 before TL00MC01B553; and RIO smartphones with software AL00C00 before AL00C00B360 allows remote attackers to inject arbitrary web script or HTML via an email message.
CVE-2015-8085 1 Huawei 14 Ar, Ar Firmware, Quidway S5300 and 11 more 2025-04-12 4.0 MEDIUM 4.9 MEDIUM
Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before V200R009C00; S12700 routers with software before V200R008C00SPC500; S9300, Quidway S5300, and S5300 routers with software before V200R007C00; and S5700 routers with software before V200R007C00SPC500 make it easier for remote authenticated administrators to obtain and decrypt passwords by leveraging selection of a reversible encryption algorithm.
CVE-2015-3911 1 Huawei 2 E587 Mobile Wifi, E587 Mobile Wifi Firmware 2025-04-12 9.0 HIGH N/A
Huawei E587 Mobile WiFi with firmware before 11.203.30.00.00 allows remote attackers to bypass authentication, change configurations, send messages, and cause a denial of service (device restart) via unspecified vectors.
CVE-2015-8337 1 Huawei 4 Mate 7, Mate 7 Firmware, P8 and 1 more 2025-04-12 7.1 HIGH 5.5 MEDIUM
The HIFI driver in Huawei P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, GRA-UL10 before GRA-UL10C00B220 and Mate7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 allows remote attackers to cause a denial of service (invalid memory access and reboot) via unspecified vectors related to "input null pointer as parameter."
CVE-2016-7108 1 Huawei 1 Uma 2025-04-12 4.0 MEDIUM 6.5 MEDIUM
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote authenticated users to obtain the MD5 hashes of arbitrary user passwords via unspecified vectors.
CVE-2016-1496 1 Huawei 2 P8, P8 Firmware 2025-04-12 7.1 HIGH 5.5 MEDIUM
The graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230 allows attackers to cause a denial of service (system crash) via a crafted application, aka a "semaphore deadlock issue."