| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to capture and change patch loading information resulting in the deletion of directory files and compromise of system functions when loading a patch. |
| Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal. |
| Multiple heap-based buffer overflows in the eSap software platform in Huawei Campus S9300, S7700, S9700, S5300, S5700, S6300, and S6700 series switches; AR150, AR160, AR200, AR1200, AR2200, AR3200, AR530, NetEngine16EX, SRG1300, SRG2300, and SRG3300 series routers; and WLAN AC6005, AC6605, and ACU2 access controllers allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet. |
| cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java code by leveraging a network position between the client and the registry to block HTTPS traffic. |
| Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error in the Web UI. |
| Vulnerability of improper device information processing in the device management module
Impact: Successful exploitation of this vulnerability may affect availability. |
| Information management vulnerability in the Gallery module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Permission control vulnerability in the Wi-Fi module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Permission control vulnerability in the hidebug module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Permission control vulnerability in the Gallery app
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Vulnerability of improper log printing in the Super Home Screen module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Data verification vulnerability in the battery module
Impact: Successful exploitation of this vulnerability may affect function stability. |
| LaunchAnywhere vulnerability in the account module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Vulnerability of input parameters not being verified in the HDC module
Impact: Successful exploitation of this vulnerability may affect availability. |
| Input parameter verification vulnerability in the background service module
Impact: Successful exploitation of this vulnerability may affect availability. |
| Vulnerability of pop-up windows belonging to no app in the VPN module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Race condition vulnerability in the kernel network module
Impact:Successful exploitation of this vulnerability may affect availability. |
| Vulnerability of parameter type not being verified in the WantAgent module
Impact: Successful exploitation of this vulnerability may affect availability. |
| Vulnerability of parameter type not being verified in the WantAgent module
Impact: Successful exploitation of this vulnerability may affect availability. |
| Out-of-bounds access vulnerability in the logo module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
