Filtered by vendor Huawei Subscriptions
Total 1926 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-9142 1 Huawei 2 Emui, Magic Ui 2024-11-21 9.1 Critical
There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly processes the update file.
CVE-2020-9141 1 Huawei 2 Emui, Magic Ui 2024-11-21 9.1 Critical
There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity.
CVE-2020-9140 1 Huawei 2 Emui, Magic Ui 2024-11-21 9.8 Critical
There is a vulnerability with buffer access with incorrect length value in some Huawei Smartphone.Unauthorized users may trigger code execution when a buffer overflow occurs.
CVE-2020-9139 1 Huawei 2 Emui, Magic Ui 2024-11-21 9.1 Critical
There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service.
CVE-2020-9138 1 Huawei 2 Emui, Magic Ui 2024-11-21 5.3 Medium
There is a heap-based buffer overflow vulnerability in some Huawei Smartphone, Successful exploit of this vulnerability can cause process exceptions during updating.
CVE-2020-9137 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more 2024-11-21 6.7 Medium
There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful exploit will cause privilege escalation.
CVE-2020-9129 1 Huawei 2 Mate 30, Mate 30 Firmware 2024-11-21 6.7 Medium
HUAWEI Mate 30 versions earlier than 10.1.0.159(C00E159R7P2) have a vulnerability of improper buffer operation. Due to improper restrictions, local attackers with high privileges can exploit the vulnerability to cause system heap overflow.
CVE-2020-9128 1 Huawei 1 Fusioncompute 2024-11-21 4.4 Medium
FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with high permissions can exploit this vulnerability to cause information leak.
CVE-2020-9127 1 Huawei 12 Nip6300, Nip6300 Firmware, Nip6600 and 9 more 2024-11-21 6.7 Medium
Some Huawei products have a command injection vulnerability. Due to insufficient input validation, an attacker with high privilege may inject some malicious codes in some files of the affected products. Successful exploit may cause command injection.Affected product versions include:NIP6300 versions V500R001C30,V500R001C60;NIP6600 versions V500R001C30,V500R001C60;Secospace USG6300 versions V500R001C30,V500R001C60;Secospace USG6500 versions V500R001C30,V500R001C60;Secospace USG6600 versions V500R001C30,V500R001C60;USG9500 versions V500R001C30,V500R001C60.
CVE-2020-9125 1 Huawei 2 Mate 30, Mate 30 Firmware 2024-11-21 6.7 Medium
There is an out-of-bound read vulnerability in huawei smartphone Mate 30 versions earlier than 10.1.0.156 (C00E155R7P2). An attacker with specific permission can exploit this vulnerability by sending crafted packet with specific parameter to the target device. Due to insufficient validation of the parameter, successful exploit can cause the device to behave abnormally.
CVE-2020-9124 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more 2024-11-21 7.5 High
There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak.
CVE-2020-9123 1 Huawei 2 P30 Pro, P30 Pro Firmware 2024-11-21 7.8 High
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution.
CVE-2020-9122 1 Huawei 14 Hirouter-cd30-10, Hirouter-cd30-10 Firmware, Hirouter-ct31-10 and 11 more 2024-11-21 6.5 Medium
Some Huawei products have an insufficient input verification vulnerability. Attackers can exploit this vulnerability in the LAN to cause service abnormal on affected devices.Affected product versions include:HiRouter-CD30-10 version 10.0.2.5;HiRouter-CT31-10 version 10.0.2.20;WS5200-12 version 10.0.1.9;WS5281-10 version 10.0.5.10;WS5800-10 version 10.0.3.25;WS7100-10 version 10.0.5.21;WS7200-10 version 10.0.5.21.
CVE-2020-9120 1 Huawei 1 Cloudengine 1800v 2024-11-21 7.5 High
CloudEngine 1800V versions V100R019C10SPC500 has a resource management error vulnerability. Remote unauthorized attackers could send specific types of messages to the device, resulting in the message received by the system can't be forwarded normally.
CVE-2020-9119 1 Huawei 10 Mate 10, Mate 10 Firmware, Mate 30 and 7 more 2024-11-21 6.2 Medium
There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user's privilege promotion.
CVE-2020-9118 1 Huawei 2 Ais-bw80h-00, Ais-bw80h-00 Firmware 2024-11-21 6.8 Medium
There is an insufficient integrity check vulnerability in Huawei Sound X Product. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attacker to load a crafted software package to the device. Affected product versions include:AIS-BW80H-00 versions 9.0.3.1(H100SP13C00),9.0.3.1(H100SP18C00),9.0.3.1(H100SP3C00),9.0.3.1(H100SP9C00),9.0.3.2(H100SP1C00),9.0.3.2(H100SP2C00),9.0.3.2(H100SP5C00),9.0.3.2(H100SP8C00),9.0.3.3(H100SP1C00).
CVE-2020-9117 1 Huawei 4 Nova 4, Nova 4 Firmware, Sydneym-al00 and 1 more 2024-11-21 7.8 High
HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM-AL00 versions earlier than 10.0.0.165(C00E66R1P5) have an out-of-bounds read and write vulnerability. An attacker with specific permissions crafts malformed packet with specific parameter and sends the packet to the affected products. Due to insufficient validation of packet, which may be exploited to cause the information leakage or arbitrary code execution.
CVE-2020-9116 1 Huawei 1 Fusioncompute 2024-11-21 7.2 High
Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An authenticated, remote attacker can craft specific request to exploit this vulnerability. Due to insufficient verification, this could be exploited to cause the attackers to obtain higher privilege.
CVE-2020-9115 1 Huawei 1 Manageone 2024-11-21 7.2 High
ManageOne versions 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, ,6.5.1.1.B050, 8.0.0 and 8.0.1 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the plug-in component. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject commands to the target device.
CVE-2020-9114 1 Huawei 1 Fusioncompute 2024-11-21 7.8 High
FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Due to improper privilege management, an attacker with common privilege may access some specific files and get the administrator privilege in the affected products. Successful exploit will cause privilege escalation.