Filtered by vendor Huawei
Subscriptions
Total
1926 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-5301 | 1 Huawei | 2 Honor V20, Honor V20 Firmware | 2024-11-21 | N/A |
| Huawei smart phones Honor V20 with the versions before 9.0.1.161(C00E161R2P2) have an information leak vulnerability. An attacker may trick a user into installing a malicious application. Due to coding error during layer information processing, attackers can exploit this vulnerability to obtain some layer information. | ||||
| CVE-2019-5300 | 1 Huawei | 53 Ar1200-s Firmware, Ar1200 Firmware, Ar1200e and 50 more | 2024-11-21 | N/A |
| There is a digital signature verification bypass vulnerability in AR1200, AR1200-S, AR150, AR160, AR200, AR2200, AR2200-S, AR3200, SRG1300, SRG2300 and SRG3300 Huawei routers. The vulnerability is due to the affected software improperly verifying digital signatures for the software image in the affected device. A local attacker with high privilege may exploit the vulnerability to bypass integrity checks for software images and install a malicious software image on the affected device. | ||||
| CVE-2019-5299 | 1 Huawei | 2 Hima-al00b, Hima-al00b Firmware | 2024-11-21 | N/A |
| Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL00C00B175 have a signature verification bypass vulnerability. Attackers can induce users to install malicious applications. Due to a defect in the signature verification logic, the malicious applications can invoke specific interface to execute malicious code. A successful exploit may result in the execution of arbitrary code. | ||||
| CVE-2019-5298 | 1 Huawei | 2 Ap4050dn-e, Ap4050dn-e Firmware | 2024-11-21 | N/A |
| There is an improper authentication vulnerability in some Huawei AP products before version V200R009C00SPC800. Due to the improper implementation of authentication for the serial port, an attacker could exploit this vulnerability by connecting to the affected products and running a series of commands. | ||||
| CVE-2019-5297 | 1 Huawei | 2 Emily-l29c, Emily-l29c Firmware | 2024-11-21 | N/A |
| Emily-L29C Huawei phones versions earlier than 9.0.0.159 (C185E2R1P12T8) have a Factory Reset Protection (FRP) bypass security vulnerability. Before the FRP account is verified and activated during the reset process, the attacker can perform some special operations to bypass the FRP function and obtain the right to use the mobile phone. | ||||
| CVE-2019-5296 | 1 Huawei | 2 Mate20, Mate20 Firmware | 2024-11-21 | N/A |
| Mate20 Huawei smartphones versions earlier than HMA-AL00C00B175 have an out-of-bounds read vulnerability. An attacker with a high permission runs some specific commands on the smartphone. Due to insufficient input verification, successful exploit may cause out-of-bounds read of the memory and the system abnormal. | ||||
| CVE-2019-5295 | 1 Huawei | 2 Honor View 10, Honor View 10 Firmware | 2024-11-21 | N/A |
| Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0.125(C00E125R2P14T8) have an authorization bypass vulnerability. Due to improper authorization implementation logic, attackers can bypass certain authorization scopes of smart phones by performing specific operations. This vulnerability can be exploited to perform operations beyond the scope of authorization. | ||||
| CVE-2019-5294 | 1 Huawei | 32 Ar120-s, Ar120-s Firmware, Ar1200 and 29 more | 2024-11-21 | 7.5 High |
| There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a buffer read overflow error when parsing the message, successful exploit may cause some service to be abnormal. | ||||
| CVE-2019-5293 | 1 Huawei | 32 Ar120-s, Ar120-s Firmware, Ar1200 and 29 more | 2024-11-21 | 6.5 Medium |
| Some Huawei products have a memory leak vulnerability when handling some messages. A remote attacker with operation privilege could exploit the vulnerability by sending specific messages continuously. Successful exploit may cause some service to be abnormal. | ||||
| CVE-2019-5292 | 1 Huawei | 6 Honor 10 Lite, Honor 10 Lite Firmware, Honor 8a and 3 more | 2024-11-21 | 3.3 Low |
| Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9.1.0.217(C00E215R3P1), the versions before 9.1.0.205(C00E97R1P9), the versions before 9.1.0.205(C00E97R2P2) have an information leak vulnerability. Due to improper function error records of some module, an attacker with the access permission may exploit the vulnerability to obtain some information. | ||||
| CVE-2019-5291 | 1 Huawei | 36 Ar120-s, Ar120-s Firmware, Ar1200 and 33 more | 2024-11-21 | 5.9 Medium |
| Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal. | ||||
| CVE-2019-5290 | 1 Huawei | 4 S5700, S5700 Firmware, S6700 and 1 more | 2024-11-21 | 6.5 Medium |
| Huawei S5700 and S6700 have a DoS security vulnerability. Attackers with certain permissions perform specific operations on affected devices. Because the pointer in the program is not processed properly, the vulnerability can be exploited to cause the device to be abnormal. | ||||
| CVE-2019-5289 | 1 Huawei | 1 Manageone | 2024-11-21 | 7.5 High |
| Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the specific packet length. Attackers can construct invalid packets to attack the active and standby communication channels. Successful exploit of this vulnerability could allow the attacker to crash the database on the standby node. | ||||
| CVE-2019-5288 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 7.8 High |
| P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs specific parameters to the camera program to exploit this vulnerability. Successful exploit could cause the program to break down or allow for arbitrary code execution. | ||||
| CVE-2019-5287 | 1 Huawei | 2 P30, P30 Firmware | 2024-11-21 | 7.8 High |
| P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E190R2P1) have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs specific parameters to the camera program to exploit this vulnerability. Successful exploit could cause the program to break down or allow for arbitrary code execution. | ||||
| CVE-2019-5286 | 1 Huawei | 1 Hedex Lite | 2024-11-21 | N/A |
| There is a reflection XSS vulnerability in the HedEx products. Remote attackers send malicious links to users and trick users to click. Successfully exploit cloud allow the attacker to initiate XSS attacks. Affects HedEx Lite versions earlier than V200R006C00SPC007. | ||||
| CVE-2019-5285 | 1 Huawei | 28 S12700, S12700 Firmware, S1700 and 25 more | 2024-11-21 | N/A |
| Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted packets to the affected device to exploit this vulnerability. Due to insufficient verification of the packets, successful exploitation may cause the device reboot and denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2019-03109) | ||||
| CVE-2019-5284 | 1 Huawei | 2 Leland-al00a, Leland-al00a Firmware | 2024-11-21 | 6.5 Medium |
| There is a DoS vulnerability in RTSP module of Leland-AL00A Huawei smart phones versions earlier than Leland-AL00A 9.1.0.111(C00E111R2P10T8). Remote attackers could trick the user into opening a malformed RTSP media stream to exploit this vulnerability. Successful exploit could cause the affected phone abnormal, leading to a DoS condition. (Vulnerability ID: HWPSIRT-2019-02004) | ||||
| CVE-2019-5283 | 1 Huawei | 2 P20, P20 Firmware | 2024-11-21 | N/A |
| There is Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions earlier than Emily-AL00A 9.0.0.167 (C00E81R1P21T8). When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Talkback mode and can perform some operations to access the setting page. As a result, the FRP function is bypassed. | ||||
| CVE-2019-5282 | 1 Huawei | 14 Emily-al00a, Emily-al00a Firmware, Emily-l09c and 11 more | 2024-11-21 | 7.8 High |
| Bastet module of some Huawei smartphones with Versions earlier than Emily-AL00A 9.0.0.182(C00E82R1P21), Versions earlier than Emily-TL00B 9.0.0.182(C01E82R1P21), Versions earlier than Emily-L09C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.203(C432E7R1P11), Versions earlier than Emily-L29C 9.0.0.202(C185E2R1P12) have a double free vulnerability. An attacker tricks the user into installing a malicious application, which frees on the same memory address twice. Successful exploit could result in malicious code execution. | ||||