Filtered by vendor Huawei
Subscriptions
Total
1926 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-4087 | 1 Huawei | 4 S12700, S12700 Firmware, S5700 and 1 more | 2024-11-21 | N/A |
Huawei S12700 switches with software before V200R008C00SPC500 and S5700 switches with software before V200R005SPH010, when the debug switch is enabled, allows remote attackers to cause a denial of service or execute arbitrary code via crafted DNS packets. | ||||
CVE-2016-4086 | 1 Huawei | 1 Hisuite | 2024-11-21 | N/A |
Huawei HiSuite (In China) before 4.0.4.301 and (Out of China) before 4.0.4.204_ove allows remote attackers to install arbitrary apps on a connected phone via unspecified vectors. | ||||
CVE-2016-4058 | 1 Huawei | 1 Policy Center | 2024-11-21 | N/A |
Cross-site scripting (XSS) vulnerability in Huawei Policy Center before V100R003C10SPC020 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to "special characters on pages." | ||||
CVE-2016-4057 | 1 Huawei | 1 Fusioncompute | 2024-11-21 | N/A |
Huawei FusionCompute before V100R005C10SPC700 allows remote authenticated users to cause a denial of service (resource consumption) via a large number of crafted packets. | ||||
CVE-2016-4005 | 1 Huawei | 1 Hilink App | 2024-11-21 | N/A |
The Huawei Hilink App application before 3.19.2 for Android does not validate SSL certificates, which allows local users to have unspecified impact via unknown vectors, aka HWPSIRT-2016-03008. | ||||
CVE-2016-3950 | 1 Huawei | 2 Ar3200, Ar3200 Firmware | 2024-11-21 | N/A |
Huawei AR3200 routers with software before V200R006C10SPC300 allow remote authenticated users to cause a denial of service (restart) via crafted packets. | ||||
CVE-2016-3681 | 1 Huawei | 2 Mate 8, Mate 8 Firmware | 2024-11-21 | N/A |
Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain privileges via a crafted application, aka HWPSIRT-2016-03021. | ||||
CVE-2016-3680 | 1 Huawei | 2 Mate 8, Mate 8 Firmware | 2024-11-21 | N/A |
Buffer overflow in the Wi-Fi driver in Huawei Mate 8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to cause a denial of service (crash) or possibly gain privileges via a crafted application, aka HWPSIRT-2016-03020. | ||||
CVE-2016-3678 | 1 Huawei | 10 S5300, S5300 Firmware, S5700 and 7 more | 2024-11-21 | N/A |
Huawei Quidway S9700, S5700, S5300, S9300, and S7700 switches with software before V200R003SPH012 allow remote attackers to cause a denial of service (switch restart) via crafted traffic. | ||||
CVE-2016-3677 | 1 Huawei | 2 Hilink App, Wear App | 2024-11-21 | N/A |
The Huawei Wear App application before 15.0.0.307 for Android does not validate SSL certificates, which allows local users to have unspecified impact via unknown vectors, aka HWPSIRT-2016-03008. | ||||
CVE-2016-3676 | 1 Huawei | 2 E3276s, E3276s Firmware | 2024-11-21 | N/A |
Huawei E3276s USB modems with software before E3276s-150TCPU-V200R002B436D09SP00C00 allow man-in-the-middle attackers to intercept, spoof, or modify network traffic via unspecified vectors related to a fake network. | ||||
CVE-2016-3675 | 1 Huawei | 2 Policy Center, Policy Center Firmware | 2024-11-21 | 8.1 High |
SQL injection vulnerability in Huawei Policy Center with software before V100R003C10SPC020 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to system databases. | ||||
CVE-2016-2855 | 1 Huawei | 1 Mobile Broadband Hl Service | 2024-11-21 | N/A |
The Huawei Mobile Broadband HL Service 22.001.25.00.03 and earlier uses a weak ACL for the MobileBrServ program data directory, which allows local users to gain SYSTEM privileges by modifying VERSION.dll. | ||||
CVE-2016-2780 | 1 Huawei | 1 Utps Firmware | 2024-11-21 | N/A |
Untrusted search path vulnerability in Huawei UTPS before UTPS-V200R003B015D15SP00C983 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in an unspecified directory. | ||||
CVE-2016-2406 | 1 Huawei | 1 Document Security Management | 2024-11-21 | N/A |
The permission control module in Huawei Document Security Management (aka DSM) before V100R002C05SPC670 allows remote authenticated users to obtain sensitive information from encrypted documents by leveraging incorrect control of permissions on the PrintScreen button. | ||||
CVE-2016-2405 | 1 Huawei | 2 Policy Center, Policy Center Firmware | 2024-11-21 | N/A |
Huawei Policy Center with software before V100R003C10SPC020 allows remote authenticated users to gain privileges and cause a denial of service (system crash) via a crafted URL. | ||||
CVE-2016-2404 | 1 Huawei | 12 Acu2, Acu2 Firmware, S12700 and 9 more | 2024-11-21 | N/A |
Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting (AAA) for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal (VTY) access permission, resulting in privilege escalation. | ||||
CVE-2016-2314 | 1 Huawei | 2 Mt882, Mt882 Firmware | 2024-11-21 | N/A |
GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices V200R002B022 Arg, allows remote authenticated users to cause a denial of service (device outage) by using the FTP MKD command to create a directory with a long name, and then using certain other commands. | ||||
CVE-2016-2231 | 1 Huawei | 2 Mt882, Mt882 Firmware | 2024-11-21 | N/A |
The Windows-based Host Interface Program (WHIP) service on Huawei SmartAX MT882 devices V200R002B022 Arg relies on the client to send a length field that is consistent with a buffer size, which allows remote attackers to cause a denial of service (device outage) or possibly have unspecified other impact via crafted traffic on TCP port 8701. | ||||
CVE-2016-2214 | 1 Huawei | 1 Agile Controller-campus | 2024-11-21 | N/A |
Cross-site scripting (XSS) vulnerability in an unspecified portal authentication page in Huawei Agile Controller-Campus with software before V100R001C00SPC319 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. |