Search Results (2362 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-8793 1 Huawei 6 Mate 8, Mate 8 Firmware, Mate S and 3 more 2025-04-20 N/A
Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT-CL00C92B386, Versions before NXT-DL00C17B386, Versions before NXT-TL00C01B386; Mate S phones with software Versions before CRR-CL00C92B368, Versions before CRR-CL20C92B368, Versions before CRR-TL00C01B368, Versions before CRR-UL00C00B368, Versions before CRR-UL20C00B368; and P8 phones with software Versions before GRA-TL00C01B366, Versions before GRA-CL00C92B366, Versions before GRA-CL10C92B366, Versions before GRA-UL00C00B366, Versions before GRA-UL10C00B366 allow attackers with graphic or Camera privilege to crash the system or escalate privilege.
CVE-2017-8145 1 Huawei 4 P10, P10 Firmware, P10 Plus and 1 more 2025-04-20 N/A
The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, versions before VTR-TL00C01B167, versions before VKY-AL00C00B167, versions before VKY-TL00C01B167 has a DoS vulnerability. An attacker may trick a user into installing a malicious application, and the application can send given parameter to call module to crash the call and data communication process.
CVE-2017-8142 1 Huawei 4 Mate 9, Mate 9 Firmware, Mate 9 Pro and 1 more 2025-04-20 N/A
The Trusted Execution Environment (TEE) module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use after free (UAF) vulnerability. An attacker tricks a user into installing a malicious application, and the application can start multiple threads and try to create and free specific memory, which could triggers access memory after free it and causes a system crash or arbitrary code execution.
CVE-2016-8780 1 Huawei 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 6800 and 5 more 2025-04-20 N/A
Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition.
CVE-2016-8779 1 Huawei 1 Fusionaccess 2025-04-20 N/A
Huawei FusionAccess with software V100R005C10 and V100R005C20 could allow remote attackers with specific permission to inject a Lightweight Directory Access Protocol (LDAP) operation command into a specific input variable to obtain sensitive information from the database.
CVE-2017-8140 1 Huawei 2 P9 Plus, P9 Plus Firmware 2025-04-20 N/A
The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE-AL10BC00B353 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can start multiple threads and try to free specific memory, which could triggers double free and causes a system crash or arbitrary code execution.
CVE-2016-8763 1 Huawei 6 P8 Lite, P8 Lite Firmware, P9 and 3 more 2025-04-20 N/A
The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an improper resource release vulnerability, which allows attackers to cause a system restart or privilege elevation.
CVE-2016-8760 1 Huawei 6 Honor 6, Honor 6 Firmware, P9 and 3 more 2025-04-20 N/A
Touchscreen driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a heap overflow vulnerability, which allows attackers to crash the system or escalate user privilege.
CVE-2017-8135 1 Huawei 1 Fusionsphere Openstack 2025-04-20 N/A
The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands.
CVE-2017-2695 1 Huawei 2 Tit-al00, Tit-al00 Firmware 2025-04-20 N/A
TIT-AL00C583B211 has a directory traversal vulnerability which allows an attacker to obtain the files in email application.
CVE-2017-8127 1 Huawei 1 Uma 2025-04-20 N/A
The UMA product with software V200R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. An attacker could craft malicious links or scripts to launch XSS attacks.
CVE-2017-2711 1 Huawei 2 P9 Plus, P9 Plus Firmware 2025-04-20 N/A
P9 Plus smartphones with software earlier than VIE-AL10C00B352 versions have an input validation vulnerability in the touchscreen Driver. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system.
CVE-2017-8124 1 Huawei 1 Uma 2025-04-20 N/A
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges.
CVE-2017-8206 1 Huawei 2 Honor 7 Lite, Honor 7 Lite Firmware 2025-04-20 N/A
HONOR 7 Lite mobile phones with software of versions earlier than NEM-L21C432B352 have an App Lock bypass vulnerability. An attacker could perform specific operations to bypass the App Lock to use apps on a target mobile phone temporarily.
CVE-2017-8123 1 Huawei 1 Uma 2025-04-20 N/A
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges.
CVE-2017-2738 1 Huawei 2 Vcm5010, Vcm5010 Firmware 2025-04-20 N/A
VCM5010 with software versions earlier before V100R002C50SPC100 has an authentication bypass vulnerability. This is due to improper implementation of authentication for accessing web pages. An unauthenticated attacker could bypass the authentication by sending a crafted HTTP request. 5010 with software versions earlier before V100R002C50SPC100 has an arbitrary file upload vulnerability. The software does not validate the files that uploaded. An authenticated attacker could upload arbitrary files to the system.
CVE-2017-8203 1 Huawei 4 Nova 2, Nova 2 Firmware, Nova 2 Plus and 1 more 2025-04-20 N/A
The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with software of Versions earlier than BAC-AL00C00B173,Versions earlier than PIC-AL00C00B173 has a use after free (UAF) vulnerability. An attacker can convince a user to install a malicious application which has a high privilege to exploit this vulnerability, Successful exploitation may cause arbitrary code execution.
CVE-2017-8122 1 Huawei 1 Uma 2025-04-20 N/A
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges.
CVE-2017-8210 1 Huawei 4 Honor 5c, Honor 5c Firmware, Honor 6x and 1 more 2025-04-20 N/A
The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege of the Android system, the APP can send a specific parameter to the driver of the smart phone, causing a system reboot or arbitrary code execution.
CVE-2017-2709 1 Huawei 2 Higame, Skytone 2025-04-20 N/A
HiGame with software earlier than 7.3.0 versions, SkyTone with software earlier than 8.1.1 versions have a DoS Vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, the attacker can send malformed packets to the device. Due to the lack of adequate input validation of APPs, which causes the APPs Denial of Service.