Filtered by vendor Huawei
Subscribe
Total
1867 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-44098 | 1 Huawei | 2 Emui, Harmonyos | 2023-11-14 | N/A | 7.5 HIGH |
| Vulnerability of missing encryption in the card management module. Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2023-46771 | 1 Huawei | 2 Emui, Harmonyos | 2023-11-14 | N/A | 7.5 HIGH |
| Security vulnerability in the face unlock module. Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2022-48613 | 1 Huawei | 2 Emui, Harmonyos | 2023-11-14 | N/A | 5.9 MEDIUM |
| Race condition vulnerability in the kernel module. Successful exploitation of this vulnerability may cause variable values to be read with the condition evaluation bypassed. | |||||
| CVE-2023-46755 | 1 Huawei | 2 Emui, Harmonyos | 2023-11-14 | N/A | 5.3 MEDIUM |
| Vulnerability of input parameters being not strictly verified in the input. Successful exploitation of this vulnerability may cause the launcher to restart. | |||||
| CVE-2023-46762 | 1 Huawei | 2 Emui, Harmonyos | 2023-11-14 | N/A | 7.5 HIGH |
| Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions. | |||||
| CVE-2023-46760 | 1 Huawei | 2 Emui, Harmonyos | 2023-11-14 | N/A | 7.5 HIGH |
| Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions. | |||||
| CVE-2023-46761 | 1 Huawei | 2 Emui, Harmonyos | 2023-11-14 | N/A | 7.5 HIGH |
| Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions. | |||||
| CVE-2022-46315 | 1 Huawei | 1 Harmonyos | 2023-11-07 | N/A | 7.5 HIGH |
| The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2022-44556 | 1 Huawei | 2 Emui, Harmonyos | 2023-11-07 | N/A | 7.5 HIGH |
| Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2021-46856 | 1 Huawei | 2 Emui, Harmonyos | 2023-11-07 | N/A | 7.5 HIGH |
| The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2021-33646 | 3 Fedoraproject, Feep, Huawei | 3 Fedora, Libtar, Openeuler | 2023-11-07 | N/A | 7.5 HIGH |
| The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak. | |||||
| CVE-2021-33645 | 3 Fedoraproject, Feep, Huawei | 3 Fedora, Libtar, Openeuler | 2023-11-07 | N/A | 7.5 HIGH |
| The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak. | |||||
| CVE-2021-33644 | 3 Fedoraproject, Feep, Huawei | 3 Fedora, Libtar, Openeuler | 2023-11-07 | N/A | 8.1 HIGH |
| An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read. | |||||
| CVE-2021-33643 | 3 Fedoraproject, Feep, Huawei | 3 Fedora, Libtar, Openeuler | 2023-11-07 | N/A | 9.1 CRITICAL |
| An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read. | |||||
| CVE-2021-33640 | 2 Fedoraproject, Huawei | 2 Fedora, Openeuler | 2023-11-07 | N/A | 9.8 CRITICAL |
| After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is called in the list() function, it continues to use pointer t: free_longlink_longname(t->th_buf) . As a result, the released memory is used (use-after-free). | |||||
| CVE-2020-8840 | 5 Debian, Fasterxml, Huawei and 2 more | 9 Debian Linux, Jackson-databind, Oceanstor 9000 and 6 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter. | |||||
| CVE-2018-7935 | 1 Huawei | 2 E5573cs-322, E5573cs-322 Firmware | 2023-11-07 | N/A | 5.3 MEDIUM |
| There is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322. Remote attackers could exploit this vulnerability to make the network where the E5573Cs-322 is running temporarily unavailable. | |||||
| CVE-2017-8176 | 1 Huawei | 2 Iptv Stb, Iptv Stb Firmware | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Huawei IPTV STB with earlier than IPTV STB V100R003C01LMYTa6SPC001 versions has an authentication bypass vulnerability. An attacker could exploit this vulnerability to access the serial interface and modify the configuration. Successful exploit could lead to the authentication bypass and view channels by free. | |||||
| CVE-2017-15328 | 1 Huawei | 2 Hg8245h, Hg8245h Firmware | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Huawei HG8245H version earlier than V300R018C00SPC110 has an authentication bypass vulnerability. An attacker can access a specific URL of the affect product. Due to improper verification of the privilege, successful exploitation may cause information leak. | |||||
| CVE-2017-14491 | 13 Arista, Arubanetworks, Canonical and 10 more | 29 Eos, Arubaos, Ubuntu Linux and 26 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. | |||||