CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Huawei : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-34737 276 2022-07-12 2022-07-19
6.4
None Remote Low Not required Partial Partial None
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
2 CVE-2022-31760 2022-06-13 2022-06-27
6.4
None Remote Low Not required Partial Partial None
Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
3 CVE-2022-22260 416 2022-05-13 2022-05-23
6.4
None Remote Low Not required None Partial Partial
The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability.
4 CVE-2021-46742 2022-04-11 2022-07-12
6.4
None Remote Low Not required None Partial Partial
The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability.
5 CVE-2021-40053 276 2022-03-10 2022-10-27
6.4
None Remote Low Not required None Partial Partial
There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity.
6 CVE-2021-39982 269 2022-01-03 2022-01-13
6.4
None Remote Low Not required Partial Partial None
Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications.
7 CVE-2021-37134 362 2022-01-03 2022-01-13
6.8
None Remote Medium Not required Partial Partial Partial
Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components.
8 CVE-2021-37131 1236 2021-10-27 2021-10-29
6.0
None Remote Medium ??? Partial Partial Partial
There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco 6000. An attacker with high privilege may exploit this vulnerability through some operations to inject the CSV files. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject CSV files to the target device.
9 CVE-2021-37116 20 2022-01-03 2022-01-11
6.4
None Remote Low Not required Partial None Partial
PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed.
10 CVE-2021-37099 22 Dir. Trav. 2021-12-07 2021-12-09
6.4
None Remote Low Not required None Partial Partial
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete any file.
11 CVE-2021-37088 22 Dir. Trav. 2021-12-07 2021-12-09
6.4
None Remote Low Not required Partial Partial None
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can write any content to any file.
12 CVE-2021-37087 22 Dir. Trav. 2021-12-07 2021-12-09
6.4
None Remote Low Not required Partial Partial None
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can create arbitrary file.
13 CVE-2021-37079 20 2021-12-07 2021-12-09
6.4
None Remote Low Not required None Partial Partial
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete arbitrary file by system_app permission.
14 CVE-2021-37065 190 Overflow 2021-12-07 2021-12-09
6.4
None Remote Low Not required Partial None Partial
There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Confidentiality or Availability impacted.
15 CVE-2021-37064 22 Dir. Trav. 2021-12-07 2021-12-09
6.4
None Remote Low Not required Partial Partial None
There is a Improper Limitation of a Pathname to a Restricted Directory vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to arbitrary file created.
16 CVE-2021-37062 129 Overflow +Info 2021-12-07 2021-12-09
6.4
None Remote Low Not required Partial None Partial
There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to memory overflow and information leakage.
17 CVE-2021-37051 125 2021-12-08 2021-12-09
6.4
None Remote Low Not required Partial None Partial
There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access.
18 CVE-2021-37042 20 2021-12-07 2021-12-07
6.4
None Remote Low Not required Partial None Partial
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read.
19 CVE-2021-37041 20 2021-12-07 2021-12-07
6.4
None Remote Low Not required Partial None Partial
There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read.
20 CVE-2021-37040 88 2021-12-08 2022-07-12
6.8
None Remote Medium Not required Partial Partial Partial
There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting.
21 CVE-2021-37023 22 Dir. Trav. 2021-11-23 2022-05-03
6.4
None Remote Low Not required Partial Partial None
There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause media files which can be reads and writes in non-distributed directories on any device on the network..
22 CVE-2021-37021 20 Overflow 2021-12-07 2021-12-09
6.4
None Remote Low Not required Partial None Partial
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.
23 CVE-2021-37020 20 Overflow 2021-12-07 2021-12-09
6.4
None Remote Low Not required Partial None Partial
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.
24 CVE-2021-36999 120 Exec Code Overflow 2021-10-28 2021-11-01
6.8
None Remote Medium Not required Partial Partial Partial
There is a Buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by sending malicious images and inducing users to open the images may cause remote code execution.
25 CVE-2021-22448 2022-02-25 2022-07-12
6.4
None Remote Low Not required Partial Partial None
There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause unauthorized read and write of some files.
26 CVE-2021-22437 190 Overflow 2022-02-25 2022-03-07
6.9
None Local Medium Not required Complete Complete Complete
There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address access.
27 CVE-2021-22436 Bypass 2021-10-28 2021-11-02
6.4
None Remote Low Not required None Partial Partial
There is a Logic Bypass vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability.
28 CVE-2021-22435 2021-08-02 2021-12-09
6.4
None Remote Low Not required None Partial Partial
There is a Configuration Defect Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service integrity and availability.
29 CVE-2021-22428 362 Bypass 2021-08-02 2021-12-09
6.8
None Remote Medium Not required Partial Partial Partial
There is an Incomplete Cleanup Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass.
30 CVE-2021-22427 362 Overflow Bypass 2021-08-02 2021-12-09
6.8
None Remote Medium Not required Partial Partial Partial
There is a Heap-based Buffer Overflow Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass.
31 CVE-2021-22394 120 Overflow 2022-02-25 2022-03-07
6.4
None Remote Low Not required Partial None Partial
There is a buffer overflow vulnerability in smartphones. Successful exploitation of this vulnerability may cause DoS of the apps during Multi-Screen Collaboration.
32 CVE-2021-22386 415 2021-08-10 2021-12-09
6.9
None Local Medium Not required Complete Complete Complete
A component of the Huawei smartphone has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevation of Privileges.
33 CVE-2021-22384 362 Bypass 2021-08-02 2021-12-09
6.8
None Remote Medium Not required Partial Partial Partial
There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to authentication bypass.
34 CVE-2021-22380 319 2021-06-30 2021-07-06
6.4
None Remote Low Not required Partial None Partial
There is a Cleartext Transmission of Sensitive Information Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality and availability.
35 CVE-2021-22373 2021-06-30 2021-07-06
6.4
None Remote Low Not required None Partial Partial
There is a Defects Introduced in the Design Process Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability.
36 CVE-2021-22354 125 2021-06-30 2021-07-02
6.4
None Remote Low Not required Partial None Partial
There is an Information Disclosure Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds read.
37 CVE-2021-22352 Exec Code 2021-06-30 2021-07-06
6.8
None Remote Medium Not required Partial Partial Partial
There is a Configuration Defect Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may allow attackers to hijack the device and forge UIs to induce users to execute malicious commands.
38 CVE-2021-22343 2021-07-01 2021-07-06
6.4
None Remote Low Not required None Partial Partial
There is a Configuration Defect vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability.
39 CVE-2021-22326 269 2021-06-30 2021-11-02
6.6
None Local Low Not required Complete Complete None
A component of the HarmonyOS has a Privilege Dropping / Lowering Errors vulnerability. Local attackers may exploit this vulnerability to obtain Kernel space read/write capability.
40 CVE-2021-22311 276 2021-03-22 2021-03-24
6.5
None Remote Low ??? Partial Partial Partial
There is an improper permission assignment vulnerability in Huawei ManageOne product. Due to improper security hardening, the process can run with a higher privilege. Successful exploit could allow certain users to do certain operations with improper permissions. Affected product versions include: ManageOne versions 8.0.0, 8.0.1.
41 CVE-2020-9242 78 2020-08-17 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently validate certain parameters post from user, successful exploit could allow an authenticated attacker to launch a command injection attack.
42 CVE-2020-9233 287 2020-08-17 2020-08-21
6.4
None Remote Low Not required None Partial Partial
FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the vulnerability to delete some files and cause some services abnormal.
43 CVE-2020-9145 787 2021-01-13 2021-01-19
6.4
None Remote Low Not required Partial None Partial
There is an Out-of-bounds Write vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability may cause out-of-bounds access to the physical memory.
44 CVE-2020-9142 787 Overflow 2021-01-13 2021-01-19
6.4
None Remote Low Not required None Partial Partial
There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly processes the update file.
45 CVE-2020-9141 345 2021-01-13 2021-07-21
6.4
None Remote Low Not required Partial Partial None
There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity.
46 CVE-2020-9139 20 DoS 2021-01-13 2021-01-19
6.4
None Remote Low Not required Partial None Partial
There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service.
47 CVE-2020-9116 77 2020-12-01 2020-12-02
6.5
None Remote Low ??? Partial Partial Partial
Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An authenticated, remote attacker can craft specific request to exploit this vulnerability. Due to insufficient verification, this could be exploited to cause the attackers to obtain higher privilege.
48 CVE-2020-1811 74 Exec Code 2020-02-18 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
GaussDB 200 with version of 6.5.1 have a command injection vulnerability. Due to insufficient input validation, remote attackers with low permissions could exploit this vulnerability by sending crafted commands to the affected device. Successful exploit could allow an attacker to execute commands.
49 CVE-2020-1790 74 2020-02-18 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
GaussDB 200 with version of 6.5.1 have a command injection vulnerability. The software constructs part of a command using external input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands.
50 CVE-2019-5238 Exec Code 2019-08-08 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Huawei PCManager with the versions before 9.0.1.66 (Oversea) and versions before 9.0.1.70 (China) have a code execution vulnerability. Successful exploitation may cause the attacker to execute code and read/write information.
Total number of vulnerabilities : 74   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.