Huawei : Security Vulnerabilities (CVSS score between 8 and 8.99)
# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2021-37016 |
125 |
|
DoS |
2021-11-23 |
2021-11-29 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause Information Disclosure or Denial of Service. |
2 |
CVE-2017-8135 |
77 |
|
+Priv |
2017-11-22 |
2017-12-27 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. |
3 |
CVE-2017-8134 |
77 |
|
+Priv |
2017-11-22 |
2017-12-06 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. |
4 |
CVE-2017-8132 |
77 |
|
+Priv |
2017-11-22 |
2017-12-06 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. |
5 |
CVE-2017-8131 |
77 |
|
+Priv |
2017-11-22 |
2017-12-06 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. |
6 |
CVE-2017-2719 |
77 |
|
+Priv |
2017-11-22 |
2017-12-08 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection vulnerabilities due to the insufficient input validation on one port. An attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. |
7 |
CVE-2017-2718 |
77 |
|
+Priv |
2017-11-22 |
2020-07-28 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection vulnerabilities due to the insufficient input validation on one port. An attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. |
8 |
CVE-2013-4629 |
255 |
|
|
2013-06-20 |
2013-06-21 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session, which allows remote authenticated users to hijack sessions via an unspecified interception method. |
Total number of vulnerabilities :
8
Page :
1
(This Page)