Vulnerabilities > Huawei
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-04-13 | CVE-2015-8682 | Improper Input Validation vulnerability in Huawei Mate S Firmware and P8 Firmware The Video0 driver in Huawei P8 smartphones with software GRA-UL00 before GRA-UL00C00B350, GRA-UL10 before GRA-UL10C00B350, GRA-TL00 before GRA-TL00C01B350, GRA-CL00 before GRA-CL00C92B350, and GRA-CL10 before GRA-CL10C92B350 and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to obtain sensitive information from stack memory or cause a denial of service (system crash) via a crafted application, which triggers an invalid memory access. | 6.1 |
| 2016-04-13 | CVE-2015-8304 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei P7 Firmware P7L07V100R001C01B606 Integer overflow in Huawei P7 phones with software before P7-L07 V100R001C01B606 allows remote attackers to gain privileges via a crafted application with the system or camera permission. | 7.8 |
| 2016-04-12 | CVE-2016-2405 | Permissions, Privileges, and Access Controls vulnerability in Huawei Policy Center Firmware V100R003C10 Huawei Policy Center with software before V100R003C10SPC020 allows remote authenticated users to gain privileges and cause a denial of service (system crash) via a crafted URL. | 8.8 |
| 2016-04-11 | CVE-2016-3678 | Improper Input Validation vulnerability in Huawei products Huawei Quidway S9700, S5700, S5300, S9300, and S7700 switches with software before V200R003SPH012 allow remote attackers to cause a denial of service (switch restart) via crafted traffic. | 7.5 |
| 2016-04-11 | CVE-2016-3676 | 7PK - Security Features vulnerability in Huawei E3276S Firmware E3276S150Tcpuv200R002B250D04Sp00C00 Huawei E3276s USB modems with software before E3276s-150TCPU-V200R002B436D09SP00C00 allow man-in-the-middle attackers to intercept, spoof, or modify network traffic via unspecified vectors related to a fake network. | 6.4 |
| 2016-04-11 | CVE-2016-3675 | SQL Injection vulnerability in Huawei Policy Center Firmware V100R003C00/V100R003C10 SQL injection vulnerability in Huawei Policy Center with software before V100R003C10SPC020 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to system databases. | 8.1 |
| 2016-04-07 | CVE-2015-8681 | Improper Access Control vulnerability in Huawei Mate S Firmware and P8 Firmware The ovisp driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application with the camera permission, aka an "interface access control vulnerability." | 7.8 |
| 2016-04-07 | CVE-2015-8680 | Improper Access Control vulnerability in Huawei Mate S Firmware, P8 and P8 Firmware The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application with the graphics permission, aka an "interface access control vulnerability," a different vulnerability than CVE-2015-8307. | 7.8 |
| 2016-04-07 | CVE-2015-8679 | Improper Access Control vulnerability in Huawei Mate S Firmware and P8 Firmware The Maxim_smartpa_dev driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230 and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allow attackers to cause a denial of service (system crash) via a crafted application, which triggers an invalid memory access. | 5.5 |
| 2016-04-07 | CVE-2015-8319 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Mate S Firmware and P8 Firmware Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2015-8318. | 7.8 |