Vulnerabilities > Huawei > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-08 | CVE-2015-2252 | Code Injection vulnerability in Huawei Oceanstor UDS Firmware V100R002C01Spc101 Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to execute arbitrary code with root privileges via a crafted UDS patch with shell scripts. | 9.3 |
| 2017-04-02 | CVE-2016-8801 | Command Injection vulnerability in Huawei Oceanstor 5600 V3 Firmware Huawei OceanStor 5600 V3 with V300R003C00C10 and earlier versions allows attackers with administrator privilege to inject a command into a specific command's parameters, and run this injected command with root privilege. | 9.0 |
| 2017-04-02 | CVE-2016-8768 | 7PK - Security Features vulnerability in Huawei products Huawei Honor 6, Honor 6 Plus, Honor 7 phones with software versions earlier than 6.9.16 could allow attackers to disable the PXN defense mechanism by invoking related drive code to crash the system or escalate privilege. | 9.3 |
| 2017-04-02 | CVE-2016-8763 | Improper Control of a Resource Through its Lifetime vulnerability in Huawei P8 Lite Firmware, P9 Firmware and P9 Lite Firmware The TrustZone driver in Huawei P9 phones with software Versions earlier than EVA-AL10C00B352 and P9 Lite with software VNS-L21C185B130 and earlier versions and P8 Lite with software ALE-L02C636B150 and earlier versions has an improper resource release vulnerability, which allows attackers to cause a system restart or privilege elevation. | 9.3 |
| 2017-04-02 | CVE-2016-8761 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 6 Firmware, P9 Firmware and P9 Plus Firmware Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege. | 9.3 |
| 2017-04-02 | CVE-2016-8760 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 6 Firmware, P9 Firmware and P9 Plus Firmware Touchscreen driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a heap overflow vulnerability, which allows attackers to crash the system or escalate user privilege. | 9.3 |
| 2017-04-02 | CVE-2016-8759 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 6 Firmware, P9 Firmware and P9 Plus Firmware Video driver in Huawei P9 phones with software versions before EVA-AL10C00B192 and Huawei Honor 6 phones with software versions before H60-L02_6.10.1 has a stack overflow vulnerability, which allows attackers to crash the system or escalate user privilege. | 9.3 |
| 2017-03-24 | CVE-2016-6206 | Improper Input Validation vulnerability in Huawei Ar3200 Firmware Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet. | 10.0 |
| 2016-10-03 | CVE-2016-8276 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products Buffer overflow in the Point-to-Point Protocol over Ethernet (PPPoE) module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600, when CHAP authentication is configured on the server, allows remote attackers to cause a denial of service (server restart) or execute arbitrary code via crafted packets sent during authentication. | 9.3 |
| 2016-09-07 | CVE-2016-7110 | Code Injection vulnerability in Huawei UMA Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 allows remote attackers to execute arbitrary commands via "special characters," a different vulnerability than CVE-2016-7109. | 10.0 |