Vulnerabilities > Huawei > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-13 | CVE-2020-9145 | Out-of-bounds Write vulnerability in Huawei Emui and Magic UI There is an Out-of-bounds Write vulnerability in some Huawei smartphone. | 9.1 |
| 2021-01-13 | CVE-2020-9144 | Out-of-bounds Write vulnerability in Huawei Emui and Magic UI There is a heap overflow vulnerability in some Huawei smartphone, attackers can exploit this vulnerability to cause heap overflows due to improper restriction of operations within the bounds of a memory buffer. | 9.8 |
| 2020-08-17 | CVE-2020-9233 | Improper Authentication vulnerability in Huawei Fusioncompute 8.0.0 FusionCompute 8.0.0 have an insufficient authentication vulnerability. | 9.1 |
| 2020-06-08 | CVE-2020-9099 | Improper Authentication vulnerability in Huawei products Huawei products IPS Module; NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6300; Secospace USG6500; Secospace USG6600; USG9500 with versions of V500R001C00; V500R001C20; V500R001C30; V500R001C50; V500R001C60; V500R001C80; V500R005C00; V500R005C10; V500R005C20; V500R002C00; V500R002C10; V500R002C20; V500R002C30 have an improper authentication vulnerability. | 9.8 |
| 2020-04-27 | CVE-2020-9068 | Improper Authentication vulnerability in Huawei Ar3200 Firmware Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V200R007C00SPCc00, V200R009C00SPC500 have an improper authentication vulnerability. | 9.8 |
| 2020-02-10 | CVE-2020-8840 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter. | 9.8 |
| 2020-01-27 | CVE-2013-2612 | OS Command Injection vulnerability in Huawei E587 Firmware 11.203.27 Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error in the Web UI. | 9.8 |
| 2019-12-26 | CVE-2019-19398 | Improper Input Validation vulnerability in Huawei M5 Lite 10 Firmware 8.0.0.182(C00) M5 lite 10 with versions of 8.0.0.182(C00) have an insufficient input validation vulnerability. | 9.8 |
| 2019-05-16 | CVE-2019-0708 | Use After Free vulnerability in multiple products A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. | 9.8 |
| 2019-03-13 | CVE-2015-2254 | Information Exposure vulnerability in Huawei Oceanstor UDS Firmware Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to capture and change patch loading information resulting in the deletion of directory files and compromise of system functions when loading a patch. | 9.1 |