Vulnerabilities > Huawei > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-28 | CVE-2021-36995 | Unspecified vulnerability in Huawei Emui and Magic UI There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups. | 7.5 |
| 2021-10-28 | CVE-2021-36999 | Classic Buffer Overflow vulnerability in Huawei Emui and Magic UI There is a Buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by sending malicious images and inducing users to open the images may cause remote code execution. | 7.8 |
| 2021-10-28 | CVE-2021-37001 | Unspecified vulnerability in Huawei Emui and Magic UI There is a Register tampering vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow the register value to be modified. | 7.5 |
| 2021-10-27 | CVE-2021-37127 | Improper Verification of Cryptographic Signature vulnerability in Huawei products There is a signature management vulnerability in some huawei products. | 7.2 |
| 2021-10-27 | CVE-2021-37129 | Out-of-bounds Write vulnerability in Huawei products There is an out of bounds write vulnerability in some Huawei products. | 7.5 |
| 2021-10-27 | CVE-2021-37130 | Path Traversal vulnerability in Huawei Fusioncube Firmware 6.0.2 There is a path traversal vulnerability in Huawei FusionCube 6.0.2.The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a directory that is located underneath a restricted parent directory, but the software does not properly validate the pathname. | 7.5 |
| 2021-09-28 | CVE-2021-37104 | Server-Side Request Forgery (SSRF) vulnerability in Huawei P40 Firmware 10.1.0.118(C00E116R3P3) There is a server-side request forgery vulnerability in HUAWEI P40 versions 10.1.0.118(C00E116R3P3). | 7.5 |
| 2021-09-28 | CVE-2021-37105 | Unrestricted Upload of File with Dangerous Type vulnerability in Huawei Fusioncompute 6.5.0/6.5.1/8.0.0 There is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. | 7.5 |
| 2021-09-28 | CVE-2021-37106 | Command Injection vulnerability in Huawei Fusioncompute There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default certificate file. | 7.2 |
| 2021-08-23 | CVE-2021-22328 | Unspecified vulnerability in Huawei products There is a denial of service vulnerability in some huawei products. | 7.5 |