Vulnerabilities > Huawei > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-22 | CVE-2017-15313 | Injection vulnerability in Huawei Smartcare V200R003C10 Huawei SmartCare V200R003C10 has a CSV injection vulnerability. | 8.8 |
| 2017-12-22 | CVE-2017-15311 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro Huawei smart phones with software before ALP-AL00 8.0.0.120(SP2C00), before BLA-AL00 8.0.0.120(SP2C00), before MHA-AL00B 8.0.0.334(C00), and before LON-AL00B 8.0.0.334(C00) have a stack overflow vulnerability due to the lack of parameter validation. | 8.8 |
| 2017-12-22 | CVE-2017-15309 | Path Traversal vulnerability in Huawei Ireader Huawei iReader app before 8.0.2.301 has a path traversal vulnerability due to insufficient validation on file storage paths. | 7.1 |
| 2017-12-22 | CVE-2017-15308 | Improper Input Validation vulnerability in Huawei Ireader Huawei iReader app before 8.0.2.301 has an input validation vulnerability due to insufficient validation on the URL used for loading network data. | 8.8 |
| 2017-12-11 | CVE-2014-8358 | Untrusted Search Path vulnerability in Huawei Ec156 Firmware, Ec176 Firmware and Ec177 Firmware Huawei EC156, EC176, and EC177 USB Modem products with software before UTPS-V200R003B015D02SP07C1014 (23.015.02.07.1014) and before V200R003B015D02SP08C1014 (23.015.02.08.1014) use a weak ACL for the "Mobile Partner" directory, which allows remote attackers to gain SYSTEM privileges by compromising a low privilege account and modifying Mobile Partner.exe. | 7.8 |
| 2017-11-22 | CVE-2017-8212 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 5C Firmware and Honor 6X Firmware The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation. | 7.8 |
| 2017-11-22 | CVE-2017-8211 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 5C Firmware and Honor 6X Firmware The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation. | 7.8 |
| 2017-11-22 | CVE-2017-8210 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 5C Firmware and Honor 6X Firmware The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation. | 7.8 |
| 2017-11-22 | CVE-2017-8209 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 5C Firmware and Honor 6X Firmware The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation. | 7.8 |
| 2017-11-22 | CVE-2017-8208 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Honor 5C Firmware and Honor 6X Firmware The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation. | 7.8 |