Vulnerabilities > Huawei > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-22 | CVE-2017-8188 | Command Injection vulnerability in Huawei Fusionsphere Openstack V100R006C00Spc102(Nfv) FusionSphere OpenStack V100R006C00SPC102(NFV)has a command injection vulnerability. | 7.2 |
| 2017-11-22 | CVE-2017-8185 | Exposure of Resource to Wrong Sphere vulnerability in Huawei Me906S-158 Firmware ME906s-158 earlier than ME906S_Installer_13.1805.10.3 versions has a privilege elevation vulnerability. | 7.8 |
| 2017-11-22 | CVE-2017-8181 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei MTK Platform Smart Phone Firmware The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a arbitrary memory write vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special privilege and sends a specific parameter to the driver of the smart phone, causing privilege escalation. | 7.8 |
| 2017-11-22 | CVE-2017-8180 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei MTK Platform Smart Phone Firmware The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special privilege and sends a specific parameter to the driver of the smart phone, causing privilege escalation. | 7.8 |
| 2017-11-22 | CVE-2017-8179 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei MTK Platform Smart Phone Firmware The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an attacker tricks a user into installing a malicious application which has special privilege and sends a specific parameter to the driver of the smart phone, causing privilege escalation. | 7.8 |
| 2017-11-22 | CVE-2017-8174 | Inadequate Encryption Strength vulnerability in Huawei products Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. | 7.5 |
| 2017-11-22 | CVE-2017-8170 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Vie-L09 Firmware Viel09C02B131/Viel09C25B120/Viel09C40B181 Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. | 7.8 |
| 2017-11-22 | CVE-2017-8169 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Vie-L09 Firmware Viel09C02B131/Viel09C25B120/Viel09C40B181 Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. | 7.8 |
| 2017-11-22 | CVE-2017-8167 | Improper Input Validation vulnerability in Huawei Usg9500 Firmware V500R001C50 Huawei firewall products USG9500 V500R001C50 has a DoS vulnerability.A remote attacker who controls the peer device could exploit the vulnerability by sending malformed IKE packets to the target device. | 7.5 |
| 2017-11-22 | CVE-2017-8160 | Use After Free vulnerability in Huawei products The Madapt Driver of some Huawei smart phones with software Earlier than Vicky-AL00AC00B172 versions,Vicky-AL00CC768B122,Vicky-TL00AC01B167,Earlier than Victoria-AL00AC00B172 versions,Victoria-TL00AC00B123,Victoria-TL00AC01B167 has a use after free (UAF) vulnerability. | 7.8 |