Vulnerabilities > Huawei > High

DATE CVE VULNERABILITY TITLE RISK
2016-04-13 CVE-2016-2780 Unspecified vulnerability in Huawei Utps Firmware 23.009.09.00.983
Untrusted search path vulnerability in Huawei UTPS before UTPS-V200R003B015D15SP00C983 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in an unspecified directory.
local
low complexity
huawei
7.8
2016-04-13 CVE-2016-1495 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Mate S Firmware
Integer overflow in the graphics drivers in Huawei Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, which triggers a heap-based buffer overflow.
local
low complexity
huawei CWE-119
7.8
2016-04-13 CVE-2015-8304 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei P7 Firmware P7L07V100R001C01B606
Integer overflow in Huawei P7 phones with software before P7-L07 V100R001C01B606 allows remote attackers to gain privileges via a crafted application with the system or camera permission.
local
low complexity
huawei CWE-119
7.8
2016-04-12 CVE-2016-2405 Permissions, Privileges, and Access Controls vulnerability in Huawei Policy Center Firmware V100R003C10
Huawei Policy Center with software before V100R003C10SPC020 allows remote authenticated users to gain privileges and cause a denial of service (system crash) via a crafted URL.
network
low complexity
huawei CWE-264
8.8
2016-04-11 CVE-2016-3678 Improper Input Validation vulnerability in Huawei products
Huawei Quidway S9700, S5700, S5300, S9300, and S7700 switches with software before V200R003SPH012 allow remote attackers to cause a denial of service (switch restart) via crafted traffic.
network
low complexity
huawei CWE-20
7.5
2016-04-11 CVE-2016-3675 SQL Injection vulnerability in Huawei Policy Center Firmware V100R003C00/V100R003C10
SQL injection vulnerability in Huawei Policy Center with software before V100R003C10SPC020 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to system databases.
network
low complexity
huawei CWE-89
8.1
2016-04-07 CVE-2015-8681 Improper Access Control vulnerability in Huawei Mate S Firmware and P8 Firmware
The ovisp driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application with the camera permission, aka an "interface access control vulnerability."
local
low complexity
huawei CWE-284
7.8
2016-04-07 CVE-2015-8680 Improper Access Control vulnerability in Huawei Mate S Firmware, P8 and P8 Firmware
The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application with the graphics permission, aka an "interface access control vulnerability," a different vulnerability than CVE-2015-8307.
local
low complexity
huawei CWE-284
7.8
2016-04-07 CVE-2015-8319 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Mate S Firmware and P8 Firmware
Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2015-8318.
local
low complexity
huawei CWE-119
7.8
2016-04-07 CVE-2015-8318 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei Mate S Firmware and P8 Firmware
Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to cause a denial of service (system crash) or gain privileges via a crafted application, a different vulnerability than CVE-2015-8319.
local
low complexity
huawei CWE-119
7.8