Vulnerabilities > Huawei > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-04-13 | CVE-2016-1496 | Resource Management Errors vulnerability in Huawei P8 Firmware The graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230 allows attackers to cause a denial of service (system crash) via a crafted application, aka a "semaphore deadlock issue." | 5.5 |
| 2016-04-13 | CVE-2015-8682 | Improper Input Validation vulnerability in Huawei Mate S Firmware and P8 Firmware The Video0 driver in Huawei P8 smartphones with software GRA-UL00 before GRA-UL00C00B350, GRA-UL10 before GRA-UL10C00B350, GRA-TL00 before GRA-TL00C01B350, GRA-CL00 before GRA-CL00C92B350, and GRA-CL10 before GRA-CL10C92B350 and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allows attackers to obtain sensitive information from stack memory or cause a denial of service (system crash) via a crafted application, which triggers an invalid memory access. | 6.1 |
| 2016-04-11 | CVE-2016-3676 | 7PK - Security Features vulnerability in Huawei E3276S Firmware E3276S150Tcpuv200R002B250D04Sp00C00 Huawei E3276s USB modems with software before E3276s-150TCPU-V200R002B436D09SP00C00 allow man-in-the-middle attackers to intercept, spoof, or modify network traffic via unspecified vectors related to a fake network. | 6.4 |
| 2016-04-07 | CVE-2015-8679 | Improper Access Control vulnerability in Huawei Mate S Firmware and P8 Firmware The Maxim_smartpa_dev driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230 and Mate S smartphones with software CRR-TL00 before CRR-TL00C01B160SP01, CRR-UL00 before CRR-UL00C00B160, and CRR-CL00 before CRR-CL00C92B161 allow attackers to cause a denial of service (system crash) via a crafted application, which triggers an invalid memory access. | 5.5 |
| 2016-04-07 | CVE-2015-8305 | Improper Input Validation vulnerability in Huawei P7 Firmware P7L07V100R001C01B606/P7L10C900B852 Huawei Sophia-L10 smartphones with software before P7-L10C900B852 allow attackers to cause a denial of service (system panic) via a crafted application with the system or camera privilege. | 5.5 |
| 2016-02-15 | CVE-2016-2314 | Code vulnerability in Huawei Mt882 Firmware V200R002B022Arg GlobespanVirata ftpd 1.0, as used on Huawei SmartAX MT882 devices V200R002B022 Arg, allows remote authenticated users to cause a denial of service (device outage) by using the FTP MKD command to create a directory with a long name, and then using certain other commands. | 4.9 |
| 2016-02-08 | CVE-2016-2214 | Cross-site Scripting vulnerability in Huawei Agile Controller-Campus V100R001C00Spc315 Cross-site scripting (XSS) vulnerability in an unspecified portal authentication page in Huawei Agile Controller-Campus with software before V100R001C00SPC319 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 6.1 |
| 2016-01-15 | CVE-2015-8675 | Credentials Management vulnerability in Huawei S5300 Firmware V200R005C02 Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password when uploading files, which allows physically proximate attackers to obtain sensitive password information by reading the display. | 6.2 |
| 2016-01-12 | CVE-2015-8673 | Credentials Management vulnerability in Huawei products Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before V100R001C10SPC100 do not require entry of the old password when changing the password for the Debug account, which allows physically proximate attackers to change the password by leveraging an unattended workstation. | 6.8 |
| 2016-01-12 | CVE-2015-8672 | Data Processing Errors vulnerability in Huawei Te60 Firmware The presentation transmission permission management mechanism in Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before V100R001C10SPC100 allows remote attackers to cause a denial of service (wired presentation outage) via unspecified vectors involving a wireless presentation. | 5.3 |