|
247871
|
5.5 |
MEDIUM
Local
|
huawei
|
honor_5c_firmware
p9_lite_firmware
|
Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software versions earlier than NEM-L21C432B351 and versions earlier than VNS-L21C10B381 has a DoS vulnerability. An attacker may trick a …
|
CWE-20
Improper Input Validation
|
CVE-2017-8143
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247872
|
7.8 |
HIGH
Local
|
huawei
|
p10_plus_firmware
|
The Touch Panel (TP) driver in P10 Plus smart phones with software versions earlier than VKY-AL00C00B153 has a memory double free vulnerability. An attacker with the root privilege of the Android sys…
|
CWE-415
Double Free
|
CVE-2017-8141
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247873
|
7.8 |
HIGH
Local
|
huawei
|
p9_plus_firmware
|
The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE-AL10BC00B353 has a memory double free vulnerability. An attacker tricks a user into installing a malicious appl…
|
CWE-415
Double Free
|
CVE-2017-8140
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247874
|
6.1 |
MEDIUM
Network
|
huawei
|
hedex_lite
|
HedEx Earlier than V200R006C00 versions have the stored cross-site scripting (XSS) vulnerability. Attackers can exploit the vulnerability to plant malicious scripts into the configuration file to int…
|
CWE-79
Cross-site Scripting
|
CVE-2017-8139
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247875
|
7.5 |
HIGH
Network
|
huawei
|
ac6005_firmware
ac6605_firmware
ar1200_firmware
ar200_firmware
ar3200_firmware
cloudengine_12800_firmware
cloudengine_5800_firmware
cloudengine_6800_firmware
cloudengine_7800_…
|
AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,Clou…
|
CWE-20
Improper Input Validation
|
CVE-2017-8147
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247876
|
7.8 |
HIGH
Local
|
huawei
|
mate_9_firmware
mate_9_pro_firmware
|
The Trusted Execution Environment (TEE) module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use a…
|
CWE-416
Use After Free
|
CVE-2017-8142
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247877
|
8.8 |
HIGH
Network
|
huawei
|
hedex_lite
|
HedEx Earlier than V200R006C00 versions has a cross-site request forgery (CSRF) vulnerability. An attacker could trick a user into accessing a website containing malicious scripts which may tamper wi…
|
CWE-352
Origin Validation Error
|
CVE-2017-8138
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247878
|
7.8 |
HIGH
Local
|
huawei
|
hedex_lite
|
HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. An attacker could exploit this vulnerability…
|
CWE-426
Untrusted Search Path
|
CVE-2017-8137
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247879
|
5.5 |
MEDIUM
Local
|
huawei
|
hedex_lite
|
HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability. An attacker could exploit it to download arbitrary files on a target device to cause information leak.
|
CWE-200
Information Exposure
|
CVE-2017-8136
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247880
|
8.8 |
HIGH
Adjacent
|
huawei
|
fusionsphere_openstack
|
The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. An unauthenticated att…
|
CWE-77
Command Injection
|
CVE-2017-8135
|
2024-11-21 12:33 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
