Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-22359

Summary
Assigner-huawei
Assigner Org ID-25ac1063-e409-4190-8079-24548c77ea2e
Published At-27 May, 2021 | 12:40
Updated At-03 Aug, 2024 | 18:44
Rejected At-
Credits

There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker could exploit this vulnerability by sending specific message to a targeted device. Due to insufficient input validation, successful exploit can cause the service abnormal.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:huawei
Assigner Org ID:25ac1063-e409-4190-8079-24548c77ea2e
Published At:27 May, 2021 | 12:40
Updated At:03 Aug, 2024 | 18:44
Rejected At:
▼CVE Numbering Authority (CNA)

There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker could exploit this vulnerability by sending specific message to a targeted device. Due to insufficient input validation, successful exploit can cause the service abnormal.

Affected Products
Vendor
n/a
Product
S5700;S6700
Versions
Affected
  • V200R005C00SPC500
Problem Types
TypeCWE IDDescription
textN/ADenial of Service
Type: text
CWE ID: N/A
Description: Denial of Service
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-dos-en
x_refsource_MISC
Hyperlink: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-dos-en
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-dos-en
x_refsource_MISC
x_transferred
Hyperlink: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-dos-en
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@huawei.com
Published At:27 May, 2021 | 13:15
Updated At:04 Jun, 2021 | 19:34

There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker could exploit this vulnerability by sending specific message to a targeted device. Due to insufficient input validation, successful exploit can cause the service abnormal.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Huawei Technologies Co., Ltd.
huawei
>>s5700_firmware>>v200r005c00spc500
cpe:2.3:o:huawei:s5700_firmware:v200r005c00spc500:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s5700>>-
cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s6700_firmware>>v200r005c00spc500
cpe:2.3:o:huawei:s6700_firmware:v200r005c00spc500:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>s6700>>-
cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-dos-enpsirt@huawei.com
Vendor Advisory
Hyperlink: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210519-02-dos-en
Source: psirt@huawei.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1526Records found
CVE-2020-9124
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.89%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 17:17
Updated-04 Aug, 2024 | 10:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-cloudengine_7800cloudengine_5800_firmwarecloudengine_5800cloudengine_6800_firmwarecloudengine_6800cloudengine_7800_firmwarecloudengine_12800cloudengine_12800_firmwareCloudEngine 5800CloudEngine 7800CloudEngine 12800CloudEngine 6800
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2020-9094
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.10%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 17:28
Updated-04 Aug, 2024 | 10:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-cloudengine_7800cloudengine_5800_firmwarecloudengine_5800cloudengine_6800_firmwarecloudengine_6800cloudengine_7800_firmwarecloudengine_12800cloudengine_12800_firmwareCloudEngine 5800CloudEngine 7800CloudEngine 12800CloudEngine 6800
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-9223
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.28% / 50.72%
||
7 Day CHG~0.00%
Published-29 Dec, 2020 | 17:59
Updated-04 Aug, 2024 | 10:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a denial of service vulnerability in some Huawei smartphones. Due to the improper processing of received abnormal messages, remote attackers may exploit this vulnerability to cause a denial of service (DoS) on the specific module.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-yale-l21a_firmwarehonor_20_prohonor_20_pro_firmwareyale-l61a_firmwareprinceton-al10d_firmwareprinceton-al10dyale-l21ayale-l61aYale-L61AYale-L21AHONOR 20 PROPrinceton-AL10D
CVE-2020-9098
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.07%
||
7 Day CHG~0.00%
Published-30 Apr, 2020 | 21:25
Updated-04 Aug, 2024 | 10:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulnerability. The software system access an invalid pointer when attacker malformed packet. Due to the insufficient validation of some parameter, successful exploit could cause device reboot.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-oceanstor_5310_firmwareoceanstor_5310OceanStor 5310 V5
CWE ID-CWE-763
Release of Invalid Pointer or Reference
CVE-2020-9158
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.10%
||
7 Day CHG~0.00%
Published-01 Jul, 2021 | 11:21
Updated-04 Aug, 2024 | 10:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Missing Cryptographic Step vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause DoS of Samgr.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-magic_uiemuiEMUI, Magic UI
CVE-2023-41309
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.13% / 32.99%
||
7 Day CHG~0.00%
Published-26 Sep, 2023 | 01:19
Updated-24 Sep, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission control vulnerability in the MediaPlaybackController module. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-41302
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.07%
||
7 Day CHG~0.00%
Published-25 Sep, 2023 | 12:16
Updated-24 Sep, 2024 | 15:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Redirection permission verification vulnerability in the home screen module. Successful exploitation of this vulnerability may cause features to perform abnormally.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-41307
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.14%
||
7 Day CHG~0.00%
Published-26 Sep, 2023 | 01:16
Updated-24 Sep, 2024 | 20:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory overwriting vulnerability in the security module. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-41299
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.13% / 33.77%
||
7 Day CHG~0.00%
Published-25 Sep, 2023 | 11:41
Updated-24 Sep, 2024 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-54635
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.9||MEDIUM
EPSS-0.02% / 2.27%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 02:30
Updated-11 Aug, 2025 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of returning released pointers in the distributed notification service. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-416
Use After Free
CVE-2023-41301
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.76%
||
7 Day CHG~0.00%
Published-25 Sep, 2023 | 12:08
Updated-24 Sep, 2024 | 15:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of unauthorized API access in the PMS module. Successful exploitation of this vulnerability may cause features to perform abnormally.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-269
Improper Privilege Management
CVE-2025-54609
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.4||MEDIUM
EPSS-0.01% / 2.05%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 01:14
Updated-12 Aug, 2025 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-54610
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-5.4||MEDIUM
EPSS-0.01% / 2.05%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 01:15
Updated-12 Aug, 2025 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2025-53181
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.02% / 3.54%
||
7 Day CHG~0.00%
Published-07 Jul, 2025 | 02:22
Updated-09 Jul, 2025 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-53183
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.02% / 3.54%
||
7 Day CHG~0.00%
Published-07 Jul, 2025 | 02:29
Updated-09 Jul, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-53179
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.02% / 3.54%
||
7 Day CHG~0.00%
Published-07 Jul, 2025 | 02:16
Updated-09 Jul, 2025 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-53182
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.02% / 3.54%
||
7 Day CHG~0.00%
Published-07 Jul, 2025 | 02:24
Updated-09 Jul, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-53180
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.02% / 3.54%
||
7 Day CHG~0.00%
Published-07 Jul, 2025 | 02:20
Updated-09 Jul, 2025 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-53184
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.02% / 3.54%
||
7 Day CHG~0.00%
Published-07 Jul, 2025 | 02:35
Updated-09 Jul, 2025 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-36601
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.05%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 17:58
Updated-04 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write vulnerability in the kernel modules. Successful exploitation of this vulnerability may cause a panic reboot.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2015-8231
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.04%
||
7 Day CHG~0.00%
Published-11 Jan, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei eSpace 7910 and 7950 IP phones with software before V200R002C00SPC800 allow remote attackers with established sessions to cause a denial of service (device restart) via unspecified packets.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-espace_7950espace_7910n/a
CVE-2023-39395
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.11% / 29.72%
||
7 Day CHG~0.00%
Published-13 Aug, 2023 | 12:31
Updated-09 Oct, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mismatch vulnerability in the serialization process in the communication system. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-19
Not Available
CVE-2023-39409
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.13% / 33.77%
||
7 Day CHG~0.00%
Published-25 Sep, 2023 | 10:50
Updated-24 Sep, 2024 | 14:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-39406
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.07% / 22.42%
||
7 Day CHG~0.00%
Published-13 Aug, 2023 | 12:42
Updated-09 Oct, 2024 | 16:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission control vulnerability in the XLayout component. Successful exploitation of this vulnerability may cause apps to forcibly restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-264
Not Available
CVE-2023-39380
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.06% / 19.37%
||
7 Day CHG~0.00%
Published-13 Aug, 2023 | 11:39
Updated-10 Oct, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission control vulnerability in the audio module. Successful exploitation of this vulnerability may cause audio devices to perform abnormally.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-264
Not Available
CWE ID-CWE-306
Missing Authentication for Critical Function
CWE ID-CWE-287
Improper Authentication
CVE-2023-39408
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.07% / 22.42%
||
7 Day CHG~0.00%
Published-25 Sep, 2023 | 08:51
Updated-24 Sep, 2024 | 14:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-5275
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.26% / 48.91%
||
7 Day CHG~0.00%
Published-26 Dec, 2019 | 18:36
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a heap buffer overflow when decoding a certificate, an attacker may exploit the vulnerability by a malicious certificate to perform a denial of service attack on the affected products.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg9500_firmwareusg9500USG9500
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-5294
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.45% / 62.87%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 16:12
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a buffer read overflow error when parsing the message, successful exploit may cause some service to be abnormal.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-ar2200_firmwarear1200ar3200_firmwarear2200srg1300srg1300_firmwaresrg3300_firmwaresrg2300_firmwaresrg3300netengine16exar120-s_firmwarear1200-s_firmwarear200-sar120-sar150-sar160srg2300ar150_firmwarear2200-sar150-s_firmwarear1200-sar3600ar150ar3200ar1200_firmwarear200-s_firmwarear200ar3600_firmwarear160_firmwarear2200-s_firmwarear200_firmwarenetengine16ex_firmwareAR120-S,AR1200,AR1200-S,AR150,AR150-S,AR160,AR200,AR200-S,AR2200,AR2200-S,AR3200,AR3600,NetEngine16EX,SRG1300,SRG2300,SRG3300
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-39396
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.68%
||
7 Day CHG~0.00%
Published-13 Aug, 2023 | 11:35
Updated-10 Oct, 2024 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Deserialization vulnerability in the input module. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2019-5274
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.21%
||
7 Day CHG~0.00%
Published-26 Dec, 2019 | 18:42
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in an infinite loop, an attacker may exploit the vulnerability via a malicious certificate to perform a denial of service attack on the affected products.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg9500_firmwareusg9500USG9500
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2019-5289
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.28%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 16:03
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the specific packet length. Attackers can construct invalid packets to attack the active and standby communication channels. Successful exploit of this vulnerability could allow the attacker to crash the database on the standby node.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-manageoneManageOne
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-5273
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.27%
||
7 Day CHG~0.00%
Published-26 Dec, 2019 | 18:49
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a large heap buffer overrun error, an attacker may exploit the vulnerability by a malicious certificate, resulting a denial of service on the affected products.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg9500_firmwareusg9500USG9500
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-5304
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.16%
||
7 Day CHG~0.00%
Published-03 Jan, 2020 | 14:33
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-ar2200_firmwares6700ips_modulear1200ar3200_firmwarear2200srg1300srg1300_firmwaresecospace_usg6300srg3300_firmwarenip6300_firmwaresrg2300_firmwaresrg3300netengine16exar120-s_firmwarear1200-s_firmwarenip6600ngfw_modulear200-sar120-sar150-sar160srg2300secospace_usg6500_firmwarear150_firmwarear2200-snip6300secospace_usg6500ips_module_firmwarear150-s_firmwaresecospace_usg6600_firmwarear1200-sar3600ar150ar3200ngfw_module_firmwarear1200_firmwarear200-s_firmwarear200s5700_firmwares6700_firmwarear3600_firmwarear160_firmwarear2200-s_firmwaresecospace_antiddos8000_firmwarear200_firmwarenip6600_firmwares5700secospace_antiddos8000netengine16ex_firmwaresecospace_usg6600secospace_usg6300_firmwareAR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600;IPS Module;NGFW Module;NIP6300;NIP6600;NetEngine16EX;S5700;S6700;SRG1300;SRG2300;SRG3300;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-39397
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.13% / 32.66%
||
7 Day CHG~0.00%
Published-13 Aug, 2023 | 12:32
Updated-09 Oct, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Input parameter verification vulnerability in the communication system. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-39384
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.06% / 19.37%
||
7 Day CHG~0.00%
Published-13 Aug, 2023 | 11:45
Updated-10 Oct, 2024 | 14:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of incomplete permission verification in the input method module. Successful exploitation of this vulnerability may cause features to perform abnormally.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUIharmonyosemui
CWE ID-CWE-264
Not Available
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-37239
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.04% / 9.49%
||
7 Day CHG~0.00%
Published-06 Jul, 2023 | 12:27
Updated-19 Nov, 2024 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in the distributed file system. Attackers who bypass the selinux permission can exploit this vulnerability to crash the program.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2019-19414
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.33% / 54.98%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 22:54
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-te60_firmwarete30_firmwaredbs3900_tdd_lte_firmwaredp300dbs3900_tdd_lterp200te40_firmwarete60dp300_firmwarete40te30te50_firmwarete50rp200_firmwareCloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-34161
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.07% / 23.02%
||
7 Day CHG~0.00%
Published-19 Jun, 2023 | 00:00
Updated-12 Dec, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

nappropriate authorization vulnerability in the SettingsProvider module.Successful exploitation of this vulnerability may cause features to perform abnormally.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiHarmonyOSEMUI
CWE ID-CWE-863
Incorrect Authorization
CVE-2019-19413
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.33% / 54.98%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 22:54
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-te60_firmwarete30_firmwaredbs3900_tdd_lte_firmwaredp300dbs3900_tdd_lterp200te40_firmwarete60dp300_firmwarete40te30te50_firmwarete50rp200_firmwareCloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-34162
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.90%
||
7 Day CHG~0.00%
Published-19 Jun, 2023 | 00:00
Updated-12 Dec, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Version update determination vulnerability in the user profile module.Successful exploitation of this vulnerability may cause repeated HMS Core updates and cause services to fail.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiHarmonyOSEMUI
CVE-2023-34166
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.10% / 28.60%
||
7 Day CHG~0.00%
Published-19 Jun, 2023 | 00:00
Updated-12 Dec, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of system restart triggered by abnormal callbacks passed to APIs.Successful exploitation of this vulnerability may cause the system to restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiHarmonyOSEMUI
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-34155
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.90%
||
7 Day CHG~0.00%
Published-19 Jun, 2023 | 00:00
Updated-17 Dec, 2024 | 15:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of unauthorized calling on HUAWEI phones and tablets.Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiHarmonyOSEMUI
CVE-2022-29793
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.33%
||
7 Day CHG~0.00%
Published-13 May, 2022 | 15:05
Updated-03 Aug, 2024 | 06:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosHarmonyOS;EMUI;Magic UI
CVE-2023-34163
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.90%
||
7 Day CHG~0.00%
Published-19 Jun, 2023 | 00:00
Updated-12 Dec, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Permission control vulnerability in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormally.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiHarmonyOSEMUI
CVE-2023-34164
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.90%
||
7 Day CHG~0.00%
Published-06 Jul, 2023 | 12:35
Updated-19 Nov, 2024 | 17:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of incomplete input parameter verification in the communication framework module. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-37117
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.56%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 21:07
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosMagic UIEMUIHarmony OS
CVE-2022-48492
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.06% / 19.86%
||
7 Day CHG~0.00%
Published-19 Jun, 2023 | 00:00
Updated-17 Dec, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiEMUI
CWE ID-CWE-1188
Initialization of a Resource with an Insecure Default
CVE-2022-48490
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.07% / 22.68%
||
7 Day CHG~0.00%
Published-19 Jun, 2023 | 00:00
Updated-17 Dec, 2024 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiEMUI
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-58112
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.76%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 03:37
Updated-07 May, 2025 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Exception capture failure vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-248
Uncaught Exception
CVE-2024-58107
Matching Score-8
Assigner-Huawei Technologies
ShareView Details
Matching Score-8
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.03% / 6.51%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 03:33
Updated-07 May, 2025 | 20:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • ...
  • 30
  • 31
  • Next
Details not found