CVSS: 7.8EPSS: 0%CPEs: 146EXPL: 0CVE-2019-5304
https://notcve.org/view.php?id=CVE-2019-5304
03 Jan 2020 — Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset. Algunos productos de Huawei tienen una vulnerabilidad de error de búfer. Un atacante remoto no identificado podría enviar mensajes MPLS Echo Request específicos hacia los productos de destino. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200102-01-buffer-en • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 82EXPL: 0CVE-2019-5259
https://notcve.org/view.php?id=CVE-2019-5259
16 Dec 2019 — There is an information leakage vulnerability on some Huawei products(AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600). An attacker with low permissions can view some high-privilege information by running specific commands.Successful exploit could cause an information disclosure condition. Se presenta una vulnerabilidad de filtrado de información en algunos productos Huawei (AR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600). Un a... • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191211-01-vrp-en • CWE-269: Improper Privilege Management •
CVSS: 5.9EPSS: 0%CPEs: 87EXPL: 0CVE-2019-5291
https://notcve.org/view.php?id=CVE-2019-5291
13 Dec 2019 — Some Huawei products have an insufficient verification of data authenticity vulnerability. A remote, unauthenticated attacker has to intercept specific packets between two devices, modify the packets, and send the modified packets to the peer device. Due to insufficient verification of some fields in the packets, an attacker may exploit the vulnerability to cause the target device to be abnormal. Algunos productos Huawei presentan una comprobación insuficiente de una vulnerabilidad de autenticidad de datos.... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-validation-en • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.5EPSS: 0%CPEs: 47EXPL: 0CVE-2019-5293
https://notcve.org/view.php?id=CVE-2019-5293
13 Nov 2019 — Some Huawei products have a memory leak vulnerability when handling some messages. A remote attacker with operation privilege could exploit the vulnerability by sending specific messages continuously. Successful exploit may cause some service to be abnormal. Algunos productos de Huawei tienen una vulnerabilidad de pérdida de memoria cuando manejan algunos mensajes. Un atacante remoto con privilegio de operación podría explotar la vulnerabilidad mediante el envío continuo de mensajes específicos. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191023-01-memory-en • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 62EXPL: 0CVE-2019-5294
https://notcve.org/view.php?id=CVE-2019-5294
13 Nov 2019 — There is an out of bound read vulnerability in some Huawei products. A remote, unauthenticated attacker may send a corrupt or crafted message to the affected products. Due to a buffer read overflow error when parsing the message, successful exploit may cause some service to be abnormal. hay una vulnerabilidad de lectura fuera de límite en algunos productos Huawei. Un atacante remoto no autenticado puede enviar un mensaje corrupto o especialmente diseñado en los productos afectados. Debido a un error de desb... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191023-01-buffer-en • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 148EXPL: 0CVE-2017-17301
https://notcve.org/view.php?id=CVE-2017-17301
15 Feb 2018 — Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171222-01-cryptography-en • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 33EXPL: 0CVE-2016-8797
https://notcve.org/view.php?id=CVE-2016-8797
02 Apr 2017 — Huawei AR3200 with software V200R007C00, V200R005C32, V200R005C20; S12700 with software V200R008C00, V200R007C00; S5300 with software V200R008C00, V200R007C00, V200R006C00; S5700 with software V200R008C00, V200R007C00, V200R006C00; S6300 with software V200R008C00, V200R007C00; S6700 with software V200R008C00, V200R007C00; S7700 with software V200R008C00, V200R007C00, V200R006C00; S9300 with software V200R008C00, V200R007C00, V200R006C00; and S9700 with software V200R008C00, V200R007C00, V200R006C00 allow re... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160608-01-mpls-en • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 1%CPEs: 25EXPL: 0CVE-2016-6206
https://notcve.org/view.php?id=CVE-2016-6206
24 Mar 2017 — Huawei AR3200 routers with software before V200R007C00SPC600 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted packet. Los routers Huawei AR3200 con software en versiones anteriores a V200R007C00SPC600 permiten a atacantes remotos provocar una denegación de servicio o ejecutar código arbitrario a través de un paquete manipulado. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160713-01-router-en • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-5368
https://notcve.org/view.php?id=CVE-2016-5368
30 Jun 2016 — Memory leak in Huawei AR3200 before V200R007C00SPC900 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted Multiprotocol Label Switching (MPLS) packets. Fuga de memoria en Huawei AR3200 en versiones anteriores a V200R007C00SPC900 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de un gran número de paquetes Multiprotocol Label Switching (MPLS) manipulados. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160608-01-mpls-en • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-3950
https://notcve.org/view.php?id=CVE-2016-3950
18 Apr 2016 — Huawei AR3200 routers with software before V200R006C10SPC300 allow remote authenticated users to cause a denial of service (restart) via crafted packets. Routers Huawei AR3200 con software anterior a V200R006C10SPC300 permiten a usuarios remotos autenticados provocar una denegación de servicio (reinicio) a través de paquetes manipulados. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160406-01-ar-en • CWE-20: Improper Input Validation •