cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-40008,https://securityvulnerability.io/vulnerability/CVE-2021-40008,Memory Leak Vulnerability in Huawei CloudEngine Series,"A memory leak has been identified in several models of Huawei's CloudEngine series. This issue arises from the software's inadequate management of allocated memory during the parsing of specially crafted binary messages. As a result, the system may fail to properly release memory, leading to an exhaustion of available resources. If exploited, this vulnerability could severely impact device performance and stability, making it critical for users to ensure that their systems are updated with the latest patches.",Huawei,Cloudengine 12800;cloudengine 5800;cloudengine 6800;cloudengine 7800,7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2021-12-13T15:48:05.000Z,0
CVE-2021-39976,https://securityvulnerability.io/vulnerability/CVE-2021-39976,Privilege Escalation Vulnerability in Huawei CloudEngine 5800 Series,"A privilege escalation issue in the Huawei CloudEngine 5800 series allows authenticated local attackers to perform specific operations, potentially leading to the acquisition of higher-level access. The vulnerability arises from insufficient privilege restrictions, raising concerns regarding the overall security posture of affected network devices.",Huawei,Cloudengine 5800,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-11-23T14:53:41.000Z,0
CVE-2021-37122,https://securityvulnerability.io/vulnerability/CVE-2021-37122,Use-After-Free Vulnerability in Huawei CloudEngine Products,"A use-after-free vulnerability exists in Huawei CloudEngine products, enabling attackers to craft specific packets that can exploit this flaw. Successful attacks could lead to abnormal service disruptions, making it critical for users to ensure they are operating on secure and updated versions of these products.",Huawei,Cloudengine 12800;cloudengine 5800;cloudengine 6800;cloudengine 7800,6.5,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2021-10-27T00:36:07.000Z,0
CVE-2021-22328,https://securityvulnerability.io/vulnerability/CVE-2021-22328,Denial of Service Vulnerability in Huawei CloudEngine Products,"A denial of service vulnerability exists in Huawei's CloudEngine series due to improper handling of network packets. This flaw allows an attacker to craft malicious packets that may disrupt service functionality, potentially causing significant service interruption. Affected versions include various models of the CloudEngine series, emphasizing the need for vigilance and timely updates to mitigate risks.",Huawei,Cloudengine 12800;cloudengine 5800;cloudengine 6800;cloudengine 7800,7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2021-08-23T19:29:53.000Z,0
CVE-2021-22362,https://securityvulnerability.io/vulnerability/CVE-2021-22362,,"There is an out of bounds write vulnerability in some Huawei products. An attacker can exploit this vulnerability by sending crafted data in the packet to the target device. Due to insufficient validation of message, successful exploit can cause certain service abnormal.Affected product versions include:CloudEngine 12800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 5800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800@;CloudEngine 6800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R005C20SPC800,V200R019C00SPC800,V200R019C10SPC800;CloudEngine 7800 versions V200R002C50SPC800,V200R003C00SPC810,V200R005C00SPC800,V200R005C10SPC800,V200R019C00SPC800,V200R019C10SPC800.",Huawei,Cloudengine 12800;cloudengine 5800;cloudengine 6800;cloudengine 7800,5.3,MEDIUM,0.0009200000204145908,false,,false,false,false,,,false,false,,2021-05-27T12:18:57.000Z,0
CVE-2021-22332,https://securityvulnerability.io/vulnerability/CVE-2021-22332,,"There is a pointer double free vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. When a function is called, the same memory pointer is copied to two functional modules. Attackers can exploit this vulnerability by performing a malicious operation to cause the pointer double free. This may lead to module crash, compromising normal service.",Huawei,Cloudengine 12800;cloudengine 5800;cloudengine 6800;cloudengine 7800,7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2021-04-28T12:10:28.000Z,0
CVE-2021-22393,https://securityvulnerability.io/vulnerability/CVE-2021-22393,,"There is a denial of service vulnerability in some versions of CloudEngine 5800, CloudEngine 6800, CloudEngine 7800 and CloudEngine 12800. The affected product cannot deal with some messages because of module design weakness . Attackers can exploit this vulnerability by sending a large amount of specific messages to cause denial of service. This can compromise normal service.",Huawei,Cloudengine 12800;cloudengine 5800;cloudengine 6800;cloudengine 7800,7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2021-04-28T11:36:48.000Z,0
CVE-2020-1865,https://securityvulnerability.io/vulnerability/CVE-2020-1865,,"There is an out-of-bounds read vulnerability in Huawei CloudEngine products. The software reads data past the end of the intended buffer when parsing certain PIM message, an adjacent attacker could send crafted PIM messages to the device, successful exploit could cause out of bounds read when the system does the certain operation.",Huawei,Cloudengine 12800;cloudengine 5800;cloudengine 6800;cloudengine 7800,6.5,MEDIUM,0.000750000006519258,false,,false,false,false,,,false,false,,2021-01-13T22:20:20.000Z,0
CVE-2020-9207,https://securityvulnerability.io/vulnerability/CVE-2020-9207,,There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service.,Huawei,"Cloudengine 12800,Cloudengine 5800,Cloudengine 6800,Cloudengine 7800",7.8,HIGH,0.0006099999882280827,false,,false,false,false,,,false,false,,2020-12-29T17:57:18.000Z,0
CVE-2020-9094,https://securityvulnerability.io/vulnerability/CVE-2020-9094,,There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by sending malicious packet. This can lead to denial of service.,Huawei,"Cloudengine 12800,Cloudengine 5800,Cloudengine 6800,Cloudengine 7800",7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2020-12-29T17:28:53.000Z,0
CVE-2020-9124,https://securityvulnerability.io/vulnerability/CVE-2020-9124,,"There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause memory leak.",Huawei,"Cloudengine 12800,Cloudengine 5800,Cloudengine 6800,Cloudengine 7800",7.5,HIGH,0.0017900000093504786,false,,false,false,false,,,false,false,,2020-12-29T17:17:07.000Z,0
CVE-2020-9137,https://securityvulnerability.io/vulnerability/CVE-2020-9137,,"There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. Due to insufficient input validation, a local attacker with high privilege may execute some specially crafted scripts in the affected products. Successful exploit will cause privilege escalation.",Huawei,Cloudengine 12800;cloudengine 5800;cloudengine 6800;cloudengine 7800,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-12-24T15:47:56.000Z,0
CVE-2020-9102,https://securityvulnerability.io/vulnerability/CVE-2020-9102,,"There is a information leak vulnerability in some Huawei products, and it could allow a local attacker to get information. The vulnerability is due to the improper management of the username. An attacker with the ability to access the device and cause the username information leak. Affected product versions include: CloudEngine 12800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 5800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800; CloudEngine 6800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R002C50SPC800, V200R003C00SPC810, V200R005C00SPC800, V200R005C10SPC800, V200R019C00SPC800",Huawei,"Cloudengine 12800,Cloudengine 5800,Cloudengine 6800,Cloudengine 7800",3.3,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-07-17T23:15:00.000Z,0
CVE-2020-1870,https://securityvulnerability.io/vulnerability/CVE-2020-1870,,"There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. Affected product versions include: CloudEngine 12800 versions V200R019C00SPC800; CloudEngine 5800 versions V200R019C00SPC800; CloudEngine 6800 versions V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R019C00SPC800; NE40E versions V800R011C00SPC200, V800R011C00SPC300, V800R011C10SPC100; NE40E-F versions V800R011C00SPC200, V800R011C10SPC100; NE40E-M versions V800R011C00SPC200, V800R011C10SPC100.",Huawei,"Cloudengine 12800,Cloudengine 5800,Cloudengine 6800,Cloudengine 7800,Ne40e,Ne40e-f,Ne40e-m",7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2020-05-29T19:13:26.000Z,0
CVE-2019-19414,https://securityvulnerability.io/vulnerability/CVE-2019-19414,,"There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.",Huawei,Cloudengine 12800;cloudengine 5800;cloudengine 6800;cloudengine 7800;dbs3900 Tdd Lte;dp300;rp200;te30;te40;te50;te60,7.5,HIGH,0.0017900000093504786,false,,false,false,false,,,false,false,,2020-01-21T22:54:32.000Z,0
CVE-2019-19413,https://securityvulnerability.io/vulnerability/CVE-2019-19413,,"There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.",Huawei,Cloudengine 12800;cloudengine 5800;cloudengine 6800;cloudengine 7800;dbs3900 Tdd Lte;dp300;rp200;te30;te40;te50;te60,7.5,HIGH,0.0017900000093504786,false,,false,false,false,,,false,false,,2020-01-21T22:54:22.000Z,0
CVE-2016-8795,https://securityvulnerability.io/vulnerability/CVE-2016-8795,,"Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 7800 with software V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 8800 with software V100R006C00; and Secospace USG6600 with software V500R001C00 allow remote unauthenticated attackers to craft specific IPFPM packets to trigger an integer overflow and cause the device to reset.",Huawei,"Cloudengine 5800, Cloudengine 6800, Cloudengine 7800, Cloudengine 8800,cloudengine 12800, Secospace Usg6600 Cloudengine 12800 V100r002c00, V100r003c00, V100r003c10, V100r005c00, V100r005c10, V100r006c00,cloudengine 5800 V100r002c00, V100r003c00, V100r003c10, V100r005c00, V100r005c10, V100r006c00, Cloudengine 6800 V100r002c00, V100r003c00, V100r003c10, V100r005c00, V100r005c10, V100r006c00,cloudengine 7800 V100r003c00, V100r003c10, V100r005c00, V100r005c10, V100r006c00, Cloudengine 8800 V100r006c00, Secospace Usg6600 V500r001c00",5.9,MEDIUM,0.001019999966956675,false,,false,false,false,,,false,false,,2017-04-02T20:00:00.000Z,0
CVE-2016-8790,https://securityvulnerability.io/vulnerability/CVE-2016-8790,,"Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with software before V200R001C00SPC700, CloudEngine 12800 with software before V200R001C00SPC700 could allow the attacker to exploit a buffer overflow vulnerability by sending crafted packets to the affected system to cause a main control board reboot.",Huawei,"Cloudengine 5800,cloudengine 6800,cloudengine 7800,cloudengine 8800,cloudengine 12800 V100r003c10,v100r005c00,v100r005c10,v100r006c00",5.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2017-04-02T20:00:00.000Z,0