cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-40007,https://securityvulnerability.io/vulnerability/CVE-2021-40007,Information Leak in eCNS280_TD by Huawei,"An information leak vulnerability exists in Huawei's eCNS280_TD V100R005C10SPC650 product due to improper management of log output. Attackers with access to the device's log files may exploit this vulnerability to disclose sensitive information, potentially compromising system integrity. It is essential for users to mitigate this risk by implementing strict access controls and regularly monitoring their log management practices.",Huawei,Ecns280 Td,6.5,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2021-12-13T15:48:04.000Z,0
CVE-2021-39995,https://securityvulnerability.io/vulnerability/CVE-2021-39995,Out-of-Bounds Read Vulnerability in Huawei OpenHpi Software,"An out-of-bounds read vulnerability has been identified in certain Huawei products using OpenHpi software for hardware management. This flaw occurs in a function that processes data returned from OpenHpi, potentially allowing attackers to trigger a denial of service. Affected products include specific versions of eCNS280_TD and eSE620X. Users are encouraged to implement available patches to mitigate risks associated with this vulnerability.",Huawei,Ecns280 Td;ese620x Vess,6.5,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2021-11-29T15:34:09.000Z,0
CVE-2021-37036,https://securityvulnerability.io/vulnerability/CVE-2021-37036,Information Leak Vulnerability in FusionCompute and eCNS280_TD Products by Huawei,"An information leakage vulnerability exists in FusionCompute 6.5.1 and specific versions of eCNS280_TD due to the improper storage of sensitive information in log files. This flaw can be exploited by attackers to retrieve confidential user data during the device login process, potentially leading to unauthorized information access.",Huawei,Fusioncompute;ecns280 Td,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-11-23T14:59:57.000Z,0
CVE-2021-22396,https://securityvulnerability.io/vulnerability/CVE-2021-22396,,"There is a privilege escalation vulnerability in some Huawei products. Due to improper privilege management, a local attacker with common privilege may access some specific files in the affected products. Successful exploit will cause privilege escalation.Affected product versions include:eCNS280_TD V100R005C00,V100R005C10;eSE620X vESS V100R001C10SPC200,V100R001C20SPC200.",Huawei,Ecns280 Td;ese620x Vess,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-08-02T16:08:35.000Z,0
CVE-2021-22383,https://securityvulnerability.io/vulnerability/CVE-2021-22383,,"There is an out-of-bounds read vulnerability in eCNS280_TD V100R005C10 and eSE620X vESS V100R001C10SPC200, V100R001C20SPC200, V200R001C00SPC300. The vulnerability is due to a message-handling function that contains an out-of-bounds read vulnerability. An attacker can exploit this vulnerability by sending a specific message to the target device, which could cause a Denial of Service (DoS).",Huawei,Ecns280 Td;ese620x Vess,4.9,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2021-06-22T18:59:03.000Z,0
CVE-2021-22363,https://securityvulnerability.io/vulnerability/CVE-2021-22363,,"There is a resource management error vulnerability in eCNS280_TD V100R005C10SPC650. An attacker needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices.",Huawei,Ecns280 Td,7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2021-06-22T18:49:33.000Z,0
CVE-2021-22378,https://securityvulnerability.io/vulnerability/CVE-2021-22378,,There is a race condition vulnerability in eCNS280_TD V100R005C00 and V100R005C10. There is a timing window exists in which the database can be operated by another thread that is operating concurrently. Successful exploit may cause the affected device abnormal.,Huawei,Ecns280 Td,5.3,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2021-06-22T18:32:08.000Z,0
CVE-2021-22300,https://securityvulnerability.io/vulnerability/CVE-2021-22300,,There is an information leak vulnerability in eCNS280_TD versions V100R005C00 and V100R005C10. A command does not have timeout exit mechanism. Temporary file contains sensitive information. This allows attackers to obtain information by inter-process access that requires other methods.,Huawei,Ecns280 Td,4.1,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-02-06T00:38:25.000Z,0