cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2020-1824,https://securityvulnerability.io/vulnerability/CVE-2020-1824,Out of Bounds Read Vulnerabilities in Huawei's Common Open Policy Service Protocol,"Multiple out of bounds read vulnerabilities exist in the Common Open Policy Service (COPS) protocol implemented in certain Huawei products. These vulnerabilities arise during the processing of incoming data packets in the decoding function, where an out-of-bounds read may occur. If successfully exploited, these vulnerabilities could lead to service disruption on the affected devices. This affects a range of products utilizing the COPS protocol, underscoring the need for timely updates and mitigative measures to safeguard against potential security threats.",Huawei,"Ips Module,Ngfw Module,Nip6300,Nip6600,Nip6800,Secospace Usg6300,Secospace Usg6500,Secospace Usg6600,Usg6000v",5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2024-12-28T06:37:14.149Z,0
CVE-2020-1823,https://securityvulnerability.io/vulnerability/CVE-2020-1823,Out of Bounds Read Vulnerabilities in Huawei COPS Implementation,"The vulnerabilities present in the implementation of the Common Open Policy Service (COPS) protocol in specific Huawei products allow for multiple out of bounds (OOB) read conditions. These occur when the decoding function processes incoming data packets, potentially leading to unauthorized access to sensitive information or disruption of service on the affected device. Various Huawei products including routers, switches, and firewalls are affected, highlighting the significance of monitoring and mitigating such security risks to maintain device integrity and operational continuity.",Huawei,"Ips Module,Ngfw Module,Nip6300,Nip6600,Nip6800,Secospace Usg6300,Secospace Usg6500,Secospace Usg6600,Usg6000v",5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2024-12-28T06:29:49.051Z,0
CVE-2020-1822,https://securityvulnerability.io/vulnerability/CVE-2020-1822,Out of Bounds Read Vulnerabilities in Huawei's COPS Implementation,"Multiple out of bounds read vulnerabilities exist in the implementation of the Common Open Policy Service (COPS) protocol within various Huawei networking products. These vulnerabilities may arise during the processing of incoming data packets in the specific decoding function. Exploitation of these vulnerabilities could lead to unintended behavior, potentially disrupting service operations on the affected devices. These vulnerabilities are associated with several identified issues, indicating a broader concern regarding the secure handling of data packets in network devices.",Huawei,"Ips Module,Ngfw Module,Nip6300,Nip6600,Nip6800,Secospace Usg6300,Secospace Usg6500,Secospace Usg6600,Usg6000v",5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2024-12-28T06:21:04.473Z,0
CVE-2020-1821,https://securityvulnerability.io/vulnerability/CVE-2020-1821,Out of Bounds Read Vulnerabilities in Huawei Products,"Multiple out of bounds read vulnerabilities exist in the implementation of the Common Open Policy Service (COPS) protocol in certain Huawei devices. These vulnerabilities arise during the decoding of incoming data packets, which can result in an attacker reading memory that should not be accessible. Exploiting these vulnerabilities successfully can lead to significant service disruption on affected devices, impacting overall network reliability. It is crucial for users and administrators of Huawei devices to apply the necessary security patches to mitigate the risks associated with these vulnerabilities.",Huawei,"Ips Module,Ngfw Module,Nip6300,Nip6600,Nip6800,Secospace Usg6300,Secospace Usg6500,Secospace Usg6600,Usg6000v",5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2024-12-28T06:16:58.770Z,0
CVE-2020-1820,https://securityvulnerability.io/vulnerability/CVE-2020-1820,Out of Bounds Read Vulnerabilities in Huawei Common Open Policy Service Protocol,"Multiple out of bounds read vulnerabilities have been identified within the implementation of the Common Open Policy Service (COPS) protocol in certain Huawei products. These vulnerabilities arise due to improper handling of incoming data packets, which can lead to disruptions in service. When the decoding function processes data, it may read beyond allocated boundaries, creating potential avenues for exploitation. Successful execution of such exploits could result in service interruption on affected devices, impacting network stability and performance. The vulnerabilities are associated with multiple vulnerability IDs, underscoring the need for organizations utilizing these devices to assess their exposure and apply necessary patches as outlined in Huawei's advisory.",Huawei,"Ips Module,Ngfw Module,Nip6300,Nip6600,Nip6800,Secospace Usg6300,Secospace Usg6500,Secospace Usg6600,Usg6000v",5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2024-12-28T06:11:17.446Z,0
CVE-2020-1819,https://securityvulnerability.io/vulnerability/CVE-2020-1819,Out-of-Bounds Read Vulnerabilities in Huawei Products' COPS Implementation,"Huawei products experience a set of out-of-bounds read vulnerabilities within the implementation of the Common Open Policy Service (COPS) protocol. These vulnerabilities may be triggered during the processing of incoming data packets by the specific decoding function, leading to potential service disruptions on affected devices. Individuals and organizations using Huawei products should be aware of these issues and take necessary precautions to safeguard their systems.",Huawei,"Ips Module,Ngfw Module,Nip6300,Nip6600,Nip6800,Secospace Usg6300,Secospace Usg6500,Secospace Usg6600,Usg6000v",5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2024-12-27T10:05:47.224Z,0
CVE-2020-1818,https://securityvulnerability.io/vulnerability/CVE-2020-1818,Out-of-Bounds Read Vulnerabilities in Huawei Common Open Policy Service,"Multiple out-of-bounds read vulnerabilities exist in the implementation of the Common Open Policy Service (COPS) protocol found in various Huawei products. When processing incoming data packets, the specific decoding function may allow for out-of-bounds reads, leading to potential service disruptions on affected devices. Successful exploitation of these vulnerabilities can result in serious operational issues, making it crucial for users of the impacted Huawei network devices to apply appropriate security measures promptly. Huawei has designated several identification numbers for these vulnerabilities, which highlights the urgency of the situation.",Huawei,"Ips Module,Ngfw Module,Nip6300,Nip6600,Nip6800,Secospace Usg6300,Secospace Usg6500,Secospace Usg6600,Usg6000v",5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,false,,2024-12-27T10:02:45.710Z,0
CVE-2021-22356,https://securityvulnerability.io/vulnerability/CVE-2021-22356,Weak Secure Algorithm in Huawei Products Exposes Information Leaks,"Huawei products suffer from a vulnerability due to the use of a weak secure algorithm in specific modules. This vulnerability allows attackers to exploit the communication messages exchanged between devices. By capturing and analyzing these messages, they can potentially access confidential information, leading to serious information leaks. The affected products encompass a wide range of IPS, NGFW, and Secospace USG modules across different versions, highlighting the need for immediate mitigation measures.",Huawei,Ips Module;ngfw Module;secospace Usg6300;secospace Usg6500;secospace Usg6600;usg9500,5.9,MEDIUM,0.0016799999866634607,false,,false,false,false,,,false,false,,2021-11-23T15:05:21.000Z,0
CVE-2021-22341,https://securityvulnerability.io/vulnerability/CVE-2021-22341,,"There is a memory leak vulnerability in Huawei products. A resource management weakness exists in a module. Attackers with high privilege can exploit this vulnerability by performing some operations. This can lead to memory leak. Affected product versions include:IPS Module V500R005C00SPC100,V500R005C00SPC200;NGFW Module V500R005C00SPC100,V500R005C00SPC200;NIP6300 V500R005C00SPC100,V500R005C10SPC200;NIP6600 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 V500R005C00SPC100,V500R005C10SPC200;Secospace USG6600 V500R005C00SPC100,V500R005C00SPC200.",Huawei,Ips Module;ngfw Module;nip6300;nip6600;secospace Usg6300;secospace Usg6500;secospace Usg6600,4.9,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2021-06-29T19:22:23.000Z,0
CVE-2021-22411,https://securityvulnerability.io/vulnerability/CVE-2021-22411,,"There is an out-of-bounds write vulnerability in some Huawei products. The code of a module have a bad judgment logic. Attackers can exploit this vulnerability by performing multiple abnormal activities to trigger the bad logic and cause out-of-bounds write. This may compromise the normal service of the module.Affected product versions include: NGFW Module versions V500R005C00SPC100,V500R005C00SPC200;Secospace USG6300 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200;Secospace USG6500 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200;USG9500 versions V500R001C60SPC500,V500R005C00SPC100,V500R005C00SPC200.",Huawei,Ngfw Module;secospace Usg6300;secospace Usg6500;secospace Usg6600;usg9500,6.5,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2021-05-27T12:12:55.000Z,0
CVE-2021-22312,https://securityvulnerability.io/vulnerability/CVE-2021-22312,,"There is a memory leak vulnerability in some Huawei products. An authenticated remote attacker may exploit this vulnerability by sending specific message to the affected product. Due to not release the allocated memory properly, successful exploit may cause some service abnormal. Affected product include some versions of IPS Module, NGFW Module, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.",Huawei,Ips Module;ngfw Module;secospace Usg6300;secospace Usg6500;secospace Usg6600;usg9500,6.5,MEDIUM,0.001230000052601099,false,,false,false,false,,,false,false,,2021-04-08T18:18:36.000Z,0
CVE-2021-22321,https://securityvulnerability.io/vulnerability/CVE-2021-22321,,"There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.",Huawei,Nip6600;nip6800;s12700;s1700;s2700;s5700;s6700;s7700;s9700;secospace Usg6300;secospace Usg6500;secospace Usg6600;usg9500,5.3,MEDIUM,0.0009200000204145908,false,,false,false,false,,,false,false,,2021-03-22T19:03:52.000Z,0
CVE-2021-22320,https://securityvulnerability.io/vulnerability/CVE-2021-22320,,"There is a denial of service vulnerability in Huawei products. A module cannot deal with specific messages correctly. Attackers can exploit this vulnerability by sending malicious messages to an affected module. This can lead to denial of service. Affected product include some versions of IPS Module, NGFW Module, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500 and Secospace USG6600.",Huawei,Ips Module;ngfw Module;nip6600;nip6800;secospace Usg6300;secospace Usg6500;secospace Usg6600,7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2021-03-22T18:41:58.000Z,0
CVE-2021-22310,https://securityvulnerability.io/vulnerability/CVE-2021-22310,,"There is an information leakage vulnerability in some huawei products. Due to the properly storage of specific information in the log file, the attacker can obtain the information when a user logs in to the device. Successful exploit may cause an information leak. Affected product versions include: NIP6300 versions V500R001C00,V500R001C20,V500R001C30;NIP6600 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6300 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6500 versions V500R001C00,V500R001C20,V500R001C30;Secospace USG6600 versions V500R001C00,V500R001C20,V500R001C30,V500R001C50,V500R001C60,V500R001C80;USG9500 versions V500R005C00,V500R005C10.",Huawei,Nip6300;nip6600;secospace Usg6300;secospace Usg6500;secospace Usg6600;usg9500,4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-03-22T18:38:09.000Z,0
CVE-2020-9213,https://securityvulnerability.io/vulnerability/CVE-2020-9213,,"There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft many specific packets. Successful exploit may cause some services to be abnormal. Affected products include some versions of NGFW Module, NIP6300, NIP6600, NIP6800, Secospace USG6300, Secospace USG6500, Secospace USG6600 and SG9500.",Huawei,Ngfw Module;nip6300;nip6600;nip6800;secospace Usg6300;secospace Usg6500;secospace Usg6600;usg9500,7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2021-03-22T17:39:26.000Z,0
CVE-2020-1847,https://securityvulnerability.io/vulnerability/CVE-2020-1847,,"There is a denial of service vulnerability in some Huawei products. There is no protection against the attack scenario of specific protocol. A remote, unauthorized attackers can construct attack scenarios, which leads to denial of service.Affected product versions include:NIP6300 versions V500R001C30,V500R001C60;NIP6600 versions V500R001C30,V500R001C60;Secospace USG6300 versions V500R001C30,V500R001C60;Secospace USG6500 versions V500R001C30,V500R001C60;Secospace USG6600 versions V500R001C30,V500R001C60;USG9500 versions V500R001C30,V500R001C60.",Huawei,Nip6300;nip6600;secospace Usg6300;secospace Usg6500;secospace Usg6600;usg9500,7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2020-11-13T14:50:23.000Z,0
CVE-2020-9127,https://securityvulnerability.io/vulnerability/CVE-2020-9127,,"Some Huawei products have a command injection vulnerability. Due to insufficient input validation, an attacker with high privilege may inject some malicious codes in some files of the affected products. Successful exploit may cause command injection.Affected product versions include:NIP6300 versions V500R001C30,V500R001C60;NIP6600 versions V500R001C30,V500R001C60;Secospace USG6300 versions V500R001C30,V500R001C60;Secospace USG6500 versions V500R001C30,V500R001C60;Secospace USG6600 versions V500R001C30,V500R001C60;USG9500 versions V500R001C30,V500R001C60.",Huawei,Nip6300;nip6600;secospace Usg6300;secospace Usg6500;secospace Usg6600;usg9500,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-11-13T14:46:52.000Z,0
CVE-2020-9101,https://securityvulnerability.io/vulnerability/CVE-2020-9101,,"There is an out-of-bounds write vulnerability in some products. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient validation of packets, which may be exploited to cause the process reboot. Affected product versions include: IPS Module versions V500R005C00, V500R005C10; NGFW Module versions V500R005C00, V500R005C10; Secospace USG6300 versions V500R001C30, V500R001C60, V500R005C00, V500R005C10; Secospace USG6500 versions V500R001C30, V500R001C60, V500R005C00, V500R005C10; Secospace USG6600 versions V500R001C30, V500R001C60, V500R005C00, V500R005C10; USG9500 versions V500R001C30, V500R001C60, V500R005C00, V500R005C10",Huawei,"Ips Module,Ngfw Module,Secospace Usg6300,Secospace Usg6500,Secospace Usg6600,Usg9500",6.5,MEDIUM,0.0006200000061653554,false,,false,false,false,,,false,false,,2020-07-18T01:16:00.000Z,0
CVE-2019-19415,https://securityvulnerability.io/vulnerability/CVE-2019-19415,,"The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.",Huawei,"Ar120-s,Ar1200,Ar1200-s,Ar150,Ar150-s,Ar160,Ar200,Ar200-s,Ar2200,Ar2200-s,Ar3200,Ar3600,Ar510,Dp300,Ips Module,Ngfw Module,Nip6300,Nip6600,Nip6800,Netengine16ex,Rse6500,Smc2.0,Srg1300,Srg2300,Srg3300,Svn5600,Svn5800,Svn5800-c,Semg9811,Secospace Usg6300,Secospace Usg6500,Secospace Usg6600,Softco,Te30,Te40,Te50,Te60,Tp3206,Usg9500,Usg9520,Usg9560,Vp9660,VieWPoint 8660,VieWPoint 9030,Espace U1910,Espace U1911,Espace U1930,Espace U1960,Espace U1980,Espace U1981",7.5,HIGH,0.0017900000093504786,false,,false,false,false,,,false,false,,2020-07-08T16:58:31.000Z,0
CVE-2019-19416,https://securityvulnerability.io/vulnerability/CVE-2019-19416,,"The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.",Huawei,"Ar120-s,Ar1200,Ar1200-s,Ar150,Ar150-s,Ar160,Ar200,Ar200-s,Ar2200,Ar2200-s,Ar3200,Ar3600,Ar510,Dp300,Ips Module,Ngfw Module,Nip6300,Nip6600,Nip6800,Netengine16ex,Rse6500,Smc2.0,Srg1300,Srg2300,Srg3300,Svn5600,Svn5800,Svn5800-c,Semg9811,Secospace Usg6300,Secospace Usg6500,Secospace Usg6600,Softco,Te30,Te40,Te50,Te60,Tp3206,Usg9500,Usg9520,Usg9560,Vp9660,VieWPoint 8660,VieWPoint 9030,Espace U1910,Espace U1911,Espace U1930,Espace U1960,Espace U1980,Espace U1981",7.5,HIGH,0.0017900000093504786,false,,false,false,false,,,false,false,,2020-07-08T16:55:48.000Z,0
CVE-2019-19417,https://securityvulnerability.io/vulnerability/CVE-2019-19417,,"The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the attacker to cause buffer overflow and dead loop, leading to DoS condition. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-sip-en.",Huawei,"Ar120-s,Ar1200,Ar1200-s,Ar150,Ar150-s,Ar160,Ar200,Ar200-s,Ar2200,Ar2200-s,Ar3200,Ar3600,Ar510,Dp300,Ips Module,Ngfw Module,Nip6300,Nip6600,Nip6800,Netengine16ex,Rse6500,Smc2.0,Srg1300,Srg2300,Srg3300,Svn5600,Svn5800,Svn5800-c,Semg9811,Secospace Usg6300,Secospace Usg6500,Secospace Usg6600,Softco,Te30,Te40,Te50,Te60,Tp3206,Usg9500,Usg9520,Usg9560,Vp9660,VieWPoint 8660,VieWPoint 9030,Espace U1910,Espace U1911,Espace U1930,Espace U1960,Espace U1980,Espace U1981",7.5,HIGH,0.0017900000093504786,false,,false,false,false,,,false,false,,2020-07-08T16:53:05.000Z,0
CVE-2020-9075,https://securityvulnerability.io/vulnerability/CVE-2020-9075,,"Huawei products Secospace USG6300;USG6300E with versions of V500R001C30,V500R001C50,V500R001C60,V500R001C80,V500R005C00,V500R005C10;V600R006C00 have a vulnerability of insufficient input verification. An attacker with limited privilege can exploit this vulnerability to access a specific directory. Successful exploitation of this vulnerability may lead to information leakage.",Huawei,Secospace Usg6300;usg6300e,6.5,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2020-06-15T14:56:27.000Z,0
CVE-2020-9099,https://securityvulnerability.io/vulnerability/CVE-2020-9099,,Huawei products IPS Module; NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6300; Secospace USG6500; Secospace USG6600; USG9500 with versions of V500R001C00; V500R001C20; V500R001C30; V500R001C50; V500R001C60; V500R001C80; V500R005C00; V500R005C10; V500R005C20; V500R002C00; V500R002C10; V500R002C20; V500R002C30 have an improper authentication vulnerability. Attackers need to perform some operations to exploit the vulnerability. Successful exploit may obtain certain permissions on the device.,Huawei,Ips Module; Ngfw Module; Nip6300; Nip6600; Nip6800; Secospace Usg6300; Secospace Usg6500; Secospace Usg6600; Usg9500,9.8,CRITICAL,0.0030900000128895044,false,,false,false,false,,,false,false,,2020-06-08T13:55:12.000Z,0
CVE-2019-5304,https://securityvulnerability.io/vulnerability/CVE-2019-5304,,"Some Huawei products have a buffer error vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.",Huawei,Ar120-s;ar1200;ar1200-s;ar150;ar150-s;ar160;ar200;ar200-s;ar2200;ar2200-s;ar3200;ar3600;ips Module;ngfw Module;nip6300;nip6600;netengine16ex;s5700;s6700;srg1300;srg2300;srg3300;secospace Antiddos8000;secospace Usg6300;secospace Usg6500;secospace Usg6600,7.5,HIGH,0.0017900000093504786,false,,false,false,false,,,false,false,,2020-01-03T14:33:41.000Z,0
CVE-2019-5254,https://securityvulnerability.io/vulnerability/CVE-2019-5254,,"Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board may send crafted messages from the internal network port or tamper with inter-process message packets to exploit this vulnerability. Due to insufficient validation of the message, successful exploit may cause the affected board to be abnormal.",Huawei,Ap2000;ips Module;ngfw Module;nip6300;nip6600;nip6800;s5700;svn5600;svn5800;svn5800-c;semg9811;secospace Antiddos8000;secospace Usg6300;secospace Usg6500;secospace Usg6600;usg6000v;espace U1981,8.6,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2019-12-13T22:51:29.000Z,0