Harmonyos Security Vulnerabilities - CVSS Score 9 - 10
There is a buffer overflow vulnerability in smartphones. Successful exploitation of this vulnerability may cause DoS of the apps during Multi-Screen Collaboration.
9.1CVSS
9.3AI Score
0.002EPSS
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
9.8CVSS
9.3AI Score
0.002EPSS
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
9.8CVSS
9.3AI Score
0.002EPSS
There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection.
9.8CVSS
9.6AI Score
0.001EPSS
There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.
9.8CVSS
9.3AI Score
0.002EPSS
There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.
9.8CVSS
9.3AI Score
0.002EPSS
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
9.8CVSS
9.3AI Score
0.002EPSS
There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.
9.8CVSS
9.3AI Score
0.002EPSS
The interface of a certain HarmonyOS module has an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to heap memory overflow.
9.8CVSS
9.4AI Score
0.002EPSS
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.
9.1CVSS
9.1AI Score
0.003EPSS
There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause Information Disclosure or Denial of Service.
9.1CVSS
9AI Score
0.002EPSS
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.
9.1CVSS
9.1AI Score
0.003EPSS
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Out-of-bounds read.
9.1CVSS
9.1AI Score
0.003EPSS
There is a Heap-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause root permission which can be escalated.
9.8CVSS
9.4AI Score
0.003EPSS
There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting.
9.8CVSS
9.7AI Score
0.003EPSS
There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed.
9.8CVSS
9.4AI Score
0.002EPSS
There is a Heap-based buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may rewrite the memory of adjacent objects.
9.8CVSS
9.6AI Score
0.002EPSS
There is an Out-of-bounds read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds memory access.
9.1CVSS
9.1AI Score
0.002EPSS
9.8CVSS
9.3AI Score
0.002EPSS
There is a Improper Validation of Array Index vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to memory overflow and information leakage.
9.1CVSS
9.1AI Score
0.002EPSS
There is a Cryptographic Issues vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to read and delete images of Harmony devices.
9.8CVSS
9.1AI Score
0.002EPSS
There is a Improper Limitation of a Pathname to a Restricted Directory vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to arbitrary file created.
9.1CVSS
9.1AI Score
0.002EPSS
There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Confidentiality or Availability impacted.
9.1CVSS
9.2AI Score
0.002EPSS
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete arbitrary file by system_app permission.
9.1CVSS
9.1AI Score
0.001EPSS
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious invoking other functions of the Smart Assistant through text messages.
9.8CVSS
9.3AI Score
0.002EPSS
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can create arbitrary file.
9.1CVSS
9.1AI Score
0.002EPSS
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers can write any content to any file.
9.1CVSS
9.1AI Score
0.002EPSS
There is a Integer Overflow or Wraparound vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to remote denial of service and potential remote code execution.
9.8CVSS
9.7AI Score
0.006EPSS
There is a Path Traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to delete any file.
9.1CVSS
9.1AI Score
0.001EPSS
PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed.
9.1CVSS
9.1AI Score
0.002EPSS
HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file.
9.8CVSS
9.4AI Score
0.003EPSS
HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may affect HHEE system integrity.
9.8CVSS
9.6AI Score
0.002EPSS
Phone Manager application has a Improper Privilege Management vulnerability.Successful exploitation of this vulnerability may read and write arbitrary files by tampering with Phone Manager notifications.
9.1CVSS
9.1AI Score
0.002EPSS
The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.
9.8CVSS
9.4AI Score
0.003EPSS
There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow.
9.8CVSS
9.6AI Score
0.002EPSS
The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution.
9.8CVSS
9.7AI Score
0.004EPSS
The HW_KEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access.
9.8CVSS
9.4AI Score
0.002EPSS
The bone voice ID TA has a memory overwrite vulnerability. Successful exploitation of this vulnerability may result in malicious code execution.
9.8CVSS
9.6AI Score
0.003EPSS
There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow.
9.8CVSS
9.3AI Score
0.002EPSS
There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity.
9.1CVSS
9.1AI Score
0.001EPSS
The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability.
9.1CVSS
9AI Score
0.001EPSS
The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access.
9.8CVSS
9.3AI Score
0.002EPSS
The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
9.1CVSS
9.1AI Score
0.002EPSS
The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
9.1CVSS
9.1AI Score
0.002EPSS
The DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitation of this vulnerability may cause abnormal video playback.
9.8CVSS
9.2AI Score
0.002EPSS
Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
9.8CVSS
9.2AI Score
0.003EPSS
Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
9.8CVSS
9.2AI Score
0.003EPSS
Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this vulnerability may lead to kernel privilege escalation.
9.8CVSS
9.2AI Score
0.003EPSS
Vulnerability of defects introduced in the design process in the Multi-Device Task Center. Successful exploitation of this vulnerability will cause the hopped app to bypass the app lock and reset the device that initiates the hop.
9.1CVSS
9AI Score
0.001EPSS
The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in elevation-of-privilege.
9.8CVSS
9.1AI Score
0.002EPSS