Lucene search
K

811 matches found

CVE
CVE
added 2024/02/18 3:39 a.m.7061 views

CVE-2023-52369

CVE-2023-52369 is a stack overflow vulnerability in the NFC module with a reported impact on availability and integrity. NVD records a CVSS v3.1 base score of 9.1 (CRITICAL) with network access, low complexity, no privileges required, and no user interaction, affecting the NFC-related component a...

9.1CVSS7AI score0.00418EPSS
CVE
CVE
added 2024/02/18 3:2 a.m.7054 views

CVE-2023-52363

CVE-2023-52363 describes a defect introduced in the design process in the Control Panel module with potential to cause app processes to start by mistake. Public sources reference Huawei HarmonyOS/EMUI context and generic design-phase vulnerability impact. The available documents do not provide co...

6.3CVSS6.6AI score0.00217EPSS
CVE
CVE
added 2024/02/18 2:52 a.m.7022 views

CVE-2023-52387

The CVE-2023-52387 entry describes a Resource Reuse vulnerability in the GPU module that can affect confidentiality. Connected CNVD/CNNVD and related records map this issue to Huawei EMUI and Huawei HarmonyOS (mobile OSes) with a resource reuse flaw in the GPU component. The NVD/NVD-derived metri...

7.5CVSS6.8AI score0.00337EPSS
CVE
CVE
added 2024/02/18 3:4 a.m.7015 views

CVE-2023-52365

CVE-2023-52365 is an out-of-bounds read vulnerability in the smart activity recognition module, reported across Huawei EMUI and Huawei HarmonyOS. The root cause is an out-of-bounds read that can cause features to behave abnormally. Public technical details are limited in the provided documents, b...

7.7CVSS6.6AI score0.0027EPSS
CVE
CVE
added 2024/02/18 3:52 a.m.6992 views

CVE-2023-52373

Summary of CVE-2023-52373 : A permission verification flaw in the Huawei HarmonyOS/EMUI share box module's content sharing pop-up allows unauthorized file sharing. The vulnerability is described across multiple sources (NVD, Red Hat CVE page, CNVD/CNNVD entries) with a high impact on confidential...

7.5CVSS6.7AI score0.00319EPSS
CVE
CVE
added 2024/02/18 6:5 a.m.6992 views

CVE-2023-52375

CVE-2023-52375 concerns Huawei HarmonyOS/EMUI’s WMS (WindowManagerService) module. Connected sources describe a privilege control vulnerability in the WMS, which can affect usability and, per the NVD entry, may impact availability. The CVE’s description notes a permission control issue in WindowM...

7.5CVSS6.8AI score0.0023EPSS
CVE
CVE
added 2024/02/18 3:42 a.m.6932 views

CVE-2023-52371

CVE-2023-52371 corresponds to a vulnerability with null references in the motor module, affecting Huawei HarmonyOS and Huawei EMUI. The impact is an availability impact as described in multiple sources. The root cause is a null pointer/reference in the motor module. Affected products include Harm...

3.5CVSS6.7AI score0.0017EPSS
CVE
CVE
added 2024/02/18 6:7 a.m.6675 views

CVE-2023-52377

CVE-2023-52377 affects Huawei EMUI (cellular data module). The vulnerability arises from input data not being verified, potentially enabling out-of-bounds access. Reported CVSS v3.1 base score is 7.4 (HIGH) with network attack vector, high impact on confidentiality and availability, and no user i...

7.4CVSS6.7AI score0.00367EPSS
CVE
CVE
added 2024/02/18 4:4 a.m.6573 views

CVE-2023-52374

CVE-2023-52374 is tied to Huawei HarmonyOS and EMUI, involving a privilege-control vulnerability in the package management module. The CNVD/CNNVD entries describe an access control flaw that could allow an attacker to compromise confidentiality within the package management subsystem. No explicit...

7.5CVSS6.8AI score0.00319EPSS
CVE
CVE
added 2024/02/18 2:57 a.m.6495 views

CVE-2023-52358

CVE-2023-52358 concerns a configuration flaw in Huawei HarmonyOS/EMUI audio module APIs that can be exploited to cause a denial of service, impacting availability. The vulnerability is tied to the audio subsystem in HarmonyOS and EMUI, with the root cause described as a configuration defect in th...

6.2CVSS6.7AI score0.00126EPSS
CVE
CVE
added 2024/02/18 2:54 a.m.6372 views

CVE-2023-52097

CVE-2023-52097 is linked to Huawei EMUI and Huawei HarmonyOS. The connected CNVD entry describes a vulnerability that allows bypassing the foreground service restriction, with impact to system confidentiality. The CVE entry itself notes a foreground-service–restrictions bypass in the NMS module a...

7.5CVSS6.7AI score0.0034EPSS
CVE
CVE
added 2024/02/18 6:13 a.m.6263 views

CVE-2023-52381

The CVE-2023-52381 entry corresponds to a script injection vulnerability in Huawei HarmonyOS/EMUI mail module. The CNVD CNVD-2024-31083 document confirms an in-component script injection that can allow an attacker to execute arbitrary code on affected systems. The NVD/NVD-derived description simi...

9.8CVSS7.1AI score0.00446EPSS
CVE
CVE
added 2024/02/18 6:11 a.m.6145 views

CVE-2023-52380

CVE-2023-52380 is an improper access control vulnerability affecting the Huawei HarmonyOS/EMUI mail module. The root cause is insufficient access controls in the mail component, potentially allowing information disclosure. Public documents enumerate HarmonyOS/EMUI mail as affected, with no explic...

4.3CVSS6.7AI score0.00257EPSS
CVE
CVE
added 2024/02/18 6:9 a.m.6131 views

CVE-2023-52378

CVE-2023-52378 relates to Huawei HarmonyOS/EMUI WMS (WindowManagerServices) with an incorrect service logic root cause in the WMS module. The connected CNVD/CNNVD entries describe a privilege control type vulnerability and a business logic error that can lead to usability issues or functional exc...

9.8CVSS6.7AI score0.00458EPSS
CVE
CVE
added 2024/02/18 3:38 a.m.5820 views

CVE-2023-52368

CVE-2023-52368 is linked to Huawei HarmonyOS/EMUI via CNVD/CNNVD references. The vulnerability is described as an input verification flaw in the Accounts module that can cause features to behave abnormally and, per CNVD, may lead to a denial-of-service condition. The NVD entry lists a network-bas...

5.3CVSS6.7AI score0.00255EPSS
CVE
CVE
added 2024/02/18 3:51 a.m.4620 views

CVE-2023-52372

CVE-2023-52372 affects Huawei HarmonyOS (including EMUI) with a vulnerability in the motor module’s input parameter verification that can cause a denial of service and affect availability. The CNVD entry corroborates a DoS impact linked to HarmonyOS/EMUI, and the NVD/NVD-derived description also ...

7.5CVSS6.7AI score0.00379EPSS
CVE
CVE
added 2024/02/18 3:0 a.m.4619 views

CVE-2023-52362

Technical details about CVE-2023-52362 are not publicly provided in the supplied documents. Monitor for updates from vendors (Huawei/Red Hat/CNVD) for affected products, versions, root cause specifics, and patches.

7.5CVSS6.8AI score0.00353EPSS
CVE
CVE
added 2024/02/18 6:6 a.m.4448 views

CVE-2023-52376

Technical details about CVE-2023-52376 are not publicly provided in the supplied connected documents. Monitor for updates from vendors and security trackers for affected products, scope, and remediation.

7.5CVSS6.7AI score0.00337EPSS
CVE
CVE
added 2024/02/18 3:27 a.m.4434 views

CVE-2023-52366

CVE-2023-52366 describes an out-of-bounds read vulnerability in the smart activity recognition module, potentially causing features to behave abnormally. Public details come from multiple sources (NVD, Red Hat, CVE records, CNNVD) and indicate the issue affects Huawei/EMUI-type Android-based envi...

7.5CVSS6.6AI score0.00379EPSS
CVE
CVE
added 2024/02/18 2:58 a.m.3951 views

CVE-2023-52360

CVE-2023-52360 is a Huawei HarmonyOS baseband logic vulnerability with a network-facing attack surface that can compromise service integrity. The CVSS=7.5 (HIGH) reflects potential high impact to integrity while confidentiality/availability remain unaffected per the provided metrics. Several conn...

7.5CVSS6.9AI score0.00293EPSS
CVE
CVE
added 2024/02/18 3:41 a.m.3950 views

CVE-2023-52370

CVE-2023-52370 is a stack overflow vulnerability in the network acceleration module that can lead to unauthorized file access. The NVD entry assigns a CVSS v3.1 base score of 9.8 (CRITICAL) with network attack vector, low attack complexity, no privileges or user interaction required, and impacts ...

9.8CVSS7AI score0.00456EPSS
CVE
CVE
added 2023/09/25 12:8 p.m.2513 views

CVE-2023-41301

CVE-2023-41301 describes a vulnerability in the PMS module enabling unauthorized API access, with exploitation potentially causing features to behave abnormally. The NVD entry lists a CVSS v3.1 base score of 7.5 (HIGH), with network attack vector, no privileges required, no user interaction, and ...

7.5CVSS7.4AI score0.0035EPSS
CVE
CVE
added 2023/08/13 12:26 p.m.2511 views

CVE-2023-39394

CVE-2023-39394 describes an API privilege-escalation vulnerability in Huawei HarmonyOS’s wifienhance module. According to the NVD entry, successful exploitation could allow modification of the ARP list, implying impact to ARP cache integrity (high with I:H, network attack vector, no user interact...

7.5CVSS7.6AI score0.00293EPSS
CVE
CVE
added 2023/08/13 12:24 p.m.2505 views

CVE-2023-39390

CVE-2023-39390 affects Huawei HarmonyOS, specifically the window management module. The vulnerability arises from input parameter verification weaknesses in certain APIs, which, if exploited over the network, could cause the device to restart (CVSS 7.5, HIGH; AV:N, AC:L, PR:N, UI:N, S:U, C:N, I:N...

7.5CVSS7.3AI score0.00379EPSS
CVE
CVE
added 2023/08/13 12:41 p.m.2499 views

CVE-2023-39404

CVE-2023-39404 concerns Huawei HarmonyOS and is tied to the window management module. The vulnerability stems from insufficient input parameter verification in certain APIs, which can be exploited to cause a device reboot (DoS). Public exploitation details are not provided in the supplied documen...

7.5CVSS7.3AI score0.00379EPSS
CVE
CVE
added 2023/07/06 12:26 p.m.2495 views

CVE-2023-37238

The CVE-2023-37238 entry concerns Huawei HarmonyOS. Affected component: wireless projection module (and related screen casting interfaces). Root cause: incomplete verification of apps’ permission to access a specific API, enabling insufficient permission checks. Impact: exploitation could affect ...

5.3CVSS5.1AI score0.00296EPSS
CVE
CVE
added 2023/07/06 12:30 p.m.2483 views

CVE-2023-37241

CVE-2023-37241 is an input verification vulnerability in the WMS API. Exploitation could cause the affected device to restart. The available connected sources confirm the issue and its impact but do not provide concrete exploit details, affected versions, or a validated fix/update. No remediation...

7.5CVSS7.4AI score0.00447EPSS
CVE
CVE
added 2024/02/18 3:32 a.m.2392 views

CVE-2023-52367

CVE-2023-52367 describes an improper access control vulnerability in the media library module, observed in Huawei HarmonyOS and EMUI. The root cause is access-control failure, with CVSS 3.1 indicating a local exploit could enable high-impact outcomes to integrity and availability, and no privileg...

7.7CVSS6.7AI score0.00119EPSS
CVE
CVE
added 2022/06/13 3:5 p.m.501 views

CVE-2022-31757

Technical details, affected products, and remediation are not publicly provided in the supplied documents. Monitor updates from Red Hat, NVD, and other sources for concrete impact and fixes.

7.5CVSS7.5AI score0.0062EPSS
CVE
CVE
added 2023/04/16 6:1 a.m.237 views

CVE-2022-48312

The CVE-2022-48312 entry concerns the HwPCAssistant module in Huawei/HarmonyOS, described as an out-of-bounds read/write vulnerability that may compromise confidentiality and integrity. The connected records identify the affected component (HwPCAssistant) and the underlying issue (out-of-bounds a...

9.1CVSS9.1AI score0.00398EPSS
CVE
CVE
added 2022/04/11 7:38 p.m.147 views

CVE-2022-22253

CVE-2022-22253 affects Huawei HarmonyOS’s DFX module , where an vulnerability stems from improper validation of integrity check values . This can lead to system instability if exploitable. Connected sources (Red Hat, NVD, CNVD, etc.) reiterate the same description without detailing a specific pat...

7.5CVSS7.5AI score0.00292EPSS
CVE
CVE
added 2022/04/11 7:38 p.m.116 views

CVE-2022-22256

CVE-2022-22256 affects Huawei HarmonyOS, specifically the DFX module, which has an access control error. The vulnerability arises from inadequate restriction of resources to unauthorized roles, with potential impact on data confidentiality. Public references in the dataset describe the issue cons...

7.5CVSS7.5AI score0.00692EPSS
CVE
CVE
added 2024/02/18 6:10 a.m.109 views

CVE-2023-52379

CVE-2023-52379 describes a permission-control vulnerability in the calendarProvider module that can affect service confidentiality. The CVE entry indicates a high-severity impact (confidentiality) with network attack vector, no user interaction, no privileges required, and no impact on availabili...

7.5CVSS6.8AI score0.00319EPSS
CVE
CVE
added 2022/02/09 10:3 p.m.107 views

CVE-2021-40045

CVE-2021-40045 concerns Huawei HarmonyOS (Wearables recovery upgrade system) where the signature verification mechanism can fail during system upgrade in recovery mode. The underlying vulnerability is a signature verification failure that can affect confidentiality of service. The NVD entry notes...

5.5CVSS5.5AI score0.00152EPSS
CVE
CVE
added 2022/02/09 10:3 p.m.106 views

CVE-2021-39986

CVE-2021-39986 is associated with Huawei EMUI (EMUI 12.0.0) and a memory access management module on the ACPU, where an unauthorized rewrite vulnerability can affect service confidentiality. CNVD-2022-12802 documents EMUI 12.0.0 as affected. The CVSSv3.1 vector indicates a local, low-effort attac...

5.5CVSS5.5AI score0.00179EPSS
CVE
CVE
added 2022/02/25 6:11 p.m.105 views

CVE-2021-22434

CVE-2021-22434 is described as a memory address out-of-bounds vulnerability in smartphones that can enable malicious code execution. Public records reference Huawei HarmonyOS and Huawei bulletin updates as mitigation, indicating the issue affected HarmonyOS-based devices and was addressed in vend...

9.8CVSS9.3AI score0.00884EPSS
CVE
CVE
added 2022/02/25 6:11 p.m.104 views

CVE-2021-22432

CVE-2021-22432 affects Huawei HarmonyOS smartphones where a vulnerability in permission isolation can lead to out-of-bounds access. Connected sources cite a Huawei HarmonyOS buffer error vulnerability in some products; however, detailed affected versions, vulnerable component specifics, exploit i...

10CVSS9.3AI score0.0088EPSS
CVE
CVE
added 2022/02/09 10:3 p.m.104 views

CVE-2021-37107

CVE-2021-37107 concerns Huawei EMUI/Magic UI with a misconfigured ACPU memory access permissions, leading to potential out-of-bounds access. Affected product family appears to be Huawei EMUI-based Android devices; root cause is improper memory access permission configuration on ACPU. The CVE entr...

5.5CVSS5.5AI score0.00168EPSS
CVE
CVE
added 2022/02/09 10:3 p.m.104 views

CVE-2021-40044

CVE-2021-40044 involves a permission verification vulnerability in the Bluetooth module, with Huawei EMUI as the affected context. The underlying issue is in the Bluetooth permission check, enabling unauthorized operations if exploited. NVD lists CVSSv3.1 base score 8.8 (HIGH) with adjacent attac...

8.8CVSS8.5AI score0.00325EPSS
CVE
CVE
added 2024/02/18 2:56 a.m.103 views

CVE-2023-52357

Huawei HarmonyOS and Huawei EMUI contain a denial-of-service vulnerability in the vibration framework caused by a serialization/deserialization mismatch. The CNVD/CNNVD entries describe an availability impact, with exploitation likely local to the device. The NVD entry reiterates a serialization/...

7.5CVSS6.7AI score0.00292EPSS
CVE
CVE
added 2022/02/09 10:3 p.m.102 views

CVE-2021-37115

Huawei EMUI (Android-based) is affected by CVE-2021-37115 due to an unauthorized rewrite vulnerability in the ACPU memory access management module. Exploitation may lead to information disclosure (confidentiality) of sensitive data. The available documents do not specify affected versions, root c...

5.5CVSS5.5AI score0.00179EPSS
CVE
CVE
added 2022/03/07 1:51 p.m.102 views

CVE-2021-40047

The CVE-2021-40047 entry relates to Huawei EMUI and Magic UI Bastet modules, where a memory is not released after its effective lifetime. The vulnerability affects the Bastet component and may impact integrity if exploited. Exploitation details, affected versions, and a remediation/patch are not ...

7.8CVSS7.5AI score0.006EPSS
CVE
CVE
added 2022/02/25 6:11 p.m.100 views

CVE-2021-22394

CVE-2021-22394 concerns a buffer overflow in HarmonyOS smartphones that may cause DoS of apps during Multi-Screen Collaboration. The Connected documents corroborate a buffer-overflow issue affecting smartphones, but do not provide concrete patched versions, vulnerable component details, exploit s...

9.1CVSS9.3AI score0.0083EPSS
CVE
CVE
added 2022/05/13 3:3 p.m.99 views

CVE-2022-22260

CVE-2022-22260 is a kernel-module use-after-free vulnerability in Huawei/HarmonyOS reported across multiple sources (NVD, RH, CNVD/CNNVD). The issue is exploited via network access with low attack complexity and no authentication, leading to potential data integrity and availability impact (CVSS ...

9.1CVSS9AI score0.0063EPSS
CVE
CVE
added 2022/03/07 1:49 p.m.98 views

CVE-2021-40059

CVE-2021-40059 is linked to Huawei Huawei Emui and Magic UI Wi-Fi modules, with a privilege control vulnerability in the Wi‑Fi component. CNVD-2022-20299 describes a privilege control flaw that could be exploited by attackers to obtain sensitive information from these Wi‑Fi modules, indicating th...

6.5CVSS6.4AI score0.0027EPSS
CVE
CVE
added 2022/02/09 10:3 p.m.97 views

CVE-2021-37109

CVE-2021-37109 describes a security protection bypass in the modem component of Huawei EMUI/Magic UI devices, leading to memory protection failure. Connected sources consistently refer to a modem-related protection bypass with memory protection impact, but do not provide concrete affected version...

7.8CVSS7.6AI score0.00174EPSS
CVE
CVE
added 2022/02/09 10:3 p.m.97 views

CVE-2021-39997

CVE-2021-39997 affects Huawei EMUI 12.0.0. The root cause is lax/input parameter verification in the audio component (audio assembly), leading to out-of-bounds access. Exploitation is described as enabling out-of-bounds access, with CVSS metrics indicating high to critical impact (network attack ...

9.8CVSS9.3AI score0.00796EPSS
CVE
CVE
added 2022/03/07 1:50 p.m.97 views

CVE-2021-40052

The connected CNVD-2022-20292 and CNNVD-202203-984 entries indicate Huawei EMUI and Magic UI are affected by an incorrect buffer size calculation vulnerability in the video framework, described as impacting usability. No specific affected versions are provided in these documents. A PT-2022-11173 ...

7.8CVSS7.6AI score0.00758EPSS
CVE
CVE
added 2022/03/07 1:50 p.m.97 views

CVE-2021-40055

CVE-2021-40055 describes a man-in-the-middle attack vulnerability during system update download in recovery mode that can compromise integrity. Connected records corroborate this as a MITM issue affecting Huawei EMUI and Magic UI (Android-based). The NVD details indicate impact to integrity (I) a...

7.1CVSS5.6AI score0.00506EPSS
CVE
CVE
added 2022/03/07 1:50 p.m.95 views

CVE-2021-40054

CVE-2021-40054 corresponds to an integer underflow in the atcmdserver module reported in Huawei Emui and Magic UI environments (atcmdserver). The vulnerability affects integrity and has a high severity in CVSS terms (network vector, low attack complexity, no privileges required, no user interacti...

7.8CVSS7.5AI score0.00611EPSS
Total number of security vulnerabilities811