237 matches found
CVE-2022-22255
The application framework has a common DoS vulnerability.Successful exploitation of this vulnerability may affect the availability.
CVE-2021-40056
There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.
CVE-2022-29793
There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability.
CVE-2021-40063
There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2022-29789
The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services.
CVE-2022-31755
The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.
CVE-2021-40050
There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow.
CVE-2022-31753
The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability.
CVE-2021-40065
The communication module has a service logic error vulnerability.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-31760
Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
CVE-2022-31762
The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation.
CVE-2021-22437
There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address access.
CVE-2021-46786
The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access.
CVE-2021-46788
Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations.
CVE-2022-29794
The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality.
CVE-2021-40016
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect confidentiality.
CVE-2021-40062
There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability.
CVE-2021-46814
The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability.
CVE-2021-46785
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
CVE-2021-46789
Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability.
CVE-2022-37007
The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability.
CVE-2021-40013
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability will affect integrity.
CVE-2022-22252
The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability.
CVE-2022-29792
The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-29795
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
CVE-2022-34743
The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-31754
Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features.
CVE-2022-31756
The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-31758
The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-31761
Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality.
CVE-2022-34736
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
CVE-2021-46741
The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity.
CVE-2022-29790
The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions.
CVE-2022-44547
The Display Service module has a UAF vulnerability. Successful exploitation of this vulnerability may affect the display service availability.
CVE-2022-22254
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-29791
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.
CVE-2021-40012
Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2021-46811
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information.
CVE-2022-31752
Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality.
CVE-2022-31763
The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-34742
The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-37002
The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background.
CVE-2022-37006
Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service availability.
CVE-2022-46317
The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-31751
The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-39006
The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart.
CVE-2022-46324
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.
CVE-2022-46326
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.
CVE-2022-38999
The AOD module has the improper update of reference count vulnerability. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability.
CVE-2022-44548
There is a vulnerability in permission verification during the Bluetooth pairing process. Successful exploitation of this vulnerability may cause the dialog box for confirming the pairing not to be displayed during Bluetooth pairing.