237 matches found
CVE-2022-44551
The iaware module has a vulnerability in thread security. Successful exploitation of this vulnerability will affect confidentiality, integrity, and availability.
CVE-2022-41583
The storage maintenance and debugging module has an array out-of-bounds read vulnerability.Successful exploitation of this vulnerability will cause incorrect statistics of this module.
CVE-2021-40010
The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution.
CVE-2021-40017
The HW_KEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access.
CVE-2022-31759
AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-41596
The system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of components.
CVE-2022-44554
The power module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause abnormal status of a module on the device.
CVE-2022-46321
The Wi-Fi module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2021-46812
The Device Manager has a vulnerability in multi-device interaction. Successful exploitation of this vulnerability may affect data integrity.
CVE-2021-46856
The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-41582
The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability.
CVE-2022-41591
The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files.
CVE-2022-44563
There is a race condition vulnerability in SD upgrade mode. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-39004
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
CVE-2022-39008
The NFC module has bundle serialization/deserialization vulnerabilities. Successful exploitation of this vulnerability may cause third-party apps to read and write files that are accessible only to system apps.
CVE-2022-44549
The LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to access the geofencing APIs without authorization, affecting user confidentiality.
CVE-2022-44556
Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability.
CVE-2022-46323
Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions.
CVE-2021-40040
Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2022-34735
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
CVE-2022-34738
The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background.
CVE-2022-38991
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-38995
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-39000
The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup.
CVE-2022-41584
The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.
CVE-2022-44550
The graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-46328
Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-34740
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
CVE-2022-41585
The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.
CVE-2022-41599
The system service has a vulnerability that causes incorrect return values. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-46312
The application management module has a vulnerability in permission verification. Successful exploitation of this vulnerability causes unexpected clear of device applications.
CVE-2022-46322
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.
CVE-2021-37133
There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-40024
Implementation of the WLAN module interfaces has the information disclosure vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2021-40030
The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-38986
The HIPP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this vulnerability may cause out-of-bounds access to the HIPP module and page table tampering, affecting device confidentiality and availability.
CVE-2022-38996
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-38998
The HISP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality.
CVE-2022-39007
The location module has a vulnerability of bypassing permission verification.Successful exploitation of this vulnerability may cause privilege escalation.
CVE-2022-41587
Uncaptured exceptions in the home screen module. Successful exploitation of this vulnerability may affect stability.
CVE-2022-41595
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
CVE-2022-44546
The kernel module has the vulnerability that the mapping is not cleared after the memory is automatically released. Successful exploitation of this vulnerability may cause a system restart.
CVE-2022-46319
Fingerprint calibration has a vulnerability of lacking boundary judgment. Successful exploitation of this vulnerability may cause out-of-bounds write.
CVE-2021-37113
There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-46851
The DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitation of this vulnerability may cause abnormal video playback.
CVE-2022-34737
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality.
CVE-2022-39002
Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice.
CVE-2022-41576
The rphone module has a script that can be maliciously modified.Successful exploitation of this vulnerability may cause irreversible programs to be implanted on user devices.
CVE-2022-41578
The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information.
CVE-2022-41580
The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.