230 matches found
CVE-2022-41580
The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
CVE-2022-41601
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
CVE-2022-44558
The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.
CVE-2022-44559
The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.
CVE-2022-46320
The kernel module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may cause memory overwriting.
CVE-2022-46761
The system has a vulnerability that may cause dynamic hiding and restoring of app icons.Successful exploitation of this vulnerability may cause malicious hiding of app icons.
CVE-2022-48302
The AMS module has a vulnerability of lacking permission verification in APIs.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48494
Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized.
CVE-2023-39391
Vulnerability of system file information leakage in the USB Service module. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2023-41300
Vulnerability of parameters not being strictly verified in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.
CVE-2023-46758
Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device.
CVE-2023-46772
Vulnerability of parameters being out of the value range in the QMI service module. Successful exploitation of this vulnerability may cause errors in reading file data.
CVE-2021-22374
There is an Improper Validation of Array Index Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause stability risks.
CVE-2022-39001
The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure.
CVE-2022-46318
The HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in Settings.
CVE-2023-39383
Vulnerability of input parameters being not strictly verified in the AMS module. Successful exploitation of this vulnerability may compromise apps' data security.
CVE-2023-39401
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
CVE-2021-22313
There is a Security Function vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality.
CVE-2022-37004
The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability.
CVE-2022-37008
The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability.
CVE-2022-41586
The communication framework module has a vulnerability of not truncating data properly.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-41594
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
CVE-2022-41603
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
CVE-2022-48293
The Bluetooth module has an OOM vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48294
The IHwAttestationService interface has a defect in authentication. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48346
The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2023-34163
Permission control vulnerability in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2023-39409
DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.
CVE-2023-44098
Vulnerability of missing encryption in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2022-34741
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
CVE-2022-38983
The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution.
CVE-2022-41588
The home screen module has a vulnerability in service logic processing.Successful exploitation of this vulnerability may affect data integrity.
CVE-2022-41600
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
CVE-2022-44555
The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable.
CVE-2022-44562
The system framework layer has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.
CVE-2023-26549
The SystemUI module has a vulnerability of repeated app restart due to improper parameters. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2023-34167
Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on the desktop to prevent them from being uninstalled.
CVE-2023-39382
Input verification vulnerability in the audio module. Successful exploitation of this vulnerability may cause virtual machines (VMs) to restart.
CVE-2023-39395
Mismatch vulnerability in the serialization process in the communication system. Successful exploitation of this vulnerability may affect availability.
CVE-2023-44105
Vulnerability of permissions not being strictly verified in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2023-46763
Vulnerability of background app permission management in the framework module. Successful exploitation of this vulnerability may cause background apps to start maliciously.
CVE-2021-22371
There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37043
There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources.
CVE-2021-37119
There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.
CVE-2021-39996
There is a Heap-based buffer overflow vulnerability with the NFC module in smartphones. Successful exploitation of this vulnerability may cause memory overflow.
CVE-2021-46839
The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
CVE-2022-39005
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
CVE-2022-44557
The SmartTrimProcessEvent module has a vulnerability of obtaining the read and write permissions on arbitrary system files. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48286
The multi-screen collaboration module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48287
The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect data integrity.