305 matches found
CVE-2022-48314
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2023-39406
Permission control vulnerability in the XLayout component. Successful exploitation of this vulnerability may cause apps to forcibly restart.
CVE-2023-41299
DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.
CVE-2023-44108
Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart.
CVE-2023-52538
Vulnerability of package name verification being bypassed in the HwIms module.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2023-52545
Vulnerability of undefined permissions in the Calendar app.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-36501
Memory management vulnerability in the boottime moduleImpact: Successful exploitation of this vulnerability can affect integrity.
CVE-2024-42031
Access permission verification vulnerability in the Settings module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-46766
Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.
CVE-2023-52543
Permission verification vulnerability in the system module.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2023-52549
Vulnerability of data verification errors in the kernel module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54097
Security vulnerability in the HiView moduleImpact: Successful exploitation of this vulnerability may affect feature implementation and integrity.
CVE-2022-48349
The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and availability.
CVE-2022-48361
The Always On Display (AOD) has a path traversal vulnerability in theme files. Successful exploitation of this vulnerability may cause a failure in reading AOD theme resources.
CVE-2022-48613
Race condition vulnerability in the kernel module. Successful exploitation of this vulnerability may cause variable values to be read with the condition evaluation bypassed.
CVE-2023-0116
The reminder module lacks an authentication mechanism for broadcasts received. Successful exploitation of this vulnerability may affect availability.
CVE-2023-34156
Vulnerability of services denied by early fingerprint APIs on HarmonyOS products.Successful exploitation of this vulnerability may cause services to be denied.
CVE-2023-39385
Vulnerability of configuration defects in the media module of certain products.. Successful exploitation of this vulnerability may cause unauthorized access.
CVE-2023-44093
Vulnerability of package names' public keys not being verified in the security module.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-52537
Vulnerability of package name verification being bypassed in the HwIms module.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2023-52554
Permission control vulnerability in the Bluetooth module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-52713
Vulnerability of improper permission control in the window management module.Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2023-52714
Vulnerability of defects introduced in the design process in the hwnff module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-27896
Input verification vulnerability in the log module.Impact: Successful exploitation of this vulnerability can affect integrity.
CVE-2024-30413
Vulnerability of improper permission control in the window management module.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2022-48357
Some products have the double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service (DoS) attacks to the kernel.
CVE-2022-48359
The recovery mode for updates has a vulnerability that causes arbitrary disk modification. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2023-1693
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality.
CVE-2023-26547
The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.
CVE-2023-52550
Vulnerability of data verification errors in the kernel module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-30414
Command injection vulnerability in the AccountManager module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-36499
Vulnerability of unauthorized screenshot capturing in the WMS moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54101
Denial of service (DoS) vulnerability in the installation moduleImpact: Successful exploitation of this vulnerability will affect availability.
CVE-2022-48496
Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized.
CVE-2023-39405
Vulnerability of out-of-bounds parameter read/write in the Wi-Fi module. Successful exploitation of this vulnerability may cause other apps to be executed with escalated privileges.
CVE-2023-41303
Command injection vulnerability in the distributed file system module. Successful exploitation of this vulnerability may cause variables in the sock structure to be modified.
CVE-2023-44104
Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-44118
Vulnerability of undefined permissions in the MeeTime module.Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2023-52539
Permission verification vulnerability in the Settings module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-52540
Vulnerability of improper authentication in the Iaware module.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2023-52542
Permission verification vulnerability in the system module.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-30417
Path traversal vulnerability in the Bluetooth-based sharing module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2022-48291
The Bluetooth module has an authentication bypass vulnerability in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2023-1692
The window management module lacks permission verification.Successful exploitation of this vulnerability may affect confidentiality.
CVE-2023-39387
Vulnerability of permission control in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows.
CVE-2023-41295
Vulnerability of improper permission management in the displayengine module. Successful exploitation of this vulnerability may cause the screen to turn dim.
CVE-2023-41302
Redirection permission verification vulnerability in the home screen module. Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2023-41305
Vulnerability of 5G messages being sent without being encrypted in a VPN environment in the SMS message module. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2023-44110
Out-of-bounds access vulnerability in the audio module.Successful exploitation of this vulnerability may affect availability.
CVE-2023-44111
Vulnerability of brute-force attacks on the device authentication module.Successful exploitation of this vulnerability may affect service confidentiality.