1050 matches found
CVE-2023-52369
CVE-2023-52369 is a stack overflow vulnerability in the NFC module with a reported impact on availability and integrity. NVD records a CVSS v3.1 base score of 9.1 (CRITICAL) with network access, low complexity, no privileges required, and no user interaction, affecting the NFC-related component a...
CVE-2023-52363
CVE-2023-52363 describes a defect introduced in the design process in the Control Panel module with potential to cause app processes to start by mistake. Public sources reference Huawei HarmonyOS/EMUI context and generic design-phase vulnerability impact. The available documents do not provide co...
CVE-2023-52387
The CVE-2023-52387 entry describes a Resource Reuse vulnerability in the GPU module that can affect confidentiality. Connected CNVD/CNNVD and related records map this issue to Huawei EMUI and Huawei HarmonyOS (mobile OSes) with a resource reuse flaw in the GPU component. The NVD/NVD-derived metri...
CVE-2023-52365
CVE-2023-52365 is an out-of-bounds read vulnerability in the smart activity recognition module, reported across Huawei EMUI and Huawei HarmonyOS. The root cause is an out-of-bounds read that can cause features to behave abnormally. Public technical details are limited in the provided documents, b...
CVE-2023-52373
Summary of CVE-2023-52373 : A permission verification flaw in the Huawei HarmonyOS/EMUI share box module's content sharing pop-up allows unauthorized file sharing. The vulnerability is described across multiple sources (NVD, Red Hat CVE page, CNVD/CNNVD entries) with a high impact on confidential...
CVE-2023-52375
CVE-2023-52375 concerns Huawei HarmonyOS/EMUI’s WMS (WindowManagerService) module. Connected sources describe a privilege control vulnerability in the WMS, which can affect usability and, per the NVD entry, may impact availability. The CVE’s description notes a permission control issue in WindowM...
CVE-2023-52371
CVE-2023-52371 corresponds to a vulnerability with null references in the motor module, affecting Huawei HarmonyOS and Huawei EMUI. The impact is an availability impact as described in multiple sources. The root cause is a null pointer/reference in the motor module. Affected products include Harm...
CVE-2023-52377
CVE-2023-52377 affects Huawei EMUI (cellular data module). The vulnerability arises from input data not being verified, potentially enabling out-of-bounds access. Reported CVSS v3.1 base score is 7.4 (HIGH) with network attack vector, high impact on confidentiality and availability, and no user i...
CVE-2023-52374
CVE-2023-52374 is tied to Huawei HarmonyOS and EMUI, involving a privilege-control vulnerability in the package management module. The CNVD/CNNVD entries describe an access control flaw that could allow an attacker to compromise confidentiality within the package management subsystem. No explicit...
CVE-2023-52358
CVE-2023-52358 concerns a configuration flaw in Huawei HarmonyOS/EMUI audio module APIs that can be exploited to cause a denial of service, impacting availability. The vulnerability is tied to the audio subsystem in HarmonyOS and EMUI, with the root cause described as a configuration defect in th...
CVE-2023-52097
CVE-2023-52097 is linked to Huawei EMUI and Huawei HarmonyOS. The connected CNVD entry describes a vulnerability that allows bypassing the foreground service restriction, with impact to system confidentiality. The CVE entry itself notes a foreground-service–restrictions bypass in the NMS module a...
CVE-2023-52381
The CVE-2023-52381 entry corresponds to a script injection vulnerability in Huawei HarmonyOS/EMUI mail module. The CNVD CNVD-2024-31083 document confirms an in-component script injection that can allow an attacker to execute arbitrary code on affected systems. The NVD/NVD-derived description simi...
CVE-2023-52380
CVE-2023-52380 is an improper access control vulnerability affecting the Huawei HarmonyOS/EMUI mail module. The root cause is insufficient access controls in the mail component, potentially allowing information disclosure. Public documents enumerate HarmonyOS/EMUI mail as affected, with no explic...
CVE-2023-52378
CVE-2023-52378 relates to Huawei HarmonyOS/EMUI WMS (WindowManagerServices) with an incorrect service logic root cause in the WMS module. The connected CNVD/CNNVD entries describe a privilege control type vulnerability and a business logic error that can lead to usability issues or functional exc...
CVE-2023-52361
The CVE-2023-52361 entry corresponds to Huawei HarmonyOS VerifiedBoot module authentication errors. Multiple sources (NVD, CNVD, CNNVD) describe a vulnerability in the VerifiedBoot component that can compromise system integrity (I = High) with no confidentiality or availability impact, and with n...
CVE-2023-52368
CVE-2023-52368 is linked to Huawei HarmonyOS/EMUI via CNVD/CNNVD references. The vulnerability is described as an input verification flaw in the Accounts module that can cause features to behave abnormally and, per CNVD, may lead to a denial-of-service condition. The NVD entry lists a network-bas...
CVE-2023-52372
CVE-2023-52372 affects Huawei HarmonyOS (including EMUI) with a vulnerability in the motor module’s input parameter verification that can cause a denial of service and affect availability. The CNVD entry corroborates a DoS impact linked to HarmonyOS/EMUI, and the NVD/NVD-derived description also ...
CVE-2023-52362
Technical details about CVE-2023-52362 are not publicly provided in the supplied documents. Monitor for updates from vendors (Huawei/Red Hat/CNVD) for affected products, versions, root cause specifics, and patches.
CVE-2023-52376
Technical details about CVE-2023-52376 are not publicly provided in the supplied connected documents. Monitor for updates from vendors and security trackers for affected products, scope, and remediation.
CVE-2023-52366
CVE-2023-52366 describes an out-of-bounds read vulnerability in the smart activity recognition module, potentially causing features to behave abnormally. Public details come from multiple sources (NVD, Red Hat, CVE records, CNNVD) and indicate the issue affects Huawei/EMUI-type Android-based envi...
CVE-2023-52360
CVE-2023-52360 is a Huawei HarmonyOS baseband logic vulnerability with a network-facing attack surface that can compromise service integrity. The CVSS=7.5 (HIGH) reflects potential high impact to integrity while confidentiality/availability remain unaffected per the provided metrics. Several conn...
CVE-2023-52370
CVE-2023-52370 is a stack overflow vulnerability in the network acceleration module that can lead to unauthorized file access. The NVD entry assigns a CVSS v3.1 base score of 9.8 (CRITICAL) with network attack vector, low attack complexity, no privileges or user interaction required, and impacts ...
CVE-2023-41301
CVE-2023-41301 describes a vulnerability in the PMS module enabling unauthorized API access, with exploitation potentially causing features to behave abnormally. The NVD entry lists a CVSS v3.1 base score of 7.5 (HIGH), with network attack vector, no privileges required, no user interaction, and ...
CVE-2023-39394
CVE-2023-39394 describes an API privilege-escalation vulnerability in Huawei HarmonyOS’s wifienhance module. According to the NVD entry, successful exploitation could allow modification of the ARP list, implying impact to ARP cache integrity (high with I:H, network attack vector, no user interact...
CVE-2023-39390
CVE-2023-39390 affects Huawei HarmonyOS, specifically the window management module. The vulnerability arises from input parameter verification weaknesses in certain APIs, which, if exploited over the network, could cause the device to restart (CVSS 7.5, HIGH; AV:N, AC:L, PR:N, UI:N, S:U, C:N, I:N...
CVE-2023-39404
CVE-2023-39404 concerns Huawei HarmonyOS and is tied to the window management module. The vulnerability stems from insufficient input parameter verification in certain APIs, which can be exploited to cause a device reboot (DoS). Public exploitation details are not provided in the supplied documen...
CVE-2023-37238
The CVE-2023-37238 entry concerns Huawei HarmonyOS. Affected component: wireless projection module (and related screen casting interfaces). Root cause: incomplete verification of apps’ permission to access a specific API, enabling insufficient permission checks. Impact: exploitation could affect ...
CVE-2023-37241
CVE-2023-37241 is an input verification vulnerability in the WMS API. Exploitation could cause the affected device to restart. The available connected sources confirm the issue and its impact but do not provide concrete exploit details, affected versions, or a validated fix/update. No remediation...
CVE-2023-52367
CVE-2023-52367 describes an improper access control vulnerability in the media library module, observed in Huawei HarmonyOS and EMUI. The root cause is access-control failure, with CVSS 3.1 indicating a local exploit could enable high-impact outcomes to integrity and availability, and no privileg...
CVE-2022-31757
Technical details, affected products, and remediation are not publicly provided in the supplied documents. Monitor updates from Red Hat, NVD, and other sources for concrete impact and fixes.
CVE-2022-48312
The CVE-2022-48312 entry concerns the HwPCAssistant module in Huawei/HarmonyOS, described as an out-of-bounds read/write vulnerability that may compromise confidentiality and integrity. The connected records identify the affected component (HwPCAssistant) and the underlying issue (out-of-bounds a...
CVE-2022-22253
CVE-2022-22253 affects Huawei HarmonyOS’s DFX module , where an vulnerability stems from improper validation of integrity check values . This can lead to system instability if exploitable. Connected sources (Red Hat, NVD, CNVD, etc.) reiterate the same description without detailing a specific pat...
CVE-2022-22256
CVE-2022-22256 affects Huawei HarmonyOS, specifically the DFX module, which has an access control error. The vulnerability arises from inadequate restriction of resources to unauthorized roles, with potential impact on data confidentiality. Public references in the dataset describe the issue cons...
CVE-2021-40045
CVE-2021-40045 concerns Huawei HarmonyOS (Wearables recovery upgrade system) where the signature verification mechanism can fail during system upgrade in recovery mode. The underlying vulnerability is a signature verification failure that can affect confidentiality of service. The NVD entry notes...
CVE-2023-52379
CVE-2023-52379 describes a permission-control vulnerability in the calendarProvider module that can affect service confidentiality. The CVE entry indicates a high-severity impact (confidentiality) with network attack vector, no user interaction, no privileges required, and no impact on availabili...
CVE-2021-22434
CVE-2021-22434 is described as a memory address out-of-bounds vulnerability in smartphones that can enable malicious code execution. Public records reference Huawei HarmonyOS and Huawei bulletin updates as mitigation, indicating the issue affected HarmonyOS-based devices and was addressed in vend...
CVE-2021-22432
CVE-2021-22432 affects Huawei HarmonyOS smartphones where a vulnerability in permission isolation can lead to out-of-bounds access. Connected sources cite a Huawei HarmonyOS buffer error vulnerability in some products; however, detailed affected versions, vulnerable component specifics, exploit i...
CVE-2021-40047
The CVE-2021-40047 entry relates to Huawei EMUI and Magic UI Bastet modules, where a memory is not released after its effective lifetime. The vulnerability affects the Bastet component and may impact integrity if exploited. Exploitation details, affected versions, and a remediation/patch are not ...
CVE-2023-52357
Huawei HarmonyOS and Huawei EMUI contain a denial-of-service vulnerability in the vibration framework caused by a serialization/deserialization mismatch. The CNVD/CNNVD entries describe an availability impact, with exploitation likely local to the device. The NVD entry reiterates a serialization/...
CVE-2021-22394
CVE-2021-22394 concerns a buffer overflow in HarmonyOS smartphones that may cause DoS of apps during Multi-Screen Collaboration. The Connected documents corroborate a buffer-overflow issue affecting smartphones, but do not provide concrete patched versions, vulnerable component details, exploit s...
CVE-2021-40052
The connected CNVD-2022-20292 and CNNVD-202203-984 entries indicate Huawei EMUI and Magic UI are affected by an incorrect buffer size calculation vulnerability in the video framework, described as impacting usability. No specific affected versions are provided in these documents. A PT-2022-11173 ...
CVE-2022-22260
CVE-2022-22260 is a kernel-module use-after-free vulnerability in Huawei/HarmonyOS reported across multiple sources (NVD, RH, CNVD/CNNVD). The issue is exploited via network access with low attack complexity and no authentication, leading to potential data integrity and availability impact (CVSS ...
CVE-2021-40055
CVE-2021-40055 describes a man-in-the-middle attack vulnerability during system update download in recovery mode that can compromise integrity. Connected records corroborate this as a MITM issue affecting Huawei EMUI and Magic UI (Android-based). The NVD details indicate impact to integrity (I) a...
CVE-2022-22261
CVE-2022-22261 concerns Huawei HarmonyOS HiAIserver. Multiple connected sources confirm a vulnerability where the system fails to strictly validate the weights used in a model, allowing exploitation that can cause AI service anomalies or denial of service. The issue is described as a weight-valid...
CVE-2021-40049
Technical details (affected products, vulnerable components, root cause, and fixes) are not provided in the supplied documents; monitor vendor advisories for updates.
CVE-2022-22257
CVE-2022-22257 affects Huawei HarmonyOS through the customization framework, with root cause described as improper permission control/improper privilege restrictions. Multiple connected sources (NVD, Red Hat, CNVD and others) describe potential impact to data/system integrity but do not provide p...
CVE-2021-22431
CVE-2021-22431 describes a vulnerability in Huawei HarmonyOS smartphones where misconfiguration of permission isolation can lead to out-of-bounds access. Red Hat/RedHat-like and other feeds corroborate the issue across multiple sources; the vulnerability affects HarmonyOS-based devices and is cha...
CVE-2021-22433
CVE-2021-22433 concerns a memory address out-of-bounds (buffer error) vulnerability associated with Huawei HarmonyOS devices and related smartphone implementations. Reported impact across sources is potential arbitrary code execution upon successful exploitation, with exploit details not provided...
CVE-2021-40053
CVE-2021-40053 affects Huawei EMUI and Huawei Magic UI Nearby modules. Connected CNVD entry describes vulnerability as an authorization issue in the Nearby module, with potential impact to availability and integrity. Other sources similarly reference a permissions/control weakness in the Nearby m...
CVE-2022-22258
CVE-2022-22258 (Huawei HarmonyOS) concerns a privilege-elevation flaw in the Wi‑Fi module’s event notification path. The vulnerability could allow third-party apps to intercept event notifications and inject information, enabling elevation of privilege. Connected sources describe the issue as a w...