Lucene search
+L
HuaweiHarmonyos

1050 matches found

CVE
CVE
added 2024/02/18 3:39 a.m.7063 views

CVE-2023-52369

CVE-2023-52369 is a stack overflow vulnerability in the NFC module with a reported impact on availability and integrity. NVD records a CVSS v3.1 base score of 9.1 (CRITICAL) with network access, low complexity, no privileges required, and no user interaction, affecting the NFC-related component a...

9.1CVSS7AI score0.00418EPSS
CVE
CVE
added 2024/02/18 3:2 a.m.7059 views

CVE-2023-52363

CVE-2023-52363 describes a defect introduced in the design process in the Control Panel module with potential to cause app processes to start by mistake. Public sources reference Huawei HarmonyOS/EMUI context and generic design-phase vulnerability impact. The available documents do not provide co...

6.3CVSS6.6AI score0.00217EPSS
CVE
CVE
added 2024/02/18 2:52 a.m.7025 views

CVE-2023-52387

The CVE-2023-52387 entry describes a Resource Reuse vulnerability in the GPU module that can affect confidentiality. Connected CNVD/CNNVD and related records map this issue to Huawei EMUI and Huawei HarmonyOS (mobile OSes) with a resource reuse flaw in the GPU component. The NVD/NVD-derived metri...

7.5CVSS6.8AI score0.00337EPSS
CVE
CVE
added 2024/02/18 3:4 a.m.7018 views

CVE-2023-52365

CVE-2023-52365 is an out-of-bounds read vulnerability in the smart activity recognition module, reported across Huawei EMUI and Huawei HarmonyOS. The root cause is an out-of-bounds read that can cause features to behave abnormally. Public technical details are limited in the provided documents, b...

7.7CVSS6.6AI score0.0027EPSS
CVE
CVE
added 2024/02/18 3:52 a.m.6995 views

CVE-2023-52373

Summary of CVE-2023-52373 : A permission verification flaw in the Huawei HarmonyOS/EMUI share box module's content sharing pop-up allows unauthorized file sharing. The vulnerability is described across multiple sources (NVD, Red Hat CVE page, CNVD/CNNVD entries) with a high impact on confidential...

7.5CVSS6.7AI score0.00319EPSS
CVE
CVE
added 2024/02/18 6:5 a.m.6994 views

CVE-2023-52375

CVE-2023-52375 concerns Huawei HarmonyOS/EMUI’s WMS (WindowManagerService) module. Connected sources describe a privilege control vulnerability in the WMS, which can affect usability and, per the NVD entry, may impact availability. The CVE’s description notes a permission control issue in WindowM...

7.5CVSS6.8AI score0.0023EPSS
CVE
CVE
added 2024/02/18 3:42 a.m.6934 views

CVE-2023-52371

CVE-2023-52371 corresponds to a vulnerability with null references in the motor module, affecting Huawei HarmonyOS and Huawei EMUI. The impact is an availability impact as described in multiple sources. The root cause is a null pointer/reference in the motor module. Affected products include Harm...

3.5CVSS6.7AI score0.0017EPSS
CVE
CVE
added 2024/02/18 6:7 a.m.6675 views

CVE-2023-52377

CVE-2023-52377 affects Huawei EMUI (cellular data module). The vulnerability arises from input data not being verified, potentially enabling out-of-bounds access. Reported CVSS v3.1 base score is 7.4 (HIGH) with network attack vector, high impact on confidentiality and availability, and no user i...

7.4CVSS6.7AI score0.00367EPSS
CVE
CVE
added 2024/02/18 4:4 a.m.6575 views

CVE-2023-52374

CVE-2023-52374 is tied to Huawei HarmonyOS and EMUI, involving a privilege-control vulnerability in the package management module. The CNVD/CNNVD entries describe an access control flaw that could allow an attacker to compromise confidentiality within the package management subsystem. No explicit...

7.5CVSS6.8AI score0.00319EPSS
CVE
CVE
added 2024/02/18 2:57 a.m.6497 views

CVE-2023-52358

CVE-2023-52358 concerns a configuration flaw in Huawei HarmonyOS/EMUI audio module APIs that can be exploited to cause a denial of service, impacting availability. The vulnerability is tied to the audio subsystem in HarmonyOS and EMUI, with the root cause described as a configuration defect in th...

6.2CVSS6.7AI score0.00126EPSS
CVE
CVE
added 2024/02/18 2:54 a.m.6375 views

CVE-2023-52097

CVE-2023-52097 is linked to Huawei EMUI and Huawei HarmonyOS. The connected CNVD entry describes a vulnerability that allows bypassing the foreground service restriction, with impact to system confidentiality. The CVE entry itself notes a foreground-service–restrictions bypass in the NMS module a...

7.5CVSS6.7AI score0.0034EPSS
CVE
CVE
added 2024/02/18 6:13 a.m.6265 views

CVE-2023-52381

The CVE-2023-52381 entry corresponds to a script injection vulnerability in Huawei HarmonyOS/EMUI mail module. The CNVD CNVD-2024-31083 document confirms an in-component script injection that can allow an attacker to execute arbitrary code on affected systems. The NVD/NVD-derived description simi...

9.8CVSS7.1AI score0.00446EPSS
CVE
CVE
added 2024/02/18 6:11 a.m.6147 views

CVE-2023-52380

CVE-2023-52380 is an improper access control vulnerability affecting the Huawei HarmonyOS/EMUI mail module. The root cause is insufficient access controls in the mail component, potentially allowing information disclosure. Public documents enumerate HarmonyOS/EMUI mail as affected, with no explic...

4.3CVSS6.7AI score0.00257EPSS
CVE
CVE
added 2024/02/18 6:9 a.m.6131 views

CVE-2023-52378

CVE-2023-52378 relates to Huawei HarmonyOS/EMUI WMS (WindowManagerServices) with an incorrect service logic root cause in the WMS module. The connected CNVD/CNNVD entries describe a privilege control type vulnerability and a business logic error that can lead to usability issues or functional exc...

9.8CVSS6.7AI score0.00458EPSS
CVE
CVE
added 2024/02/18 2:59 a.m.6128 views

CVE-2023-52361

The CVE-2023-52361 entry corresponds to Huawei HarmonyOS VerifiedBoot module authentication errors. Multiple sources (NVD, CNVD, CNNVD) describe a vulnerability in the VerifiedBoot component that can compromise system integrity (I = High) with no confidentiality or availability impact, and with n...

7.5CVSS7AI score0.00306EPSS
CVE
CVE
added 2024/02/18 3:38 a.m.5823 views

CVE-2023-52368

CVE-2023-52368 is linked to Huawei HarmonyOS/EMUI via CNVD/CNNVD references. The vulnerability is described as an input verification flaw in the Accounts module that can cause features to behave abnormally and, per CNVD, may lead to a denial-of-service condition. The NVD entry lists a network-bas...

5.3CVSS6.7AI score0.00255EPSS
CVE
CVE
added 2024/02/18 3:51 a.m.4624 views

CVE-2023-52372

CVE-2023-52372 affects Huawei HarmonyOS (including EMUI) with a vulnerability in the motor module’s input parameter verification that can cause a denial of service and affect availability. The CNVD entry corroborates a DoS impact linked to HarmonyOS/EMUI, and the NVD/NVD-derived description also ...

7.5CVSS6.7AI score0.00379EPSS
CVE
CVE
added 2024/02/18 3:0 a.m.4620 views

CVE-2023-52362

Technical details about CVE-2023-52362 are not publicly provided in the supplied documents. Monitor for updates from vendors (Huawei/Red Hat/CNVD) for affected products, versions, root cause specifics, and patches.

7.5CVSS6.8AI score0.00353EPSS
CVE
CVE
added 2024/02/18 6:6 a.m.4453 views

CVE-2023-52376

Technical details about CVE-2023-52376 are not publicly provided in the supplied connected documents. Monitor for updates from vendors and security trackers for affected products, scope, and remediation.

7.5CVSS6.7AI score0.00337EPSS
CVE
CVE
added 2024/02/18 3:27 a.m.4435 views

CVE-2023-52366

CVE-2023-52366 describes an out-of-bounds read vulnerability in the smart activity recognition module, potentially causing features to behave abnormally. Public details come from multiple sources (NVD, Red Hat, CVE records, CNNVD) and indicate the issue affects Huawei/EMUI-type Android-based envi...

7.5CVSS6.6AI score0.00379EPSS
CVE
CVE
added 2024/02/18 2:58 a.m.3954 views

CVE-2023-52360

CVE-2023-52360 is a Huawei HarmonyOS baseband logic vulnerability with a network-facing attack surface that can compromise service integrity. The CVSS=7.5 (HIGH) reflects potential high impact to integrity while confidentiality/availability remain unaffected per the provided metrics. Several conn...

7.5CVSS6.9AI score0.00293EPSS
CVE
CVE
added 2024/02/18 3:41 a.m.3954 views

CVE-2023-52370

CVE-2023-52370 is a stack overflow vulnerability in the network acceleration module that can lead to unauthorized file access. The NVD entry assigns a CVSS v3.1 base score of 9.8 (CRITICAL) with network attack vector, low attack complexity, no privileges or user interaction required, and impacts ...

9.8CVSS7AI score0.00456EPSS
CVE
CVE
added 2023/09/25 12:8 p.m.2516 views

CVE-2023-41301

CVE-2023-41301 describes a vulnerability in the PMS module enabling unauthorized API access, with exploitation potentially causing features to behave abnormally. The NVD entry lists a CVSS v3.1 base score of 7.5 (HIGH), with network attack vector, no privileges required, no user interaction, and ...

7.5CVSS7.4AI score0.0035EPSS
CVE
CVE
added 2023/08/13 12:26 p.m.2512 views

CVE-2023-39394

CVE-2023-39394 describes an API privilege-escalation vulnerability in Huawei HarmonyOS’s wifienhance module. According to the NVD entry, successful exploitation could allow modification of the ARP list, implying impact to ARP cache integrity (high with I:H, network attack vector, no user interact...

7.5CVSS7.6AI score0.00293EPSS
CVE
CVE
added 2023/08/13 12:24 p.m.2505 views

CVE-2023-39390

CVE-2023-39390 affects Huawei HarmonyOS, specifically the window management module. The vulnerability arises from input parameter verification weaknesses in certain APIs, which, if exploited over the network, could cause the device to restart (CVSS 7.5, HIGH; AV:N, AC:L, PR:N, UI:N, S:U, C:N, I:N...

7.5CVSS7.3AI score0.00379EPSS
CVE
CVE
added 2023/08/13 12:41 p.m.2501 views

CVE-2023-39404

CVE-2023-39404 concerns Huawei HarmonyOS and is tied to the window management module. The vulnerability stems from insufficient input parameter verification in certain APIs, which can be exploited to cause a device reboot (DoS). Public exploitation details are not provided in the supplied documen...

7.5CVSS7.3AI score0.00379EPSS
CVE
CVE
added 2023/07/06 12:26 p.m.2497 views

CVE-2023-37238

The CVE-2023-37238 entry concerns Huawei HarmonyOS. Affected component: wireless projection module (and related screen casting interfaces). Root cause: incomplete verification of apps’ permission to access a specific API, enabling insufficient permission checks. Impact: exploitation could affect ...

5.3CVSS5.1AI score0.00296EPSS
CVE
CVE
added 2023/07/06 12:30 p.m.2483 views

CVE-2023-37241

CVE-2023-37241 is an input verification vulnerability in the WMS API. Exploitation could cause the affected device to restart. The available connected sources confirm the issue and its impact but do not provide concrete exploit details, affected versions, or a validated fix/update. No remediation...

7.5CVSS7.4AI score0.00447EPSS
CVE
CVE
added 2024/02/18 3:32 a.m.2396 views

CVE-2023-52367

CVE-2023-52367 describes an improper access control vulnerability in the media library module, observed in Huawei HarmonyOS and EMUI. The root cause is access-control failure, with CVSS 3.1 indicating a local exploit could enable high-impact outcomes to integrity and availability, and no privileg...

7.7CVSS6.7AI score0.00119EPSS
CVE
CVE
added 2022/06/13 3:5 p.m.503 views

CVE-2022-31757

Technical details, affected products, and remediation are not publicly provided in the supplied documents. Monitor updates from Red Hat, NVD, and other sources for concrete impact and fixes.

7.5CVSS7.5AI score0.0062EPSS
CVE
CVE
added 2023/04/16 6:1 a.m.239 views

CVE-2022-48312

The CVE-2022-48312 entry concerns the HwPCAssistant module in Huawei/HarmonyOS, described as an out-of-bounds read/write vulnerability that may compromise confidentiality and integrity. The connected records identify the affected component (HwPCAssistant) and the underlying issue (out-of-bounds a...

9.1CVSS9.1AI score0.00398EPSS
CVE
CVE
added 2022/04/11 7:38 p.m.153 views

CVE-2022-22253

CVE-2022-22253 affects Huawei HarmonyOS’s DFX module , where an vulnerability stems from improper validation of integrity check values . This can lead to system instability if exploitable. Connected sources (Red Hat, NVD, CNVD, etc.) reiterate the same description without detailing a specific pat...

7.5CVSS7.5AI score0.00292EPSS
CVE
CVE
added 2022/04/11 7:38 p.m.119 views

CVE-2022-22256

CVE-2022-22256 affects Huawei HarmonyOS, specifically the DFX module, which has an access control error. The vulnerability arises from inadequate restriction of resources to unauthorized roles, with potential impact on data confidentiality. Public references in the dataset describe the issue cons...

7.5CVSS7.5AI score0.00692EPSS
CVE
CVE
added 2022/02/09 10:3 p.m.110 views

CVE-2021-40045

CVE-2021-40045 concerns Huawei HarmonyOS (Wearables recovery upgrade system) where the signature verification mechanism can fail during system upgrade in recovery mode. The underlying vulnerability is a signature verification failure that can affect confidentiality of service. The NVD entry notes...

5.5CVSS5.5AI score0.00152EPSS
CVE
CVE
added 2024/02/18 6:10 a.m.110 views

CVE-2023-52379

CVE-2023-52379 describes a permission-control vulnerability in the calendarProvider module that can affect service confidentiality. The CVE entry indicates a high-severity impact (confidentiality) with network attack vector, no user interaction, no privileges required, and no impact on availabili...

7.5CVSS6.8AI score0.00319EPSS
CVE
CVE
added 2022/02/25 6:11 p.m.105 views

CVE-2021-22434

CVE-2021-22434 is described as a memory address out-of-bounds vulnerability in smartphones that can enable malicious code execution. Public records reference Huawei HarmonyOS and Huawei bulletin updates as mitigation, indicating the issue affected HarmonyOS-based devices and was addressed in vend...

9.8CVSS9.3AI score0.00898EPSS
CVE
CVE
added 2022/02/25 6:11 p.m.104 views

CVE-2021-22432

CVE-2021-22432 affects Huawei HarmonyOS smartphones where a vulnerability in permission isolation can lead to out-of-bounds access. Connected sources cite a Huawei HarmonyOS buffer error vulnerability in some products; however, detailed affected versions, vulnerable component specifics, exploit i...

10CVSS9.3AI score0.00894EPSS
CVE
CVE
added 2022/03/07 1:51 p.m.103 views

CVE-2021-40047

The CVE-2021-40047 entry relates to Huawei EMUI and Magic UI Bastet modules, where a memory is not released after its effective lifetime. The vulnerability affects the Bastet component and may impact integrity if exploited. Exploitation details, affected versions, and a remediation/patch are not ...

7.8CVSS7.5AI score0.006EPSS
CVE
CVE
added 2024/02/18 2:56 a.m.103 views

CVE-2023-52357

Huawei HarmonyOS and Huawei EMUI contain a denial-of-service vulnerability in the vibration framework caused by a serialization/deserialization mismatch. The CNVD/CNNVD entries describe an availability impact, with exploitation likely local to the device. The NVD entry reiterates a serialization/...

7.5CVSS6.7AI score0.00292EPSS
CVE
CVE
added 2022/02/25 6:11 p.m.102 views

CVE-2021-22394

CVE-2021-22394 concerns a buffer overflow in HarmonyOS smartphones that may cause DoS of apps during Multi-Screen Collaboration. The Connected documents corroborate a buffer-overflow issue affecting smartphones, but do not provide concrete patched versions, vulnerable component details, exploit s...

9.1CVSS9.3AI score0.00843EPSS
CVE
CVE
added 2022/03/07 1:50 p.m.99 views

CVE-2021-40052

The connected CNVD-2022-20292 and CNNVD-202203-984 entries indicate Huawei EMUI and Magic UI are affected by an incorrect buffer size calculation vulnerability in the video framework, described as impacting usability. No specific affected versions are provided in these documents. A PT-2022-11173 ...

7.8CVSS7.6AI score0.00758EPSS
CVE
CVE
added 2022/05/13 3:3 p.m.99 views

CVE-2022-22260

CVE-2022-22260 is a kernel-module use-after-free vulnerability in Huawei/HarmonyOS reported across multiple sources (NVD, RH, CNVD/CNNVD). The issue is exploited via network access with low attack complexity and no authentication, leading to potential data integrity and availability impact (CVSS ...

9.1CVSS9AI score0.0063EPSS
CVE
CVE
added 2022/03/07 1:50 p.m.98 views

CVE-2021-40055

CVE-2021-40055 describes a man-in-the-middle attack vulnerability during system update download in recovery mode that can compromise integrity. Connected records corroborate this as a MITM issue affecting Huawei EMUI and Magic UI (Android-based). The NVD details indicate impact to integrity (I) a...

7.1CVSS5.6AI score0.00506EPSS
CVE
CVE
added 2022/05/13 3:3 p.m.97 views

CVE-2022-22261

CVE-2022-22261 concerns Huawei HarmonyOS HiAIserver. Multiple connected sources confirm a vulnerability where the system fails to strictly validate the weights used in a model, allowing exploitation that can cause AI service anomalies or denial of service. The issue is described as a weight-valid...

7.5CVSS7.5AI score0.0063EPSS
CVE
CVE
added 2022/03/07 1:50 p.m.95 views

CVE-2021-40049

Technical details (affected products, vulnerable components, root cause, and fixes) are not provided in the supplied documents; monitor vendor advisories for updates.

7.5CVSS7.3AI score0.00759EPSS
CVE
CVE
added 2022/04/11 7:38 p.m.95 views

CVE-2022-22257

CVE-2022-22257 affects Huawei HarmonyOS through the customization framework, with root cause described as improper permission control/improper privilege restrictions. Multiple connected sources (NVD, Red Hat, CNVD and others) describe potential impact to data/system integrity but do not provide p...

7.5CVSS7.5AI score0.00549EPSS
CVE
CVE
added 2022/02/25 6:11 p.m.94 views

CVE-2021-22431

CVE-2021-22431 describes a vulnerability in Huawei HarmonyOS smartphones where misconfiguration of permission isolation can lead to out-of-bounds access. Red Hat/RedHat-like and other feeds corroborate the issue across multiple sources; the vulnerability affects HarmonyOS-based devices and is cha...

9.8CVSS9.3AI score0.00763EPSS
CVE
CVE
added 2022/02/25 6:11 p.m.94 views

CVE-2021-22433

CVE-2021-22433 concerns a memory address out-of-bounds (buffer error) vulnerability associated with Huawei HarmonyOS devices and related smartphone implementations. Reported impact across sources is potential arbitrary code execution upon successful exploitation, with exploit details not provided...

9.8CVSS9.3AI score0.00873EPSS
CVE
CVE
added 2022/03/07 1:50 p.m.94 views

CVE-2021-40053

CVE-2021-40053 affects Huawei EMUI and Huawei Magic UI Nearby modules. Connected CNVD entry describes vulnerability as an authorization issue in the Nearby module, with potential impact to availability and integrity. Other sources similarly reference a permissions/control weakness in the Nearby m...

9.1CVSS9.1AI score0.00695EPSS
CVE
CVE
added 2022/04/11 7:38 p.m.94 views

CVE-2022-22258

CVE-2022-22258 (Huawei HarmonyOS) concerns a privilege-elevation flaw in the Wi‑Fi module’s event notification path. The vulnerability could allow third-party apps to intercept event notifications and inject information, enabling elevation of privilege. Connected sources describe the issue as a w...

9.8CVSS9.1AI score0.00926EPSS
Total number of security vulnerabilities1050