866 matches found
CVE-2025-48903
Permission bypass vulnerability in the media library moduleImpact: Successful exploitation of this vulnerability may affect availability.
CVE-2021-22419
A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to cause persistent dos.
CVE-2021-22456
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.
CVE-2021-37024
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.
CVE-2021-37061
There is a Uncontrolled Resource Consumption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Screen projection application denial of service.
CVE-2021-37114
There is an Out-of-bounds read vulnerability in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-37117
There is a Service logic vulnerability in Smartphone.Successful exploitation of this vulnerability may cause WLAN DoS.
CVE-2021-39970
HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission.
CVE-2021-39973
There is a Null pointer dereference in Smartphones.Successful exploitation of this vulnerability may cause the kernel to break down.
CVE-2021-39981
Chang Lian application has a vulnerability which can be maliciously exploited to hide the calling number.Successful exploitation of this vulnerability allows you to make an anonymous call.
CVE-2021-39983
The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
CVE-2021-39988
The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
CVE-2021-39990
The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.
CVE-2021-40014
The bone voice ID trusted application (TA) has a heap overflow vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2021-46852
The memory management module has the logic bypass vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-38989
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-38994
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-41593
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
CVE-2022-41602
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
CVE-2022-44552
The lock screen module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-48354
The Bluetooth module has a heap out-of-bounds write vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to crash.
CVE-2023-1696
The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability.
CVE-2023-39393
Vulnerability of insecure signatures in the ServiceWifiResources module. Successful exploitation of this vulnerability may cause ServiceWifiResources to be maliciously modified and overwritten.
CVE-2023-39402
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
CVE-2024-39670
Privilege escalation vulnerability in the account synchronisation module.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-42030
Access permission verification vulnerability in the content sharing pop-up moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-42039
Access control vulnerability in the SystemUI moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51517
Vulnerability of improper memory access in the phone service moduleImpact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-51519
Vulnerability of input parameters not being verified in the HDC moduleImpact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-54122
Concurrent variable access vulnerability in the ability moduleImpact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-56435
Cross-process screen stack vulnerability in the UIExtension moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56456
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine moduleImpact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-57954
Permission verification vulnerability in the media library moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-58112
Exception capture failure vulnerability in the SVG parsing module of the ArkUI frameworkImpact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58116
Buffer overflow vulnerability in the SVG parsing module of the ArkUI frameworkImpact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58252
Vulnerability of insufficient information protection in the media library moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-48905
Wasm exception capture vulnerability in the arkweb v8 moduleImpact: Successful exploitation of this vulnerability may cause the failure to capture specific Wasm exception types.
CVE-2025-48911
Vulnerability of improper permission assignment in the note sharing moduleImpact: Successful exploitation of this vulnerability may affect availability.
CVE-2021-22450
A component of the HarmonyOS has a Incomplete Cleanup vulnerability. Local attackers may exploit this vulnerability to cause memory exhaustion.
CVE-2021-22451
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting.
CVE-2021-22453
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.
CVE-2021-22458
A component of the HarmonyOS has a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. Local attackers may exploit this vulnerability to cause arbitrary code execution.
CVE-2021-22459
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause System functions which are unavailable.
CVE-2021-37007
There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.
CVE-2021-39971
Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.
CVE-2021-40025
The eID module has a vulnerability that causes the memory to be used without being initialized,Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2021-40037
There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.
CVE-2021-46840
The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
CVE-2021-46892
Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2022-37005
The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.