866 matches found
CVE-2022-38977
The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data.
CVE-2022-38992
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-41577
The kernel server has a vulnerability of not verifying the length of the data transferred in the user space.Successful exploitation of this vulnerability may cause out-of-bounds read in the kernel, which affects the device confidentiality and availability.
CVE-2022-48479
The facial recognition TA of some products has the out-of-bounds memory read vulnerability. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service.
CVE-2022-48512
Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally.
CVE-2023-39380
Permission control vulnerability in the audio module. Successful exploitation of this vulnerability may cause audio devices to perform abnormally.
CVE-2023-39381
Input verification vulnerability in the storage module. Successful exploitation of this vulnerability may cause the device to restart.
CVE-2023-41306
Vulnerability of mutex management in the bone voice ID trusted application (TA) module. Successful exploitation of this vulnerability may cause the bone voice ID feature to be unavailable.
CVE-2023-52954
Vulnerability of improper permission control in the Gallery moduleImpact: Successful exploitation of this vulnerability may affect availability.
CVE-2023-5801
Vulnerability of identity verification being bypassed in the face unlock module. Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2024-32996
Privilege escalation vulnerability in the account moduleImpact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-45445
Vulnerability of resources not being closed or released in the keystore moduleImpact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-45448
Page table protection configuration vulnerability in the trusted firmware moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-47294
Access permission verification vulnerability in the input method framework moduleImpact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-51514
Vulnerability of pop-up windows belonging to no app in the VPN moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-51526
Permission control vulnerability in the hidebug moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54099
File replacement vulnerability on some devicesImpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2024-54104
Cross-process screen stack vulnerability in the UIExtension moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54121
Startup control vulnerability in the ability moduleImpact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-56444
Cross-process screen stack vulnerability in the UIExtension moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-56452
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine moduleImpact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58106
Buffer overflow vulnerability in the codec moduleImpact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58111
Exception capture failure vulnerability in the SVG parsing module of the ArkUI frameworkImpact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58114
Resource allocation control failure vulnerability in the ArkUI frameworkImpact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-58126
Access control vulnerability in the security verification moduleImpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2021-22420
A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause the underlying trust of the application trustlist mechanism is missing..
CVE-2021-22422
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting.
CVE-2021-22423
A component of the HarmonyOS has a Out-of-bounds Write Vulnerability. Local attackers may exploit this vulnerability to cause integer overflow.
CVE-2021-22454
A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause core dump.
CVE-2021-37005
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.
CVE-2021-37012
There is a Data Processing Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.
CVE-2021-37060
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to SAMGR Heap Address Leakage.
CVE-2021-37128
HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file.
CVE-2021-39974
There is an Out-of-bounds read in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-39975
Hilinksvc has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause denial of service attacks.
CVE-2021-39984
Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service.
CVE-2021-39985
The HwNearbyMain module has a Improper Validation of Array Index vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
CVE-2021-39998
There is Vulnerability of APIs being concurrently called for multiple times in HwConnectivityExService a in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.
CVE-2021-40002
The Bluetooth module has an out-of-bounds write vulnerability. Successful exploitation of this vulnerability may result in malicious command execution at the remote end.
CVE-2021-40021
The eID module has an out-of-bounds memory write vulnerability,Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2021-40026
There is a Heap-based buffer overflow vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
CVE-2022-48515
Vulnerability of inappropriate permission control in Nearby. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-39384
Vulnerability of incomplete permission verification in the input method module. Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2023-39386
Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause newly installed apps to fail to restart.
CVE-2023-39388
Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.
CVE-2023-39398
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
CVE-2023-39400
Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.
CVE-2023-44102
Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability can cause the Bluetooth function to be unavailable.
CVE-2023-44103
Out-of-bounds read vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-46769
Use-After-Free (UAF) vulnerability in the dubai module. Successful exploitation of this vulnerability will affect availability.