257 matches found
CVE-2021-40036
The bone voice ID TA has a memory overwrite vulnerability. Successful exploitation of this vulnerability may result in malicious code execution.
CVE-2021-46785
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.
CVE-2022-37007
The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability.
CVE-2022-22252
The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability.
CVE-2022-29792
The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-29795
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
CVE-2022-34743
The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-31756
The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-31758
The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-34736
The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability.
CVE-2021-46741
The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity.
CVE-2022-29790
The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions.
CVE-2022-44547
The Display Service module has a UAF vulnerability. Successful exploitation of this vulnerability may affect the display service availability.
CVE-2022-22254
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-29791
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.
CVE-2021-40012
Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2021-46811
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information.
CVE-2022-31763
The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-34742
The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-37002
The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background.
CVE-2022-37006
Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service availability.
CVE-2022-46317
The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-31751
The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-39006
The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart.
CVE-2022-46315
The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-46324
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.
CVE-2022-46326
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.
CVE-2022-38999
The AOD module has the improper update of reference count vulnerability. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability.
CVE-2022-44548
There is a vulnerability in permission verification during the Bluetooth pairing process. Successful exploitation of this vulnerability may cause the dialog box for confirming the pairing not to be displayed during Bluetooth pairing.
CVE-2022-44551
The iaware module has a vulnerability in thread security. Successful exploitation of this vulnerability will affect confidentiality, integrity, and availability.
CVE-2022-46310
The TelephonyProvider module has a vulnerability in obtaining values.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-46313
The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone.
CVE-2022-41583
The storage maintenance and debugging module has an array out-of-bounds read vulnerability.Successful exploitation of this vulnerability will cause incorrect statistics of this module.
CVE-2022-41590
Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability.
CVE-2021-40010
The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution.
CVE-2021-40017
The HW_KEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access.
CVE-2022-31759
AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-41596
The system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of components.
CVE-2022-44554
The power module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause abnormal status of a module on the device.
CVE-2022-46321
The Wi-Fi module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2021-46812
The Device Manager has a vulnerability in multi-device interaction. Successful exploitation of this vulnerability may affect data integrity.
CVE-2021-46856
The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-41582
The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability.
CVE-2022-41591
The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files.
CVE-2022-44563
There is a race condition vulnerability in SD upgrade mode. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-46311
The contacts component has a free (undefined) provider vulnerability. Successful exploitation of this vulnerability may affect data integrity.
CVE-2022-39004
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
CVE-2022-39008
The NFC module has bundle serialization/deserialization vulnerabilities. Successful exploitation of this vulnerability may cause third-party apps to read and write files that are accessible only to system apps.
CVE-2022-44549
The LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to access the geofencing APIs without authorization, affecting user confidentiality.
CVE-2022-44556
Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability.