198 matches found
CVE-2023-44099
Vulnerability of data verification errors in the kernel module. Successful exploitation of this vulnerability may cause WLAN interruption.
CVE-2023-49240
Unauthorized access vulnerability in the launcher module. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-49243
Vulnerability of unauthorized access to email attachments in the email module. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2022-48297
The geofencing kernel code has a vulnerability of not verifying the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access.
CVE-2023-37239
Format string vulnerability in the distributed file system. Attackers who bypass the selinux permission can exploit this vulnerability to crash the program.
CVE-2023-44096
Vulnerability of brute-force attacks on the device authentication module.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-6273
Permission management vulnerability in the module for disabling Sound Booster. Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2023-3455
Key management vulnerability on system. Successful exploitation of this vulnerability may affect service availability and integrity.
CVE-2023-39396
Deserialization vulnerability in the input module. Successful exploitation of this vulnerability may affect availability.
CVE-2023-44115
Vulnerability of improper permission control in the Booster module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-46768
Multi-thread vulnerability in the idmap module. Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2023-49239
Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-49245
Unauthorized access vulnerability in the Huawei Share module. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2022-48519
Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2023-37245
Buffer overflow vulnerability in the modem pinctrl module. Successful exploitation of this vulnerability may affect the integrity and availability of the modem.
CVE-2023-41311
Permission control vulnerability in the audio module. Successful exploitation of this vulnerability may cause an app to be activated automatically.
CVE-2023-4565
Broadcast permission control vulnerability in the framework module. Successful exploitation of this vulnerability may cause the hotspot feature to be unavailable.
CVE-2023-49241
API permission control vulnerability in the network management module. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-46894
Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this vulnerability may lead to kernel privilege escalation.
CVE-2022-48513
Vulnerability of identity verification being bypassed in the Gallery module. Successful exploitation of this vulnerability may cause out-of-bounds access.
CVE-2023-3456
Vulnerability of kernel raw address leakage in the hang detector module. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-46773
Permission management vulnerability in the PMS module. Successful exploitation of this vulnerability may cause privilege escalation.
CVE-2023-49242
Free broadcast vulnerability in the running management module. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2022-48510
Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized operations.
CVE-2022-48516
Vulnerability that a unique value can be obtained by a third-party app in the DSoftBus module. Successful exploitation of this vulnerability will affect confidentiality.
CVE-2023-34165
Unauthorized access vulnerability in the Save for later feature provided by AI Touch.Successful exploitation of this vulnerability may cause third-party apps to forge a URI for unauthorized access with zero permissions.
CVE-2023-44100
Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-44113
Vulnerability of missing permission verification for APIs in the Designed for Reliability (DFR) module. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-46893
Vulnerability of unstrict data verification and parameter check. Successful exploitation of this vulnerability may affect integrity.
CVE-2022-48509
Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit abnormally.
CVE-2022-48517
Unauthorized service access vulnerability in the DSoftBus module. Successful exploitation of this vulnerability will affect availability.
CVE-2022-48518
Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the startup trustlist, which...
CVE-2023-37242
Vulnerability of commands from the modem being intercepted in the atcmdserver module. Attackers may exploit this vulnerability to rewrite the non-volatile random-access memory (NVRAM), or facilitate the exploitation of other vulnerabilities.
CVE-2023-41307
Memory overwriting vulnerability in the security module. Successful exploitation of this vulnerability may affect availability.
CVE-2023-49244
Permission management vulnerability in the multi-user module. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-1691
Vulnerability of failures to capture exceptions in the communication framework. Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2023-41296
Vulnerability of missing authorization in the kernel module. Successful exploitation of this vulnerability may affect integrity and confidentiality.
CVE-2023-49248
Vulnerability of unauthorized file access in the Settings app. Successful exploitation of this vulnerability may cause unauthorized file access.
CVE-2021-46890
Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
CVE-2021-46891
Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.
CVE-2023-37240
Vulnerability of missing input length verification in the distributed file system. Successful exploitation of this vulnerability may cause out-of-bounds read.
CVE-2022-48507
Vulnerability of identity verification being bypassed in the storage module. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-41298
Vulnerability of permission control in the window module. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2022-48508
Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity.
CVE-2022-48514
The Sepolicy module has inappropriate permission control on the use of Netlink.Successful exploitation of this vulnerability may affect confidentiality.
CVE-2022-48520
Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2023-41310
Keep-alive vulnerability in the sticky broadcast mechanism. Successful exploitation of this vulnerability may cause malicious apps to run continuously in the background.
CVE-2023-49247
Permission verification vulnerability in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality.