866 matches found
CVE-2024-54112
Cross-process screen stack vulnerability in the UIExtension moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-57961
Out-of-bounds write vulnerability in the emcom moduleImpact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2025-46588
Vulnerability of unauthorized access in the app lock moduleImpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2025-46589
Vulnerability of unauthorized access in the app lock moduleImpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVE-2025-46591
Out-of-bounds data read vulnerability in the authorization moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-22416
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution.
CVE-2021-40038
There is a Double free vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
CVE-2022-37004
The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability.
CVE-2022-37008
The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability.
CVE-2022-38980
The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions.
CVE-2022-38982
The fingerprint module has service logic errors.Successful exploitation of this vulnerability will cause the phone lock to be cracked.
CVE-2022-38985
The facial recognition module has a vulnerability in input validation.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-38993
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-39010
The HwChrService module has a vulnerability in permission control. Successful exploitation of this vulnerability may cause disclosure of user network information.
CVE-2022-41586
The communication framework module has a vulnerability of not truncating data properly.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-41594
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
CVE-2022-41603
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
CVE-2022-48288
The bundle management module lacks authentication and control mechanisms in some APIs. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48290
The phone-PC collaboration module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect data confidentiality and integrity.
CVE-2022-48293
The Bluetooth module has an OOM vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48294
The IHwAttestationService interface has a defect in authentication. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48346
The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2022-48360
The facial recognition module has a vulnerability in file permission control. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2022-48621
Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-34155
Vulnerability of unauthorized calling on HUAWEI phones and tablets.Successful exploitation of this vulnerability may affect availability.
CVE-2023-39409
DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.
CVE-2023-44098
Vulnerability of missing encryption in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-46771
Security vulnerability in the face unlock module. Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-36500
Privilege escalation vulnerability in the AMS moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-47290
Input validation vulnerability in the USB service moduleImpact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-51525
Permission control vulnerability in the clipboard moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54096
Vulnerability of improper access control in the MTP moduleImpact: Successful exploitation of this vulnerability may affect integrity and accuracy.
CVE-2024-54098
Service logic error vulnerability in the system service moduleImpact: Successful exploitation of this vulnerability may affect service integrity.
CVE-2024-54114
Out-of-bounds access vulnerability in playback in the DASH moduleImpact: Successful exploitation of this vulnerability will affect availability.
CVE-2024-57955
Arbitrary write vulnerability in the Gallery moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-57957
Vulnerability of improper log information control in the UI framework moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-27521
Vulnerability of improper access permission in the process management moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-22418
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting.
CVE-2021-22464
A component of the HarmonyOS has a Out-of-bounds Read vulnerability. Local attackers may exploit this vulnerability to cause system Soft Restart.
CVE-2021-22465
A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.
CVE-2021-22466
A component of the HarmonyOS has a Use After Free vulnerability. Local attackers may exploit this vulnerability to cause kernel crash.
CVE-2021-37132
PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability .Successful exploitation of this vulnerability may cause that Third-party apps can obtain the complete list of Harmony apps without permission.
CVE-2021-39972
MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.
CVE-2021-46868
The HW_KEYMASTER module has a problem in releasing memory.Successful exploitation of this vulnerability may result in out-of-bounds memory access.
CVE-2022-34741
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.
CVE-2022-38978
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-38983
The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution.
CVE-2022-41588
The home screen module has a vulnerability in service logic processing.Successful exploitation of this vulnerability may affect data integrity.
CVE-2022-41600
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
CVE-2022-44555
The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable.