Harmonyos@2.0.0 Security Vulnerabilities and Issues — Page 2 of Harmonyos@2.0.0 CVE List

Lucene search

HuaweiHarmonyos2.0.0

205 matches found

CVE•added 2023/09/25 1:15 p.m.•49 views

CVE-2023-41303

Command injection vulnerability in the distributed file system module. Successful exploitation of this vulnerability may cause variables in the sock structure to be modified.

7.5CVSS7.6AI score0.00174EPSS

CVE•added 2023/10/11 12:15 p.m.•49 views

CVE-2023-44104

Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7.5AI score0.00069EPSS

CVE•added 2023/10/11 1:15 p.m.•49 views

CVE-2023-44118

Vulnerability of undefined permissions in the MeeTime module.Successful exploitation of this vulnerability will affect availability and confidentiality.

9.1CVSS9.1AI score0.00077EPSS

CVE•added 2024/04/08 9:15 a.m.•49 views

CVE-2023-52539

Permission verification vulnerability in the Settings module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS6.8AI score0.00051EPSS

CVE•added 2024/04/08 9:15 a.m.•49 views

CVE-2023-52540

Vulnerability of improper authentication in the Iaware module.Impact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS7AI score0.00075EPSS

CVE•added 2024/04/08 9:15 a.m.•49 views

CVE-2023-52542

Permission verification vulnerability in the system module.Impact: Successful exploitation of this vulnerability will affect availability.

6.5CVSS6.8AI score0.00049EPSS

CVE•added 2024/04/07 9:15 a.m.•49 views

CVE-2024-30417

Path traversal vulnerability in the Bluetooth-based sharing module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS6.8AI score0.0014EPSS

CVE•added 2023/03/27 10:15 p.m.•48 views

CVE-2022-48291

The Bluetooth module has an authentication bypass vulnerability in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.

6.5CVSS6.7AI score0.00015EPSS

CVE•added 2023/08/13 1:15 p.m.•48 views

CVE-2023-39387

Vulnerability of permission control in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows.

5.3CVSS5.2AI score0.00057EPSS

CVE•added 2023/09/25 1:15 p.m.•48 views

CVE-2023-41302

Redirection permission verification vulnerability in the home screen module. Successful exploitation of this vulnerability may cause features to perform abnormally.

7.5CVSS7.4AI score0.00149EPSS

CVE•added 2023/09/27 3:19 p.m.•48 views

CVE-2023-41305

Vulnerability of 5G messages being sent without being encrypted in a VPN environment in the SMS message module. Successful exploitation of this vulnerability may affect confidentiality.

7.5CVSS7.4AI score0.00096EPSS

CVE•added 2023/10/11 12:15 p.m.•48 views

CVE-2023-44111

Vulnerability of brute-force attacks on the device authentication module.Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7.6AI score0.0007EPSS

CVE•added 2023/11/08 3:15 a.m.•48 views

CVE-2023-46770

Out-of-bounds vulnerability in the sensor module. Successful exploitation of this vulnerability may cause mistouch prevention errors on users' mobile phones.

7.5CVSS7.5AI score0.00134EPSS

CVE•added 2024/06/14 8:15 a.m.•48 views

CVE-2024-36503

Memory management vulnerability in the Gralloc moduleImpact: Successful exploitation of this vulnerability will affect availability.

7.3CVSS7.1AI score0.00053EPSS

CVE•added 2024/08/08 10:15 a.m.•48 views

CVE-2024-42037

Vulnerability of uncaught exceptions in the Graphics moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

9.3CVSS6.9AI score0.00009EPSS

CVE•added 2023/08/13 1:15 p.m.•47 views

CVE-2023-39399

Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

9.1CVSS9AI score0.00066EPSS

CVE•added 2023/09/25 12:15 p.m.•47 views

CVE-2023-41297

Vulnerability of defects introduced in the design process in the HiviewTunner module. Successful exploitation of this vulnerability may cause service hijacking.

9.8CVSS9.2AI score0.00193EPSS

CVE•added 2023/10/11 1:15 p.m.•47 views

CVE-2023-44119

Vulnerability of mutual exclusion management in the kernel module.Successful exploitation of this vulnerability will affect availability.

7.5CVSS7.3AI score0.00056EPSS

CVE•added 2024/04/08 9:15 a.m.•47 views

CVE-2023-52388

Permission control vulnerability in the clock module.Impact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS6.8AI score0.00062EPSS

CVE•added 2024/12/28 7:15 a.m.•46 views

CVE-2021-22484

Some Huawei wearables have a vulnerability of not verifying the actual data size when reading data. Successful exploitation of this vulnerability may cause a server out of memory (OOM).

7.5CVSS7.1AI score0.00099EPSS

CVE•added 2023/11/08 11:15 a.m.•46 views

CVE-2023-46756

Permission control vulnerability in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows.

5.3CVSS5.2AI score0.00086EPSS

CVE•added 2024/04/08 9:15 a.m.•46 views

CVE-2023-52544

Vulnerability of file path verification being bypassed in the email module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.

4.3CVSS6.8AI score0.00059EPSS

CVE•added 2024/06/14 8:15 a.m.•46 views

CVE-2024-36502

Out-of-bounds read vulnerability in the audio moduleImpact: Successful exploitation of this vulnerability will affect availability.

7.9CVSS7AI score0.00033EPSS

CVE•added 2024/12/28 7:15 a.m.•45 views

CVE-2021-37000

Some Huawei wearables have a permission management vulnerability.

7.8CVSS7.2AI score0.00015EPSS

CVE•added 2023/03/27 10:15 p.m.•45 views

CVE-2022-48355

The Bluetooth module has a heap out-of-bounds read vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to crash.

6.5CVSS6.3AI score0.00037EPSS

CVE•added 2023/08/13 1:15 p.m.•45 views

CVE-2023-39391

Vulnerability of system file information leakage in the USB Service module. Successful exploitation of this vulnerability may affect confidentiality.

7.5CVSS7.3AI score0.00081EPSS

CVE•added 2023/09/25 1:15 p.m.•45 views

CVE-2023-41300

Vulnerability of parameters not being strictly verified in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.

7.5CVSS7.4AI score0.00134EPSS

CVE•added 2023/11/08 10:15 a.m.•45 views

CVE-2023-46755

Vulnerability of input parameters being not strictly verified in the input. Successful exploitation of this vulnerability may cause the launcher to restart.

5.3CVSS5.1AI score0.00058EPSS

CVE•added 2023/11/08 11:15 a.m.•45 views

CVE-2023-46758

Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device.

7.5CVSS7.5AI score0.00114EPSS

CVE•added 2024/09/04 3:15 a.m.•45 views

CVE-2024-45443

Directory traversal vulnerability in the cust moduleImpact: Successful exploitation of this vulnerability will affect availability and confidentiality.

9.1CVSS7AI score0.00139EPSS

CVE•added 2024/09/04 3:15 a.m.•45 views

CVE-2024-45444

Access permission verification vulnerability in the WMS moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

5.5CVSS7.1AI score0.00023EPSS

CVE•added 2023/08/13 12:15 p.m.•44 views

CVE-2023-39383

Vulnerability of input parameters being not strictly verified in the AMS module. Successful exploitation of this vulnerability may compromise apps' data security.

7.5CVSS7.4AI score0.00059EPSS

CVE•added 2023/08/13 1:15 p.m.•44 views

CVE-2023-39401

Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

9.1CVSS9.1AI score0.00102EPSS

CVE•added 2024/04/07 9:15 a.m.•44 views

CVE-2024-30416

Use After Free (UAF) vulnerability in the underlying driver module.Impact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS6.9AI score0.00084EPSS

CVE•added 2024/08/08 10:15 a.m.•44 views

CVE-2024-42033

Access control vulnerability in the security verification modulempact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

7.1CVSS7AI score0.00013EPSS

CVE•added 2024/09/04 3:15 a.m.•44 views

CVE-2024-45446

Access permission verification vulnerability in the camera driver moduleImpact: Successful exploitation of this vulnerability will affect availability.

5.5CVSS7.1AI score0.00021EPSS

CVE•added 2023/03/27 10:15 p.m.•43 views

CVE-2022-48360

The facial recognition module has a vulnerability in file permission control. Successful exploitation of this vulnerability may affect confidentiality.

7.5CVSS7.5AI score0.0008EPSS

CVE•added 2024/02/18 7:15 a.m.•43 views

CVE-2022-48621

Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7AI score0.00042EPSS

CVE•added 2023/09/25 11:15 a.m.•43 views

CVE-2023-39409

DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.

7.5CVSS7.4AI score0.00134EPSS

CVE•added 2023/11/08 9:15 a.m.•43 views

CVE-2023-46771

Security vulnerability in the face unlock module. Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7.5AI score0.0015EPSS

CVE•added 2024/09/27 11:15 a.m.•43 views

CVE-2024-47290

Input validation vulnerability in the USB service moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS5.5AI score0.00012EPSS

CVE•added 2024/12/12 12:15 p.m.•43 views

CVE-2024-54096

Vulnerability of improper access control in the MTP moduleImpact: Successful exploitation of this vulnerability may affect integrity and accuracy.

5.5CVSS5.3AI score0.00009EPSS

CVE•added 2024/12/12 12:15 p.m.•43 views

CVE-2024-54098

Service logic error vulnerability in the system service moduleImpact: Successful exploitation of this vulnerability may affect service integrity.

8.5CVSS8.4AI score0.00058EPSS

CVE•added 2023/05/26 5:15 p.m.•42 views

CVE-2022-48478

The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service.

9.8CVSS9.3AI score0.00125EPSS

CVE•added 2023/08/13 12:15 p.m.•42 views

CVE-2023-39382

Input verification vulnerability in the audio module. Successful exploitation of this vulnerability may cause virtual machines (VMs) to restart.

7.5CVSS7.4AI score0.00072EPSS

CVE•added 2023/08/13 1:15 p.m.•42 views

CVE-2023-39395

Mismatch vulnerability in the serialization process in the communication system. Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.5AI score0.00108EPSS

CVE•added 2023/09/25 9:15 a.m.•42 views

CVE-2023-39407

The Watchkit has a risk of unauthorized file access.Successful exploitation of this vulnerability may affect confidentiality and integrity.

9.1CVSS9AI score0.00152EPSS

CVE•added 2023/10/11 12:15 p.m.•42 views

CVE-2023-44101

The Bluetooth module has a vulnerability in permission control for broadcast notifications.Successful exploitation of this vulnerability may affect confidentiality.

7.5CVSS7.5AI score0.00071EPSS

CVE•added 2023/10/11 1:15 p.m.•42 views

CVE-2023-44105

Vulnerability of permissions not being strictly verified in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormally.

9.8CVSS9.3AI score0.00074EPSS

CVE•added 2023/11/08 10:15 a.m.•42 views

CVE-2023-46763

Vulnerability of background app permission management in the framework module. Successful exploitation of this vulnerability may cause background apps to start maliciously.

5.3CVSS5.2AI score0.00107EPSS

Total number of security vulnerabilities205