Lucene search

K
HuaweiHarmonyos2.0

356 matches found

CVE
CVE
added 2021/10/28 1:15 p.m.44 views

CVE-2021-22468

A component of the HarmonyOS has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability. Local attackers may exploit this vulnerability to cause kernel address leakage.

3.3CVSS4AI score0.00023EPSS
CVE
CVE
added 2022/01/03 10:15 p.m.44 views

CVE-2021-39978

Telephony application has a SQL Injection vulnerability.Successful exploitation of this vulnerability may cause privacy and security issues.

7.5CVSS7.9AI score0.00271EPSS
CVE
CVE
added 2022/01/03 10:15 p.m.44 views

CVE-2021-39989

The HwNearbyMain module has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability may cause a process to restart.

7.5CVSS7.4AI score0.00182EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.44 views

CVE-2022-38981

The HwAirlink module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause information leakage.

7.5CVSS7.3AI score0.00121EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.44 views

CVE-2022-38984

The HIPP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality.

7.5CVSS7.3AI score0.00101EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.44 views

CVE-2022-38987

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.

7.5CVSS7.5AI score0.00112EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.44 views

CVE-2022-38988

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.5AI score0.00125EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.44 views

CVE-2022-38997

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.5AI score0.00125EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.44 views

CVE-2022-39001

The number identification module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause data disclosure.

7.5CVSS7.4AI score0.00134EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.44 views

CVE-2022-41589

The DFX unwind stack module of the ArkCompiler has a vulnerability in interface calling.Successful exploitation of this vulnerability affects system services and device availability.

7.5CVSS7.4AI score0.00105EPSS
CVE
CVE
added 2023/10/11 11:15 a.m.44 views

CVE-2023-44094

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart.

5.3CVSS5.2AI score0.00032EPSS
CVE
CVE
added 2021/08/03 6:15 p.m.43 views

CVE-2021-22416

A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution.

7.8CVSS7.5AI score0.00018EPSS
CVE
CVE
added 2022/08/10 8:16 p.m.43 views

CVE-2022-37004

The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability.

7.5CVSS7.5AI score0.00043EPSS
CVE
CVE
added 2022/08/10 8:16 p.m.43 views

CVE-2022-37008

The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability.

7.5CVSS7.5AI score0.00033EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.43 views

CVE-2022-38980

The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions.

9.8CVSS9.4AI score0.00172EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.43 views

CVE-2022-38982

The fingerprint module has service logic errors.Successful exploitation of this vulnerability will cause the phone lock to be cracked.

9.8CVSS9.3AI score0.0015EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.43 views

CVE-2022-38985

The facial recognition module has a vulnerability in input validation.Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.5AI score0.00074EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.43 views

CVE-2022-38993

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.

7.5CVSS7.5AI score0.00112EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.43 views

CVE-2022-39010

The HwChrService module has a vulnerability in permission control. Successful exploitation of this vulnerability may cause disclosure of user network information.

7.5CVSS7.4AI score0.00122EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.43 views

CVE-2022-41586

The communication framework module has a vulnerability of not truncating data properly.Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.5AI score0.00118EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.43 views

CVE-2022-41594

The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.

3.4CVSS4.5AI score0.00011EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.43 views

CVE-2022-41603

The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.

3.4CVSS4.5AI score0.00011EPSS
CVE
CVE
added 2023/02/09 5:15 p.m.43 views

CVE-2022-48293

The Bluetooth module has an OOM vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

6.5CVSS6.5AI score0.00035EPSS
CVE
CVE
added 2023/02/09 5:15 p.m.43 views

CVE-2022-48294

The IHwAttestationService interface has a defect in authentication. Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.5AI score0.0007EPSS
CVE
CVE
added 2023/03/27 10:15 p.m.43 views

CVE-2022-48346

The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect confidentiality.

7.5CVSS7.5AI score0.00085EPSS
CVE
CVE
added 2021/08/03 6:15 p.m.42 views

CVE-2021-22418

A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting.

7.8CVSS7.5AI score0.00019EPSS
CVE
CVE
added 2021/10/28 1:15 p.m.42 views

CVE-2021-22464

A component of the HarmonyOS has a Out-of-bounds Read vulnerability. Local attackers may exploit this vulnerability to cause system Soft Restart.

4.6CVSS4.2AI score0.00024EPSS
CVE
CVE
added 2021/10/28 1:15 p.m.42 views

CVE-2021-22465

A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.

5.5CVSS5.5AI score0.00022EPSS
CVE
CVE
added 2021/10/28 1:15 p.m.42 views

CVE-2021-22466

A component of the HarmonyOS has a Use After Free vulnerability. Local attackers may exploit this vulnerability to cause kernel crash.

5.5CVSS5.3AI score0.00024EPSS
CVE
CVE
added 2022/01/03 10:15 p.m.42 views

CVE-2021-37132

PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability .Successful exploitation of this vulnerability may cause that Third-party apps can obtain the complete list of Harmony apps without permission.

5.3CVSS5.2AI score0.00084EPSS
CVE
CVE
added 2022/01/03 10:15 p.m.42 views

CVE-2021-39972

MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.

7.5CVSS7.4AI score0.00151EPSS
CVE
CVE
added 2022/07/12 2:15 p.m.42 views

CVE-2022-34741

The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.

6.5CVSS6.7AI score0.00033EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.42 views

CVE-2022-38978

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.5AI score0.00125EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.42 views

CVE-2022-38983

The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution.

9.8CVSS9.6AI score0.00234EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.42 views

CVE-2022-41588

The home screen module has a vulnerability in service logic processing.Successful exploitation of this vulnerability may affect data integrity.

7.5CVSS7.5AI score0.00077EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.42 views

CVE-2022-41600

The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.

3.4CVSS4.5AI score0.00011EPSS
CVE
CVE
added 2022/11/09 9:15 p.m.42 views

CVE-2022-44555

The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable.

7.5CVSS7.4AI score0.00072EPSS
CVE
CVE
added 2022/11/09 9:15 p.m.42 views

CVE-2022-44562

The system framework layer has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.

9.8CVSS9.3AI score0.00193EPSS
CVE
CVE
added 2023/05/26 5:15 p.m.42 views

CVE-2022-48478

The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service.

9.8CVSS9.3AI score0.00125EPSS
CVE
CVE
added 2023/03/27 10:15 p.m.42 views

CVE-2023-26549

The SystemUI module has a vulnerability of repeated app restart due to improper parameters. Successful exploitation of this vulnerability may affect confidentiality.

7.5CVSS7.5AI score0.00094EPSS
CVE
CVE
added 2021/08/03 6:15 p.m.41 views

CVE-2021-22421

A component of the HarmonyOS has a Improper Privilege Management vulnerability. Local attackers may exploit this vulnerability to cause further Elevation of Privileges.

7.8CVSS7.5AI score0.00016EPSS
CVE
CVE
added 2021/08/03 6:15 p.m.41 views

CVE-2021-22425

A component of the HarmonyOS has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevating Privileges.

7.8CVSS7.4AI score0.00019EPSS
CVE
CVE
added 2021/10/28 1:15 p.m.41 views

CVE-2021-22455

A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause the memory which is not released.

5.5CVSS5.5AI score0.00061EPSS
CVE
CVE
added 2021/10/28 1:15 p.m.41 views

CVE-2021-22460

A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to bypass the control mechanism.

5.5CVSS5.4AI score0.00011EPSS
CVE
CVE
added 2021/10/28 1:15 p.m.41 views

CVE-2021-22467

A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address.

5.5CVSS5.3AI score0.00025EPSS
CVE
CVE
added 2021/12/07 5:15 p.m.41 views

CVE-2021-37043

There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to malicious application processes occupy system resources.

7.5CVSS7.4AI score0.00168EPSS
CVE
CVE
added 2022/01/10 2:10 p.m.41 views

CVE-2021-40011

There is an uncontrolled resource consumption vulnerability in the display module. Successful exploitation of this vulnerability may affect integrity.

7.5CVSS7.5AI score0.00135EPSS
CVE
CVE
added 2022/01/10 2:10 p.m.41 views

CVE-2021-40018

The eID module has a null pointer reference vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.5AI score0.0016EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.41 views

CVE-2021-46839

The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.

9.1CVSS9.1AI score0.00102EPSS
CVE
CVE
added 2022/07/12 2:15 p.m.41 views

CVE-2022-34739

The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings.

7.5CVSS7.6AI score0.00131EPSS
Total number of security vulnerabilities356