356 matches found
CVE-2022-37001
The diag-router module has a vulnerability in intercepting excessive long and short instructions. Successful exploitation of this vulnerability will cause the diag-router module to crash.
CVE-2022-39005
The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.
CVE-2022-44557
The SmartTrimProcessEvent module has a vulnerability of obtaining the read and write permissions on arbitrary system files. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48286
The multi-screen collaboration module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48287
The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect data integrity.
CVE-2022-48295
The IHwAntiMalPlugin interface lacks permission verification. Successful exploitation of this vulnerability can lead to filling problems (batch installation of applications).
CVE-2022-48299
The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48313
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2023-44106
API permission management vulnerability in the Fwk-Display module.Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2023-44109
Clone vulnerability in the huks ta module.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-22318
A component of the HarmonyOS 2.0 has a Null Pointer Dereference Vulnerability. Local attackers may exploit this vulnerability to cause system denial of service.
CVE-2021-22424
A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability. Local attackers may exploit this vulnerability to cause Kernel Denial of Service.
CVE-2021-22452
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address.
CVE-2021-22457
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to cause out-of-bounds write.
CVE-2021-37112
Hisuite module has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability may lead to Firmware leak.
CVE-2021-37125
Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause confidentiality is affected.
CVE-2021-40034
The video framework has the memory overwriting vulnerability caused by addition overflow. Successful exploitation of this vulnerability may affect the availability.
CVE-2022-38979
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-39009
The WLAN module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause third-party apps to affect WLAN functions.
CVE-2022-39011
The HISP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this vulnerability may cause unauthorized access to the HISP module.
CVE-2022-41581
The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
CVE-2022-44553
The HiView module has a vulnerability of not filtering third-party apps out when the HiView module traverses to invoke the system provider. Successful exploitation of this vulnerability may cause third-party apps to start periodically.
CVE-2022-44560
The launcher module has an Intent redirection vulnerability. Successful exploitation of this vulnerability may cause launcher module data to be modified.
CVE-2022-44561
The preset launcher module has a permission verification vulnerability. Successful exploitation of this vulnerability makes unauthorized apps add arbitrary widgets and shortcuts without interaction.
CVE-2022-48296
The SystemUI has a vulnerability in permission management. Successful exploitation of this vulnerability may cause users to receive broadcasts from malicious apps, conveying false alarm information about external storage devices.
CVE-2022-48300
The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2021-22419
A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to cause persistent dos.
CVE-2021-22456
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.
CVE-2021-37024
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.
CVE-2021-37061
There is a Uncontrolled Resource Consumption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Screen projection application denial of service.
CVE-2021-39970
HwPCAssistant has a Improper Input Validation vulnerability.Successful exploitation of this vulnerability may create any file with the system app permission.
CVE-2021-39981
Chang Lian application has a vulnerability which can be maliciously exploited to hide the calling number.Successful exploitation of this vulnerability allows you to make an anonymous call.
CVE-2021-39983
The HwNearbyMain module has a Data Processing Errors vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
CVE-2021-39988
The HwNearbyMain module has a NULL Pointer Dereference vulnerability.Successful exploitation of this vulnerability may cause a process to restart.
CVE-2021-39990
The screen lock module has a Stack-based Buffer Overflow vulnerability.Successful exploitation of this vulnerability may affect user experience.
CVE-2021-46852
The memory management module has the logic bypass vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-38989
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-38994
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-41593
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
CVE-2022-41602
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
CVE-2022-44552
The lock screen module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-48354
The Bluetooth module has a heap out-of-bounds write vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to crash.
CVE-2023-1696
The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability.
CVE-2021-22450
A component of the HarmonyOS has a Incomplete Cleanup vulnerability. Local attackers may exploit this vulnerability to cause memory exhaustion.
CVE-2021-22451
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting.
CVE-2021-22453
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.
CVE-2021-22458
A component of the HarmonyOS has a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. Local attackers may exploit this vulnerability to cause arbitrary code execution.
CVE-2021-22459
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause System functions which are unavailable.
CVE-2021-37007
There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.
CVE-2021-39971
Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality.