Lucene search

K
HuaweiHarmonyos2.1

54 matches found

CVE
CVE
added 2022/03/10 5:43 p.m.79 views

CVE-2021-40053

There is a permission control vulnerability in the Nearby module.Successful exploitation of this vulnerability will affect availability and integrity.

9.1CVSS9.1AI score0.00256EPSS
CVE
CVE
added 2022/08/10 8:16 p.m.55 views

CVE-2022-37006

Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service availability.

7.5CVSS7.5AI score0.00082EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.54 views

CVE-2022-39006

The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart.

5.9CVSS5.6AI score0.00087EPSS
CVE
CVE
added 2023/04/16 8:15 a.m.54 views

CVE-2022-48314

The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.

6.5CVSS6.4AI score0.00013EPSS
CVE
CVE
added 2022/11/09 9:15 p.m.53 views

CVE-2022-44548

There is a vulnerability in permission verification during the Bluetooth pairing process. Successful exploitation of this vulnerability may cause the dialog box for confirming the pairing not to be displayed during Bluetooth pairing.

4.3CVSS4.6AI score0.00026EPSS
CVE
CVE
added 2022/11/09 9:15 p.m.53 views

CVE-2022-44551

The iaware module has a vulnerability in thread security. Successful exploitation of this vulnerability will affect confidentiality, integrity, and availability.

9.8CVSS9.3AI score0.00094EPSS
CVE
CVE
added 2022/12/20 9:15 p.m.50 views

CVE-2022-41591

The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files.

7.5CVSS7.4AI score0.00092EPSS
CVE
CVE
added 2022/11/09 9:15 p.m.50 views

CVE-2022-44563

There is a race condition vulnerability in SD upgrade mode. Successful exploitation of this vulnerability may affect data confidentiality.

5.9CVSS5.8AI score0.00062EPSS
CVE
CVE
added 2023/03/27 10:15 p.m.50 views

CVE-2023-26547

The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.

7.8CVSS7.6AI score0.00042EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.49 views

CVE-2022-39004

The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.

7.5CVSS7.5AI score0.00112EPSS
CVE
CVE
added 2022/11/09 9:15 p.m.49 views

CVE-2022-44549

The LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to access the geofencing APIs without authorization, affecting user confidentiality.

7.5CVSS7.4AI score0.0008EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.48 views

CVE-2022-38995

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.

7.5CVSS7.5AI score0.00112EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.48 views

CVE-2022-39000

The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup.

9.8CVSS9.3AI score0.00162EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.48 views

CVE-2022-41584

The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.

7.8CVSS7.4AI score0.00031EPSS
CVE
CVE
added 2022/11/09 9:15 p.m.48 views

CVE-2022-44550

The graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system availability.

7.5CVSS7.5AI score0.00084EPSS
CVE
CVE
added 2023/05/20 3:15 p.m.48 views

CVE-2023-1692

The window management module lacks permission verification.Successful exploitation of this vulnerability may affect confidentiality.

7.5CVSS7.5AI score0.0009EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.47 views

CVE-2022-41585

The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.

7.8CVSS7.4AI score0.00031EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.46 views

CVE-2021-40024

Implementation of the WLAN module interfaces has the information disclosure vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.2AI score0.00125EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.46 views

CVE-2022-38996

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.

7.5CVSS7.5AI score0.00112EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.46 views

CVE-2022-39007

The location module has a vulnerability of bypassing permission verification.Successful exploitation of this vulnerability may cause privilege escalation.

9.8CVSS9.4AI score0.00042EPSS
CVE
CVE
added 2023/03/27 10:15 p.m.46 views

CVE-2023-26548

The pgmng module has a vulnerability in serialization/deserialization. Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.5AI score0.00112EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.45 views

CVE-2022-41578

The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information.

9.8CVSS9.7AI score0.0013EPSS
CVE
CVE
added 2022/11/09 9:15 p.m.45 views

CVE-2022-44558

The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.

9.8CVSS9.4AI score0.00225EPSS
CVE
CVE
added 2022/11/09 9:15 p.m.45 views

CVE-2022-44559

The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.

9.8CVSS9.4AI score0.00225EPSS
CVE
CVE
added 2023/02/09 5:15 p.m.45 views

CVE-2022-48302

The AMS module has a vulnerability of lacking permission verification in APIs.Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.5AI score0.00069EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.44 views

CVE-2022-38981

The HwAirlink module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause information leakage.

7.5CVSS7.3AI score0.00121EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.44 views

CVE-2022-38997

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.5AI score0.00125EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.43 views

CVE-2022-38980

The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions.

9.8CVSS9.4AI score0.00172EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.43 views

CVE-2022-38993

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.

7.5CVSS7.5AI score0.00112EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.43 views

CVE-2022-41586

The communication framework module has a vulnerability of not truncating data properly.Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.5AI score0.00118EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.42 views

CVE-2022-38978

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.5AI score0.00125EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.42 views

CVE-2022-38983

The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution.

9.8CVSS9.6AI score0.00234EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.42 views

CVE-2022-41588

The home screen module has a vulnerability in service logic processing.Successful exploitation of this vulnerability may affect data integrity.

7.5CVSS7.5AI score0.00077EPSS
CVE
CVE
added 2022/11/09 9:15 p.m.42 views

CVE-2022-44555

The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable.

7.5CVSS7.4AI score0.00072EPSS
CVE
CVE
added 2022/11/09 9:15 p.m.42 views

CVE-2022-44562

The system framework layer has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.

9.8CVSS9.3AI score0.00193EPSS
CVE
CVE
added 2023/03/27 10:15 p.m.42 views

CVE-2023-26549

The SystemUI module has a vulnerability of repeated app restart due to improper parameters. Successful exploitation of this vulnerability may affect confidentiality.

7.5CVSS7.5AI score0.00094EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.41 views

CVE-2022-39005

The MPTCP module has the memory leak vulnerability. Successful exploitation of this vulnerability can cause memory leaks.

7.5CVSS7.5AI score0.00109EPSS
CVE
CVE
added 2022/11/09 9:15 p.m.41 views

CVE-2022-44557

The SmartTrimProcessEvent module has a vulnerability of obtaining the read and write permissions on arbitrary system files. Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.5AI score0.00071EPSS
CVE
CVE
added 2022/12/20 9:15 p.m.41 views

CVE-2022-46316

A thread security vulnerability exists in the authentication process. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability.

9.8CVSS9.4AI score0.00108EPSS
CVE
CVE
added 2023/02/09 5:15 p.m.41 views

CVE-2022-48286

The multi-screen collaboration module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.7AI score0.0007EPSS
CVE
CVE
added 2023/02/09 5:15 p.m.41 views

CVE-2022-48287

The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect data integrity.

7.5CVSS7.5AI score0.0004EPSS
CVE
CVE
added 2023/04/16 8:15 a.m.41 views

CVE-2022-48313

The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.

6.5CVSS6.4AI score0.00013EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.40 views

CVE-2022-38979

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.5AI score0.00125EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.40 views

CVE-2022-39009

The WLAN module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause third-party apps to affect WLAN functions.

9.8CVSS9.2AI score0.00127EPSS
CVE
CVE
added 2022/11/09 9:15 p.m.40 views

CVE-2022-44553

The HiView module has a vulnerability of not filtering third-party apps out when the HiView module traverses to invoke the system provider. Successful exploitation of this vulnerability may cause third-party apps to start periodically.

5.3CVSS5.2AI score0.00067EPSS
CVE
CVE
added 2023/02/09 5:15 p.m.40 views

CVE-2022-48296

The SystemUI has a vulnerability in permission management. Successful exploitation of this vulnerability may cause users to receive broadcasts from malicious apps, conveying false alarm information about external storage devices.

5.3CVSS5AI score0.00047EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.39 views

CVE-2022-38994

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.5AI score0.00125EPSS
CVE
CVE
added 2023/05/20 3:15 p.m.39 views

CVE-2023-1696

The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.5AI score0.00094EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.38 views

CVE-2022-38977

The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data.

7.5CVSS7.6AI score0.00108EPSS
CVE
CVE
added 2022/10/14 4:15 p.m.38 views

CVE-2022-41577

The kernel server has a vulnerability of not verifying the length of the data transferred in the user space.Successful exploitation of this vulnerability may cause out-of-bounds read in the kernel, which affects the device confidentiality and availability.

7.1CVSS6.6AI score0.00031EPSS
Total number of security vulnerabilities54