Harmonyos@2.1.0 Security Vulnerabilities and Issues — Page 2 of Harmonyos@2.1.0 CVE List

Lucene search

HuaweiHarmonyos2.1.0

177 matches found

CVE•added 2023/09/25 1:15 p.m.•49 views

CVE-2023-41303

Command injection vulnerability in the distributed file system module. Successful exploitation of this vulnerability may cause variables in the sock structure to be modified.

7.5CVSS7.6AI score0.00174EPSS

CVE•added 2023/10/11 12:15 p.m.•49 views

CVE-2023-44104

Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7.5AI score0.00069EPSS

CVE•added 2024/04/08 9:15 a.m.•49 views

CVE-2023-52539

Permission verification vulnerability in the Settings module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS6.8AI score0.00051EPSS

CVE•added 2024/04/08 9:15 a.m.•49 views

CVE-2023-52540

Vulnerability of improper authentication in the Iaware module.Impact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS7AI score0.00075EPSS

CVE•added 2024/04/08 9:15 a.m.•49 views

CVE-2023-52542

Permission verification vulnerability in the system module.Impact: Successful exploitation of this vulnerability will affect availability.

6.5CVSS6.8AI score0.00049EPSS

CVE•added 2024/04/07 9:15 a.m.•49 views

CVE-2024-30417

Path traversal vulnerability in the Bluetooth-based sharing module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS6.8AI score0.0014EPSS

CVE•added 2023/08/13 1:15 p.m.•48 views

CVE-2023-39387

Vulnerability of permission control in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows.

5.3CVSS5.2AI score0.00057EPSS

CVE•added 2023/09/25 1:15 p.m.•48 views

CVE-2023-41302

Redirection permission verification vulnerability in the home screen module. Successful exploitation of this vulnerability may cause features to perform abnormally.

7.5CVSS7.4AI score0.00149EPSS

CVE•added 2023/10/11 12:15 p.m.•48 views

CVE-2023-44111

Vulnerability of brute-force attacks on the device authentication module.Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7.6AI score0.0007EPSS

CVE•added 2024/06/14 8:15 a.m.•48 views

CVE-2024-36503

Memory management vulnerability in the Gralloc moduleImpact: Successful exploitation of this vulnerability will affect availability.

7.3CVSS7.1AI score0.00053EPSS

CVE•added 2024/08/08 10:15 a.m.•48 views

CVE-2024-42037

Vulnerability of uncaught exceptions in the Graphics moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

9.3CVSS6.9AI score0.00009EPSS

CVE•added 2023/02/09 5:15 p.m.•47 views

CVE-2022-48292

The Bluetooth module has an out-of-memory (OOM) vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

6.5CVSS6.5AI score0.00035EPSS

CVE•added 2023/08/13 1:15 p.m.•47 views

CVE-2023-39399

Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

9.1CVSS9AI score0.00066EPSS

CVE•added 2023/10/11 1:15 p.m.•47 views

CVE-2023-44119

Vulnerability of mutual exclusion management in the kernel module.Successful exploitation of this vulnerability will affect availability.

7.5CVSS7.3AI score0.00056EPSS

CVE•added 2024/04/08 9:15 a.m.•47 views

CVE-2023-52388

Permission control vulnerability in the clock module.Impact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS6.8AI score0.00062EPSS

CVE•added 2023/11/08 11:15 a.m.•46 views

CVE-2023-46756

Permission control vulnerability in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows.

5.3CVSS5.2AI score0.00086EPSS

CVE•added 2024/04/08 9:15 a.m.•46 views

CVE-2023-52544

Vulnerability of file path verification being bypassed in the email module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.

4.3CVSS6.8AI score0.00059EPSS

CVE•added 2024/04/08 9:15 a.m.•46 views

CVE-2023-52552

Input verification vulnerability in the power module.Impact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS6.8AI score0.00072EPSS

CVE•added 2024/06/14 8:15 a.m.•46 views

CVE-2024-36502

Out-of-bounds read vulnerability in the audio moduleImpact: Successful exploitation of this vulnerability will affect availability.

7.9CVSS7AI score0.00033EPSS

CVE•added 2023/03/27 10:15 p.m.•45 views

CVE-2022-48355

The Bluetooth module has a heap out-of-bounds read vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to crash.

6.5CVSS6.3AI score0.00037EPSS

CVE•added 2023/11/08 10:15 a.m.•45 views

CVE-2023-46755

Vulnerability of input parameters being not strictly verified in the input. Successful exploitation of this vulnerability may cause the launcher to restart.

5.3CVSS5.1AI score0.00058EPSS

CVE•added 2023/11/08 11:15 a.m.•45 views

CVE-2023-46758

Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device.

7.5CVSS7.5AI score0.00114EPSS

CVE•added 2024/09/04 3:15 a.m.•45 views

CVE-2024-45443

Directory traversal vulnerability in the cust moduleImpact: Successful exploitation of this vulnerability will affect availability and confidentiality.

9.1CVSS7AI score0.00139EPSS

CVE•added 2024/09/04 3:15 a.m.•45 views

CVE-2024-45444

Access permission verification vulnerability in the WMS moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

5.5CVSS7.1AI score0.00023EPSS

CVE•added 2023/08/13 12:15 p.m.•44 views

CVE-2023-39383

Vulnerability of input parameters being not strictly verified in the AMS module. Successful exploitation of this vulnerability may compromise apps' data security.

7.5CVSS7.4AI score0.00059EPSS

CVE•added 2023/08/13 1:15 p.m.•44 views

CVE-2023-39401

Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

9.1CVSS9.1AI score0.00102EPSS

CVE•added 2023/10/11 11:15 a.m.•44 views

CVE-2023-44094

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart.

5.3CVSS5.2AI score0.00032EPSS

CVE•added 2024/04/07 9:15 a.m.•44 views

CVE-2024-30416

Use After Free (UAF) vulnerability in the underlying driver module.Impact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS6.9AI score0.00084EPSS

CVE•added 2024/09/04 3:15 a.m.•44 views

CVE-2024-45446

Access permission verification vulnerability in the camera driver moduleImpact: Successful exploitation of this vulnerability will affect availability.

5.5CVSS7.1AI score0.00021EPSS

CVE•added 2023/02/09 5:15 p.m.•43 views

CVE-2022-48293

The Bluetooth module has an OOM vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

6.5CVSS6.5AI score0.00035EPSS

CVE•added 2023/03/27 10:15 p.m.•43 views

CVE-2022-48346

The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect confidentiality.

7.5CVSS7.5AI score0.00085EPSS

CVE•added 2023/03/27 10:15 p.m.•43 views

CVE-2022-48360

The facial recognition module has a vulnerability in file permission control. Successful exploitation of this vulnerability may affect confidentiality.

7.5CVSS7.5AI score0.0008EPSS

CVE•added 2024/02/18 7:15 a.m.•43 views

CVE-2022-48621

Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7AI score0.00042EPSS

CVE•added 2023/11/08 9:15 a.m.•43 views

CVE-2023-44098

Vulnerability of missing encryption in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7.4AI score0.0007EPSS

CVE•added 2024/09/27 11:15 a.m.•43 views

CVE-2024-47290

Input validation vulnerability in the USB service moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS5.5AI score0.00012EPSS

CVE•added 2024/12/12 12:15 p.m.•43 views

CVE-2024-54096

Vulnerability of improper access control in the MTP moduleImpact: Successful exploitation of this vulnerability may affect integrity and accuracy.

5.5CVSS5.3AI score0.00009EPSS

CVE•added 2024/12/12 12:15 p.m.•43 views

CVE-2024-54098

Service logic error vulnerability in the system service moduleImpact: Successful exploitation of this vulnerability may affect service integrity.

8.5CVSS8.4AI score0.00058EPSS

CVE•added 2023/08/13 12:15 p.m.•42 views

CVE-2023-39382

Input verification vulnerability in the audio module. Successful exploitation of this vulnerability may cause virtual machines (VMs) to restart.

7.5CVSS7.4AI score0.00072EPSS

CVE•added 2023/10/11 12:15 p.m.•42 views

CVE-2023-44101

The Bluetooth module has a vulnerability in permission control for broadcast notifications.Successful exploitation of this vulnerability may affect confidentiality.

7.5CVSS7.5AI score0.00071EPSS

CVE•added 2023/10/11 1:15 p.m.•42 views

CVE-2023-44105

Vulnerability of permissions not being strictly verified in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormally.

9.8CVSS9.3AI score0.00074EPSS

CVE•added 2023/11/08 10:15 a.m.•42 views

CVE-2023-46763

Vulnerability of background app permission management in the framework module. Successful exploitation of this vulnerability may cause background apps to start maliciously.

5.3CVSS5.2AI score0.00107EPSS

CVE•added 2024/05/14 3:37 p.m.•42 views

CVE-2024-32997

Race condition vulnerability in the binder driver moduleImpact: Successful exploitation of this vulnerability will affect availability.

8.4CVSS6.8AI score0.00034EPSS

CVE•added 2024/07/25 12:15 p.m.•42 views

CVE-2024-39674

Plaintext vulnerability in the Gallery search module.Impact: Successful exploitation of this vulnerability will affect availability.

6.2CVSS7.1AI score0.00013EPSS

CVE•added 2024/09/27 11:15 a.m.•42 views

CVE-2024-47292

Path traversal vulnerability in the Bluetooth moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.2CVSS7AI score0.00039EPSS

CVE•added 2024/12/12 12:15 p.m.•42 views

CVE-2024-54100

Vulnerability of improper access control in the secure input moduleImpact: Successful exploitation of this vulnerability may cause features to perform abnormally.

7.5CVSS6.3AI score0.00046EPSS

CVE•added 2023/04/16 8:15 a.m.•41 views

CVE-2022-48313

The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.

6.5CVSS6.4AI score0.00013EPSS

CVE•added 2023/08/13 12:15 p.m.•41 views

CVE-2023-39389

Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability.

7.5CVSS7.4AI score0.00094EPSS

CVE•added 2023/08/13 1:15 p.m.•41 views

CVE-2023-39403

Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

9.1CVSS9AI score0.00057EPSS

CVE•added 2023/10/11 12:15 p.m.•41 views

CVE-2023-44106

API permission management vulnerability in the Fwk-Display module.Successful exploitation of this vulnerability may cause features to perform abnormally.

9.8CVSS9.2AI score0.00084EPSS

CVE•added 2023/10/11 11:15 a.m.•41 views

CVE-2023-44109

Clone vulnerability in the huks ta module.Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7.5AI score0.00157EPSS

Total number of security vulnerabilities177