Harmonyos@3.0.0 Security Vulnerabilities and Issues — Page 3 of Harmonyos@3.0.0 CVE List

Lucene search

HuaweiHarmonyos3.0.0

312 matches found

CVE•added 2023/09/27 3:19 p.m.•48 views

CVE-2023-41305

Vulnerability of 5G messages being sent without being encrypted in a VPN environment in the SMS message module. Successful exploitation of this vulnerability may affect confidentiality.

7.5CVSS7.4AI score0.00096EPSS

CVE•added 2023/10/11 12:15 p.m.•48 views

CVE-2023-44110

Out-of-bounds access vulnerability in the audio module.Successful exploitation of this vulnerability may affect availability.

4.3CVSS4.7AI score0.00022EPSS

CVE•added 2023/10/11 12:15 p.m.•48 views

CVE-2023-44111

Vulnerability of brute-force attacks on the device authentication module.Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7.6AI score0.0007EPSS

CVE•added 2023/11/08 10:15 a.m.•48 views

CVE-2023-46760

Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.

7.5CVSS7.4AI score0.00134EPSS

CVE•added 2023/11/08 3:15 a.m.•48 views

CVE-2023-46770

Out-of-bounds vulnerability in the sensor module. Successful exploitation of this vulnerability may cause mistouch prevention errors on users' mobile phones.

7.5CVSS7.5AI score0.00134EPSS

CVE•added 2024/04/07 9:15 a.m.•48 views

CVE-2023-52717

Permission verification vulnerability in the lock screen module.Impact: Successful exploitation of this vulnerability will affect availability.

5.3CVSS6.8AI score0.00063EPSS

CVE•added 2024/06/14 8:15 a.m.•48 views

CVE-2024-36503

Memory management vulnerability in the Gralloc moduleImpact: Successful exploitation of this vulnerability will affect availability.

7.3CVSS7.1AI score0.00053EPSS

CVE•added 2024/08/08 10:15 a.m.•48 views

CVE-2024-42037

Vulnerability of uncaught exceptions in the Graphics moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

9.3CVSS6.9AI score0.00009EPSS

CVE•added 2024/08/08 10:15 a.m.•48 views

CVE-2024-42038

Vulnerability of PIN enhancement failures in the screen lock moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.

8.8CVSS6.9AI score0.00022EPSS

CVE•added 2023/02/09 5:15 p.m.•47 views

CVE-2022-48292

The Bluetooth module has an out-of-memory (OOM) vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

6.5CVSS6.5AI score0.00035EPSS

CVE•added 2023/02/09 5:15 p.m.•47 views

CVE-2022-48298

The geofencing kernel code does not verify the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access.

7.5CVSS7.5AI score0.00081EPSS

CVE•added 2023/08/13 1:15 p.m.•47 views

CVE-2023-39399

Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

9.1CVSS9AI score0.00066EPSS

CVE•added 2023/10/11 1:15 p.m.•47 views

CVE-2023-44119

Vulnerability of mutual exclusion management in the kernel module.Successful exploitation of this vulnerability will affect availability.

7.5CVSS7.3AI score0.00056EPSS

CVE•added 2024/04/08 9:15 a.m.•47 views

CVE-2023-52388

Permission control vulnerability in the clock module.Impact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS6.8AI score0.00062EPSS

CVE•added 2024/09/27 11:15 a.m.•47 views

CVE-2024-47293

Out-of-bounds write vulnerability in the HAL-WIFI moduleImpact: Successful exploitation of this vulnerability may affect availability.

7.5CVSS7AI score0.00038EPSS

CVE•added 2022/12/20 9:15 p.m.•46 views

CVE-2022-46314

The IPC module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.

7.5CVSS7.5AI score0.00102EPSS

CVE•added 2023/03/27 10:15 p.m.•46 views

CVE-2022-48350

The HUAWEI Messaging app has a vulnerability of unauthorized file access. Successful exploitation of this vulnerability may affect confidentiality.

7.5CVSS7.5AI score0.0008EPSS

CVE•added 2023/03/27 10:15 p.m.•46 views

CVE-2022-48351

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.5AI score0.00098EPSS

CVE•added 2023/03/27 10:15 p.m.•46 views

CVE-2022-48352

Some smartphones have data initialization issues. Successful exploitation of this vulnerability may cause a system panic.

7.5CVSS7.5AI score0.00098EPSS

CVE•added 2023/03/27 10:15 p.m.•46 views

CVE-2022-48358

The BatteryHealthActivity has a redirection vulnerability. Successful exploitation of this vulnerability by a malicious app can cause service exceptions.

7.4CVSS7.4AI score0.00058EPSS

CVE•added 2023/03/27 10:15 p.m.•46 views

CVE-2023-26548

The pgmng module has a vulnerability in serialization/deserialization. Successful exploitation of this vulnerability may affect availability.

7.5CVSS7.5AI score0.00112EPSS

CVE•added 2023/10/11 1:15 p.m.•46 views

CVE-2023-44114

Out-of-bounds array vulnerability in the dataipa module.Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS7.5AI score0.00081EPSS

CVE•added 2023/11/08 11:15 a.m.•46 views

CVE-2023-46756

Permission control vulnerability in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows.

5.3CVSS5.2AI score0.00086EPSS

CVE•added 2023/11/08 10:15 a.m.•46 views

CVE-2023-46761

Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.

7.5CVSS7.4AI score0.00134EPSS

CVE•added 2024/04/08 9:15 a.m.•46 views

CVE-2023-52544

Vulnerability of file path verification being bypassed in the email module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.

4.3CVSS6.8AI score0.00059EPSS

CVE•added 2024/04/08 9:15 a.m.•46 views

CVE-2023-52552

Input verification vulnerability in the power module.Impact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS6.8AI score0.00072EPSS

CVE•added 2024/06/14 8:15 a.m.•46 views

CVE-2024-36502

Out-of-bounds read vulnerability in the audio moduleImpact: Successful exploitation of this vulnerability will affect availability.

7.9CVSS7AI score0.00033EPSS

CVE•added 2024/08/08 10:15 a.m.•46 views

CVE-2024-42036

Access permission verification vulnerability in the Notepad moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.5CVSS6.9AI score0.00042EPSS

CVE•added 2022/11/09 9:15 p.m.•45 views

CVE-2022-44559

The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.

9.8CVSS9.4AI score0.00225EPSS

CVE•added 2023/02/09 5:15 p.m.•45 views

CVE-2022-48302

The AMS module has a vulnerability of lacking permission verification in APIs.Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.5AI score0.00069EPSS

CVE•added 2023/03/27 10:15 p.m.•45 views

CVE-2022-48348

The MediaProvider module has a vulnerability of unauthorized data read. Successful exploitation of this vulnerability may affect confidentiality and integrity.

9.1CVSS9AI score0.00095EPSS

CVE•added 2023/03/27 10:15 p.m.•45 views

CVE-2022-48355

The Bluetooth module has a heap out-of-bounds read vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to crash.

6.5CVSS6.3AI score0.00037EPSS

CVE•added 2023/08/13 1:15 p.m.•45 views

CVE-2023-39391

Vulnerability of system file information leakage in the USB Service module. Successful exploitation of this vulnerability may affect confidentiality.

7.5CVSS7.3AI score0.00081EPSS

CVE•added 2023/09/25 1:15 p.m.•45 views

CVE-2023-41300

Vulnerability of parameters not being strictly verified in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.

7.5CVSS7.4AI score0.00134EPSS

CVE•added 2023/10/11 12:15 p.m.•45 views

CVE-2023-44095

Use-After-Free (UAF) vulnerability in the surfaceflinger module.Successful exploitation of this vulnerability can cause system crash.

7.5CVSS7.5AI score0.00072EPSS

CVE•added 2023/11/08 10:15 a.m.•45 views

CVE-2023-46755

Vulnerability of input parameters being not strictly verified in the input. Successful exploitation of this vulnerability may cause the launcher to restart.

5.3CVSS5.1AI score0.00058EPSS

CVE•added 2023/11/08 11:15 a.m.•45 views

CVE-2023-46758

Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device.

7.5CVSS7.5AI score0.00114EPSS

CVE•added 2024/04/08 10:15 a.m.•45 views

CVE-2023-52385

Out-of-bounds write vulnerability in the RSMC module.Impact: Successful exploitation of this vulnerability will affect availability.

6.2CVSS6.8AI score0.00019EPSS

CVE•added 2024/04/07 9:15 a.m.•45 views

CVE-2024-30418

Vulnerability of insufficient permission verification in the app management module.Impact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS6.8AI score0.00072EPSS

CVE•added 2024/09/04 3:15 a.m.•45 views

CVE-2024-45443

Directory traversal vulnerability in the cust moduleImpact: Successful exploitation of this vulnerability will affect availability and confidentiality.

9.1CVSS7AI score0.00139EPSS

CVE•added 2024/09/04 3:15 a.m.•45 views

CVE-2024-45444

Access permission verification vulnerability in the WMS moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

5.5CVSS7.1AI score0.00023EPSS

CVE•added 2025/02/06 1:15 p.m.•45 views

CVE-2024-57960

Input verification vulnerability in the ExternalStorageProvider moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

7.7CVSS7.6AI score0.0003EPSS

CVE•added 2023/02/09 5:15 p.m.•44 views

CVE-2022-48289

The bundle management module lacks authentication and control mechanisms in some APIs. Successful exploitation of this vulnerability may affect data confidentiality.

7.5CVSS7.6AI score0.0007EPSS

CVE•added 2023/08/13 12:15 p.m.•44 views

CVE-2023-39383

Vulnerability of input parameters being not strictly verified in the AMS module. Successful exploitation of this vulnerability may compromise apps' data security.

7.5CVSS7.4AI score0.00059EPSS

CVE•added 2023/08/13 12:15 p.m.•44 views

CVE-2023-39392

Vulnerability of insecure signatures in the OsuLogin module. Successful exploitation of this vulnerability may cause OsuLogin to be maliciously modified and overwritten.

7.5CVSS7.4AI score0.00027EPSS

CVE•added 2023/08/13 1:15 p.m.•44 views

CVE-2023-39401

Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

9.1CVSS9.1AI score0.00102EPSS

CVE•added 2023/10/11 11:15 a.m.•44 views

CVE-2023-44094

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart.

5.3CVSS5.2AI score0.00032EPSS

CVE•added 2023/11/08 10:15 a.m.•44 views

CVE-2023-46767

Out-of-bounds write vulnerability in the kernel driver module. Successful exploitation of this vulnerability may cause process exceptions.

7.5CVSS7.4AI score0.00175EPSS

CVE•added 2024/04/07 9:15 a.m.•44 views

CVE-2024-30416

Use After Free (UAF) vulnerability in the underlying driver module.Impact: Successful exploitation of this vulnerability will affect availability.

7.5CVSS6.9AI score0.00084EPSS

CVE•added 2024/08/08 10:15 a.m.•44 views

CVE-2024-42033

Access control vulnerability in the security verification modulempact: Successful exploitation of this vulnerability will affect integrity and confidentiality.

7.1CVSS7AI score0.00013EPSS

Total number of security vulnerabilities312