16 matches found
CVE-2022-48301
The bundle management module lacks permission verification in some APIs. Successful exploitation of this vulnerability may restore the pre-installed apps that have been uninstalled.
CVE-2022-48292
The Bluetooth module has an out-of-memory (OOM) vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48298
The geofencing kernel code does not verify the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access.
CVE-2022-48302
The AMS module has a vulnerability of lacking permission verification in APIs.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48289
The bundle management module lacks authentication and control mechanisms in some APIs. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48288
The bundle management module lacks authentication and control mechanisms in some APIs. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48290
The phone-PC collaboration module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect data confidentiality and integrity.
CVE-2022-48293
The Bluetooth module has an OOM vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48294
The IHwAttestationService interface has a defect in authentication. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48286
The multi-screen collaboration module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48287
The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect data integrity.
CVE-2022-48295
The IHwAntiMalPlugin interface lacks permission verification. Successful exploitation of this vulnerability can lead to filling problems (batch installation of applications).
CVE-2022-48299
The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48296
The SystemUI has a vulnerability in permission management. Successful exploitation of this vulnerability may cause users to receive broadcasts from malicious apps, conveying false alarm information about external storage devices.
CVE-2022-48300
The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48297
The geofencing kernel code has a vulnerability of not verifying the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access.