Lucene search

K
HuaweiHarmonyos

120 matches found

CVE
CVE
added 2024/02/18 4:15 a.m.5808 views

CVE-2023-52368

Input verification vulnerability in the account module.Successful exploitation of this vulnerability may cause features to perform abnormally.

5.3CVSS6.7AI score0.00067EPSS
CVE
CVE
added 2023/07/06 1:15 p.m.2478 views

CVE-2023-37238

Vulnerability of apps' permission to access a certain API being incompletely verified in the wireless projection module. Successful exploitation of this vulnerability may affect some wireless projection features.

5.3CVSS5.1AI score0.00057EPSS
CVE
CVE
added 2022/02/09 11:15 p.m.86 views

CVE-2021-40045

There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality.

5.5CVSS5.5AI score0.00053EPSS
CVE
CVE
added 2022/02/25 7:15 p.m.76 views

CVE-2021-22479

The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.

5.5CVSS5.3AI score0.00021EPSS
CVE
CVE
added 2022/02/25 7:15 p.m.75 views

CVE-2021-22441

Some Huawei products have an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.

5.5CVSS5.5AI score0.00021EPSS
CVE
CVE
added 2022/02/25 7:15 p.m.69 views

CVE-2021-22478

The interface of a certain HarmonyOS module has a UAF vulnerability. Successful exploitation of this vulnerability may lead to information leakage.

5.5CVSS5.3AI score0.00028EPSS
CVE
CVE
added 2022/06/13 3:15 p.m.68 views

CVE-2022-31755

The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.

5.5CVSS5.5AI score0.00056EPSS
CVE
CVE
added 2022/05/13 3:15 p.m.62 views

CVE-2021-46785

The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.

5.3CVSS5.1AI score0.00096EPSS
CVE
CVE
added 2022/06/13 3:15 p.m.58 views

CVE-2022-31756

The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.

5.5CVSS5.5AI score0.00029EPSS
CVE
CVE
added 2024/04/08 9:15 a.m.57 views

CVE-2023-52551

Vulnerability of data verification errors in the kernel module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.

5.3CVSS6.7AI score0.00016EPSS
CVE
CVE
added 2024/07/25 12:15 p.m.57 views

CVE-2023-7271

Privilege escalation vulnerability in the NMS moduleImpact: Successful exploitation of this vulnerability will affect availability.

5.5CVSS7.4AI score0.00021EPSS
CVE
CVE
added 2022/06/13 4:15 p.m.55 views

CVE-2021-46811

HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information.

5.3CVSS5.2AI score0.00082EPSS
CVE
CVE
added 2022/06/13 3:15 p.m.55 views

CVE-2022-31763

The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability.

5.5CVSS5.5AI score0.00019EPSS
CVE
CVE
added 2023/11/08 10:15 a.m.55 views

CVE-2023-46764

Unauthorized startup vulnerability of background apps. Successful exploitation of this vulnerability may cause background apps to start maliciously.

5.3CVSS5.2AI score0.00079EPSS
CVE
CVE
added 2022/06/13 3:15 p.m.54 views

CVE-2022-31751

The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.

5.5CVSS5.4AI score0.00067EPSS
CVE
CVE
added 2022/09/16 6:15 p.m.54 views

CVE-2022-39006

The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart.

5.9CVSS5.6AI score0.00087EPSS
CVE
CVE
added 2022/12/20 9:15 p.m.53 views

CVE-2022-46313

The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone.

5.3CVSS5.5AI score0.00038EPSS
CVE
CVE
added 2024/06/14 8:15 a.m.53 views

CVE-2024-36501

Memory management vulnerability in the boottime moduleImpact: Successful exploitation of this vulnerability can affect integrity.

5.6CVSS7.1AI score0.00047EPSS
CVE
CVE
added 2022/12/20 9:15 p.m.52 views

CVE-2022-41590

Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability.

5.5CVSS5.7AI score0.00005EPSS
CVE
CVE
added 2022/06/13 3:15 p.m.51 views

CVE-2022-31759

AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability.

5.5CVSS5.5AI score0.00021EPSS
CVE
CVE
added 2023/03/27 10:15 p.m.51 views

CVE-2022-48361

The Always On Display (AOD) has a path traversal vulnerability in theme files. Successful exploitation of this vulnerability may cause a failure in reading AOD theme resources.

5.3CVSS5.3AI score0.00076EPSS
CVE
CVE
added 2023/11/08 10:15 a.m.51 views

CVE-2022-48613

Race condition vulnerability in the kernel module. Successful exploitation of this vulnerability may cause variable values to be read with the condition evaluation bypassed.

5.9CVSS5.5AI score0.00042EPSS
CVE
CVE
added 2022/11/09 9:15 p.m.50 views

CVE-2022-44563

There is a race condition vulnerability in SD upgrade mode. Successful exploitation of this vulnerability may affect data confidentiality.

5.9CVSS5.8AI score0.00062EPSS
CVE
CVE
added 2024/06/14 8:15 a.m.49 views

CVE-2024-5465

Function vulnerabilities in the Calendar moduleImpact: Successful exploitation of this vulnerability will affect availability.

5.9CVSS7.2AI score0.00029EPSS
CVE
CVE
added 2021/10/28 1:15 p.m.48 views

CVE-2021-22471

A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.

5.5CVSS5.4AI score0.00021EPSS
CVE
CVE
added 2023/08/13 1:15 p.m.48 views

CVE-2023-39387

Vulnerability of permission control in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows.

5.3CVSS5.2AI score0.00057EPSS
CVE
CVE
added 2023/09/25 12:15 p.m.48 views

CVE-2023-41295

Vulnerability of improper permission management in the displayengine module. Successful exploitation of this vulnerability may cause the screen to turn dim.

5.3CVSS5.2AI score0.00086EPSS
CVE
CVE
added 2024/04/07 9:15 a.m.48 views

CVE-2023-52717

Permission verification vulnerability in the lock screen module.Impact: Successful exploitation of this vulnerability will affect availability.

5.3CVSS6.8AI score0.00063EPSS
CVE
CVE
added 2021/08/06 1:15 p.m.46 views

CVE-2021-22295

A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler.

5.5CVSS5.4AI score0.00018EPSS
CVE
CVE
added 2023/11/08 11:15 a.m.46 views

CVE-2023-46756

Permission control vulnerability in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows.

5.3CVSS5.2AI score0.00086EPSS
CVE
CVE
added 2025/05/06 8:15 a.m.46 views

CVE-2025-46592

Null pointer dereference vulnerability in the USB HDI driver moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS6.9AI score0.00009EPSS
CVE
CVE
added 2021/10/28 1:15 p.m.45 views

CVE-2021-22461

A component of the HarmonyOS has a Allocation of Resources Without Limits or Throttling vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.

5.5CVSS5.4AI score0.00021EPSS
CVE
CVE
added 2022/01/03 10:15 p.m.45 views

CVE-2021-39980

Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure.

5.3CVSS4.9AI score0.00111EPSS
CVE
CVE
added 2023/11/08 10:15 a.m.45 views

CVE-2023-46755

Vulnerability of input parameters being not strictly verified in the input. Successful exploitation of this vulnerability may cause the launcher to restart.

5.3CVSS5.1AI score0.00058EPSS
CVE
CVE
added 2024/09/04 3:15 a.m.45 views

CVE-2024-45444

Access permission verification vulnerability in the WMS moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

5.5CVSS7.1AI score0.00023EPSS
CVE
CVE
added 2021/10/28 1:15 p.m.44 views

CVE-2021-22463

A component of the HarmonyOS has a Use After Free vulnerability . Local attackers may exploit this vulnerability to cause Kernel Information disclosure.

5.5CVSS5.4AI score0.00029EPSS
CVE
CVE
added 2022/12/20 9:15 p.m.44 views

CVE-2022-46318

The HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in Settings.

5.3CVSS5.3AI score0.00064EPSS
CVE
CVE
added 2023/10/11 11:15 a.m.44 views

CVE-2023-44094

Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart.

5.3CVSS5.2AI score0.00032EPSS
CVE
CVE
added 2024/09/04 3:15 a.m.44 views

CVE-2024-45446

Access permission verification vulnerability in the camera driver moduleImpact: Successful exploitation of this vulnerability will affect availability.

5.5CVSS7.1AI score0.00021EPSS
CVE
CVE
added 2024/09/27 11:15 a.m.43 views

CVE-2024-47290

Input validation vulnerability in the USB service moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS5.5AI score0.00012EPSS
CVE
CVE
added 2024/12/12 12:15 p.m.43 views

CVE-2024-54096

Vulnerability of improper access control in the MTP moduleImpact: Successful exploitation of this vulnerability may affect integrity and accuracy.

5.5CVSS5.3AI score0.00009EPSS
CVE
CVE
added 2021/10/28 1:15 p.m.42 views

CVE-2021-22465

A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.

5.5CVSS5.5AI score0.00022EPSS
CVE
CVE
added 2021/10/28 1:15 p.m.42 views

CVE-2021-22466

A component of the HarmonyOS has a Use After Free vulnerability. Local attackers may exploit this vulnerability to cause kernel crash.

5.5CVSS5.3AI score0.00024EPSS
CVE
CVE
added 2022/01/03 10:15 p.m.42 views

CVE-2021-37132

PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability .Successful exploitation of this vulnerability may cause that Third-party apps can obtain the complete list of Harmony apps without permission.

5.3CVSS5.2AI score0.00084EPSS
CVE
CVE
added 2023/11/08 10:15 a.m.42 views

CVE-2023-46763

Vulnerability of background app permission management in the framework module. Successful exploitation of this vulnerability may cause background apps to start maliciously.

5.3CVSS5.2AI score0.00107EPSS
CVE
CVE
added 2024/11/05 9:15 a.m.42 views

CVE-2024-51513

Vulnerability of processes not being fully terminated in the VPN moduleImpact: Successful exploitation of this vulnerability will affect power consumption.

5.5CVSS6.9AI score0.00014EPSS
CVE
CVE
added 2025/05/06 8:15 a.m.42 views

CVE-2025-46593

Process residence vulnerability in abnormal scenarios in the print moduleImpact: Successful exploitation of this vulnerability may affect availability.

5.5CVSS6.9AI score0.00009EPSS
CVE
CVE
added 2021/10/28 1:15 p.m.41 views

CVE-2021-22455

A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause the memory which is not released.

5.5CVSS5.5AI score0.00061EPSS
CVE
CVE
added 2021/10/28 1:15 p.m.41 views

CVE-2021-22460

A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to bypass the control mechanism.

5.5CVSS5.4AI score0.00011EPSS
CVE
CVE
added 2021/10/28 1:15 p.m.41 views

CVE-2021-22467

A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address.

5.5CVSS5.3AI score0.00025EPSS
Total number of security vulnerabilities120