Harmonyos Security Vulnerabilities and Issues — Harmonyos CVE List

Lucene search

HuaweiHarmonyos

58 matches found

CVE•added 2024/02/18 3:15 a.m.•7037 views

CVE-2023-52363

Vulnerability of defects introduced in the design process in the Control Panel module.Successful exploitation of this vulnerability may cause app processes to be started by mistake.

6.3CVSS6.6AI score0.00038EPSS

CVE•added 2024/02/18 3:15 a.m.•6476 views

CVE-2023-52358

Vulnerability of configuration defects in some APIs of the audio module.Successful exploitation of this vulnerability may affect availability.

6.2CVSS6.7AI score0.00022EPSS

CVE•added 2024/04/08 10:15 a.m.•56 views

CVE-2023-52364

Vulnerability of input parameters being not strictly verified in the RSMC module.Impact: Successful exploitation of this vulnerability may cause out-of-bounds write.

6.3CVSS6.8AI score0.00043EPSS

CVE•added 2023/04/16 8:15 a.m.•54 views

CVE-2022-48314

The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.

6.5CVSS6.4AI score0.00013EPSS

CVE•added 2024/04/08 9:15 a.m.•52 views

CVE-2023-52543

Permission verification vulnerability in the system module.Impact: Successful exploitation of this vulnerability will affect availability.

6.2CVSS6.8AI score0.00018EPSS

CVE•added 2024/04/08 9:15 a.m.•51 views

CVE-2023-52554

Permission control vulnerability in the Bluetooth module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.

6.5CVSS6.8AI score0.00025EPSS

CVE•added 2025/04/07 4:15 a.m.•51 views

CVE-2025-31171

File read permission bypass vulnerability in the kernel file system moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.8CVSS6.5AI score0.00009EPSS

CVE•added 2024/06/14 8:15 a.m.•50 views

CVE-2024-36499

Vulnerability of unauthorized screenshot capturing in the WMS moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.8CVSS6.9AI score0.00028EPSS

CVE•added 2024/12/12 12:15 p.m.•50 views

CVE-2024-54101

Denial of service (DoS) vulnerability in the installation moduleImpact: Successful exploitation of this vulnerability will affect availability.

6.2CVSS6.9AI score0.00032EPSS

CVE•added 2024/04/08 9:15 a.m.•49 views

CVE-2023-52542

Permission verification vulnerability in the system module.Impact: Successful exploitation of this vulnerability will affect availability.

6.5CVSS6.8AI score0.00049EPSS

CVE•added 2023/03/27 10:15 p.m.•48 views

CVE-2022-48291

The Bluetooth module has an authentication bypass vulnerability in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.

6.5CVSS6.7AI score0.00015EPSS

CVE•added 2024/12/12 12:15 p.m.•48 views

CVE-2024-54102

Race condition vulnerability in the DDR moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.1CVSS6.9AI score0.0002EPSS

CVE•added 2022/07/12 2:15 p.m.•47 views

CVE-2022-34740

The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.

6.5CVSS6.7AI score0.00033EPSS

CVE•added 2023/02/09 5:15 p.m.•47 views

CVE-2022-48292

The Bluetooth module has an out-of-memory (OOM) vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

6.5CVSS6.5AI score0.00035EPSS

CVE•added 2023/01/06 8:15 p.m.•46 views

CVE-2022-47974

The Bluetooth AVRCP module has a vulnerability that can lead to DoS attacks.Successful exploitation of this vulnerability may cause the Bluetooth process to restart.

6.5CVSS6.4AI score0.00034EPSS

CVE•added 2024/09/04 3:15 a.m.•46 views

CVE-2024-8298

Memory request vulnerability in the memory management moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.2CVSS7.2AI score0.00022EPSS

CVE•added 2025/05/06 8:15 a.m.•46 views

CVE-2025-46590

Bypass vulnerability in the network search instruction authentication moduleImpact: Successful exploitation of this vulnerability can bypass authentication and enable access to some network search functions.

6.5CVSS7.2AI score0.0004EPSS

CVE•added 2023/03/27 10:15 p.m.•45 views

CVE-2022-48355

The Bluetooth module has a heap out-of-bounds read vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to crash.

6.5CVSS6.3AI score0.00037EPSS

CVE•added 2024/04/08 10:15 a.m.•45 views

CVE-2023-52385

Out-of-bounds write vulnerability in the RSMC module.Impact: Successful exploitation of this vulnerability will affect availability.

6.2CVSS6.8AI score0.00019EPSS

CVE•added 2025/05/06 8:15 a.m.•44 views

CVE-2025-46591

Out-of-bounds data read vulnerability in the authorization moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.2CVSS6.9AI score0.00009EPSS

CVE•added 2023/02/09 5:15 p.m.•43 views

CVE-2022-48293

The Bluetooth module has an OOM vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

6.5CVSS6.5AI score0.00035EPSS

CVE•added 2024/11/05 10:21 a.m.•43 views

CVE-2024-51525

Permission control vulnerability in the clipboard moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.2CVSS6.5AI score0.00017EPSS

CVE•added 2025/03/04 8:15 a.m.•43 views

CVE-2025-27521

Vulnerability of improper access permission in the process management moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.8CVSS6.6AI score0.00011EPSS

CVE•added 2022/07/12 2:15 p.m.•42 views

CVE-2022-34741

The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation.

6.5CVSS6.7AI score0.00033EPSS

CVE•added 2024/07/25 12:15 p.m.•42 views

CVE-2024-39674

Plaintext vulnerability in the Gallery search module.Impact: Successful exploitation of this vulnerability will affect availability.

6.2CVSS7.1AI score0.00013EPSS

CVE•added 2024/09/27 11:15 a.m.•42 views

CVE-2024-47292

Path traversal vulnerability in the Bluetooth moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.2CVSS7AI score0.00039EPSS

CVE•added 2023/04/16 8:15 a.m.•41 views

CVE-2022-48313

The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.

6.5CVSS6.4AI score0.00013EPSS

CVE•added 2024/08/08 10:15 a.m.•41 views

CVE-2024-42034

LaunchAnywhere vulnerability in the account module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.

6.6CVSS7AI score0.00021EPSS

CVE•added 2024/11/05 12:15 p.m.•41 views

CVE-2024-51530

LaunchAnywhere vulnerability in the account moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.6CVSS7AI score0.00026EPSS

CVE•added 2025/05/06 8:15 a.m.•41 views

CVE-2025-46587

Permission control vulnerability in the media library moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.2CVSS6.3AI score0.00009EPSS

CVE•added 2023/03/27 10:15 p.m.•39 views

CVE-2022-48354

The Bluetooth module has a heap out-of-bounds write vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to crash.

6.5CVSS6.5AI score0.00037EPSS

CVE•added 2024/07/25 12:15 p.m.•39 views

CVE-2024-39670

Privilege escalation vulnerability in the account synchronisation module.Impact: Successful exploitation of this vulnerability will affect availability.

6.2CVSS7.4AI score0.00021EPSS

CVE•added 2024/08/08 9:15 a.m.•39 views

CVE-2024-42030

Access permission verification vulnerability in the content sharing pop-up moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.2CVSS6.3AI score0.00023EPSS

CVE•added 2024/12/12 1:15 p.m.•39 views

CVE-2024-54122

Concurrent variable access vulnerability in the ability moduleImpact: Successful exploitation of this vulnerability may affect availability.

6.2CVSS6.3AI score0.00009EPSS

CVE•added 2025/01/08 4:15 a.m.•39 views

CVE-2024-56456

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine moduleImpact: Successful exploitation of this vulnerability may affect availability.

6.8CVSS6.9AI score0.00012EPSS

CVE•added 2025/05/06 8:15 a.m.•39 views

CVE-2024-58252

Vulnerability of insufficient information protection in the media library moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.2CVSS6.2AI score0.00009EPSS

CVE•added 2024/05/14 3:37 p.m.•38 views

CVE-2024-32996

Privilege escalation vulnerability in the account moduleImpact: Successful exploitation of this vulnerability will affect availability.

6.2CVSS7.1AI score0.00044EPSS

CVE•added 2024/11/05 9:15 a.m.•37 views

CVE-2024-51512

Vulnerability of parameter type not being verified in the WantAgent moduleImpact: Successful exploitation of this vulnerability may affect availability.

6.2CVSS6.9AI score0.00025EPSS

CVE•added 2025/06/06 7:15 a.m.•37 views

CVE-2025-48908

Ability Auto Startup service vulnerability in the foundation processImpact: Successful exploitation of this vulnerability may affect availability.

6.7CVSS6.9AI score0.00007EPSS

CVE•added 2024/08/08 8:15 a.m.•36 views

CVE-2023-7265

Permission verification vulnerability in the lock screen moduleImpact: Successful exploitation of this vulnerability may affect availability

6.2CVSS4.4AI score0.00021EPSS

CVE•added 2024/11/05 10:21 a.m.•36 views

CVE-2024-51522

Vulnerability of improper device information processing in the device management moduleImpact: Successful exploitation of this vulnerability may affect availability.

6.2CVSS6.8AI score0.00013EPSS

CVE•added 2025/06/06 7:15 a.m.•36 views

CVE-2025-48907

Deserialization vulnerability in the IPC moduleImpact: Successful exploitation of this vulnerability may affect availability.

6.2CVSS7.1AI score0.00009EPSS

CVE•added 2021/12/08 3:15 p.m.•35 views

CVE-2021-37039

There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause Bluetooth DoS.

6.5CVSS6.5AI score0.00052EPSS

CVE•added 2024/11/05 9:15 a.m.•35 views

CVE-2024-51515

Race condition vulnerability in the kernel network moduleImpact:Successful exploitation of this vulnerability may affect availability.

6.2CVSS6.3AI score0.00008EPSS

CVE•added 2025/03/04 8:15 a.m.•35 views

CVE-2024-58050

Vulnerability of improper access permission in the HDC moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.

6.2CVSS6.3AI score0.00011EPSS

CVE•added 2025/06/06 7:15 a.m.•35 views

CVE-2025-48902

Vulnerability of uncontrolled system resource applications in the setting moduleImpact: Successful exploitation of this vulnerability may affect availability.

6.6CVSS6.9AI score0.00007EPSS

CVE•added 2025/06/06 7:15 a.m.•35 views

CVE-2025-48904

Vulnerability that cards can call unauthorized APIs in the FRS processImpact: Successful exploitation of this vulnerability may affect availability.

6.2CVSS6.9AI score0.00007EPSS

CVE•added 2024/05/14 2:23 p.m.•34 views

CVE-2023-52721

The WindowManager module has a vulnerability in permission control.Impact: Successful exploitation of this vulnerability may affect confidentiality.

6.2CVSS6.8AI score0.00053EPSS

CVE•added 2025/01/08 4:15 a.m.•34 views

CVE-2024-56450

Buffer overflow vulnerability in the component driver moduleImpact: Successful exploitation of this vulnerability may affect availability.

6.3CVSS7.2AI score0.00011EPSS

CVE•added 2025/01/08 4:15 a.m.•34 views

CVE-2024-56453

Vulnerability of input parameters not being verified during glTF model loading in the 3D engine moduleImpact: Successful exploitation of this vulnerability may affect availability.

6.8CVSS6.9AI score0.00012EPSS

Total number of security vulnerabilities58