276 matches found
CVE-2022-31757
Technical details, affected products, and remediation are not publicly provided in the supplied documents. Monitor updates from Red Hat, NVD, and other sources for concrete impact and fixes.
CVE-2022-22253
CVE-2022-22253 affects Huawei HarmonyOS’s DFX module , where an vulnerability stems from improper validation of integrity check values . This can lead to system instability if exploitable. Connected sources (Red Hat, NVD, CNVD, etc.) reiterate the same description without detailing a specific pat...
CVE-2022-22256
CVE-2022-22256 affects Huawei HarmonyOS, specifically the DFX module, which has an access control error. The vulnerability arises from inadequate restriction of resources to unauthorized roles, with potential impact on data confidentiality. Public references in the dataset describe the issue cons...
CVE-2021-40045
CVE-2021-40045 concerns Huawei HarmonyOS (Wearables recovery upgrade system) where the signature verification mechanism can fail during system upgrade in recovery mode. The underlying vulnerability is a signature verification failure that can affect confidentiality of service. The NVD entry notes...
CVE-2021-22434
CVE-2021-22434 is described as a memory address out-of-bounds vulnerability in smartphones that can enable malicious code execution. Public records reference Huawei HarmonyOS and Huawei bulletin updates as mitigation, indicating the issue affected HarmonyOS-based devices and was addressed in vend...
CVE-2021-22432
CVE-2021-22432 affects Huawei HarmonyOS smartphones where a vulnerability in permission isolation can lead to out-of-bounds access. Connected sources cite a Huawei HarmonyOS buffer error vulnerability in some products; however, detailed affected versions, vulnerable component specifics, exploit i...
CVE-2021-40044
CVE-2021-40044 involves a permission verification vulnerability in the Bluetooth module, with Huawei EMUI as the affected context. The underlying issue is in the Bluetooth permission check, enabling unauthorized operations if exploited. NVD lists CVSSv3.1 base score 8.8 (HIGH) with adjacent attac...
CVE-2021-40047
The CVE-2021-40047 entry relates to Huawei EMUI and Magic UI Bastet modules, where a memory is not released after its effective lifetime. The vulnerability affects the Bastet component and may impact integrity if exploited. Exploitation details, affected versions, and a remediation/patch are not ...
CVE-2021-22394
CVE-2021-22394 concerns a buffer overflow in HarmonyOS smartphones that may cause DoS of apps during Multi-Screen Collaboration. The Connected documents corroborate a buffer-overflow issue affecting smartphones, but do not provide concrete patched versions, vulnerable component details, exploit s...
CVE-2021-40055
CVE-2021-40055 describes a man-in-the-middle attack vulnerability during system update download in recovery mode that can compromise integrity. Connected records corroborate this as a MITM issue affecting Huawei EMUI and Magic UI (Android-based). The NVD details indicate impact to integrity (I) a...
CVE-2021-40059
CVE-2021-40059 is linked to Huawei Huawei Emui and Magic UI Wi-Fi modules, with a privilege control vulnerability in the Wi‑Fi component. CNVD-2022-20299 describes a privilege control flaw that could be exploited by attackers to obtain sensitive information from these Wi‑Fi modules, indicating th...
CVE-2021-40052
The connected CNVD-2022-20292 and CNNVD-202203-984 entries indicate Huawei EMUI and Magic UI are affected by an incorrect buffer size calculation vulnerability in the video framework, described as impacting usability. No specific affected versions are provided in these documents. A PT-2022-11173 ...
CVE-2021-40054
CVE-2021-40054 corresponds to an integer underflow in the atcmdserver module reported in Huawei Emui and Magic UI environments (atcmdserver). The vulnerability affects integrity and has a high severity in CVSS terms (network vector, low attack complexity, no privileges required, no user interacti...
CVE-2021-22431
CVE-2021-22431 describes a vulnerability in Huawei HarmonyOS smartphones where misconfiguration of permission isolation can lead to out-of-bounds access. Red Hat/RedHat-like and other feeds corroborate the issue across multiple sources; the vulnerability affects HarmonyOS-based devices and is cha...
CVE-2021-37103
CVE-2021-37103 involves an improper permission management vulnerability in Huawei HUAWEI EMUI/Magic UI Wallet apps (UIWallet). The root cause described across connected records is incorrect handling of privileges by the Wallet UI components, potentially enabling confidentiality impacts on service...
CVE-2021-40049
Technical details (affected products, vulnerable components, root cause, and fixes) are not provided in the supplied documents; monitor vendor advisories for updates.
CVE-2021-40053
CVE-2021-40053 affects Huawei EMUI and Huawei Magic UI Nearby modules. Connected CNVD entry describes vulnerability as an authorization issue in the Nearby module, with potential impact to availability and integrity. Other sources similarly reference a permissions/control weakness in the Nearby m...
CVE-2022-22257
CVE-2022-22257 affects Huawei HarmonyOS through the customization framework, with root cause described as improper permission control/improper privilege restrictions. Multiple connected sources (NVD, Red Hat, CNVD and others) describe potential impact to data/system integrity but do not provide p...
CVE-2022-22258
CVE-2022-22258 (Huawei HarmonyOS) concerns a privilege-elevation flaw in the Wi‑Fi module’s event notification path. The vulnerability could allow third-party apps to intercept event notifications and inject information, enabling elevation of privilege. Connected sources describe the issue as a w...
CVE-2021-22395
The CVE-2021-22395 item describes a code-injection vulnerability in Huawei HarmonyOS smartphones. Connected sources confirm impact on confidentiality and identify Huawei HarmonyOS as affected (some Huawei products). NVD metrics show a CVSS v3.1 base score of 7.5 (Network, Low attack complexity, N...
CVE-2021-22433
CVE-2021-22433 concerns a memory address out-of-bounds (buffer error) vulnerability associated with Huawei HarmonyOS devices and related smartphone implementations. Reported impact across sources is potential arbitrary code execution upon successful exploitation, with exploit details not provided...
CVE-2021-22448
The CVE-2021-22448 entry concerns an improper verification vulnerability described as allowing unauthorized read/write of certain files in smartphones. Connected documents specifically relate Huawei EMUI and Magic UI on Android, indicating affected platforms likely include Huawei-derived Android ...
CVE-2021-40051
Technical details (affected products, versions, root cause, exploits, or fixes) are not publicly provided in the connected documents for CVE-2021-40051. Monitor for updates.
CVE-2021-22429
CVE-2021-22429 affects Huawei HarmonyOS smartphones/tablets with a memory address out-of-bounds error. The vulnerability, if exploited, could allow malicious code execution. Public references (Huawei HarmonyOS bulletins, Red Hat/Red Hat advisory, NVD) confirm the issue but the supplied documents ...
CVE-2021-40048
CVE-2021-40048 is described as an incorrect buffer size calculation vulnerability in the video framework. The available connected documents corroborate this description, noting impact to availability. The NVD entry lists a high CVSS score (3.1: 7.5, AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and specif...
CVE-2021-22430
CVE-2021-22430 describes a logic bypass in Huawei HarmonyOS affecting phones and tablets, enabling a code injection condition. Connected sources indicate HarmonyOS-derived vulnerabilities with potential for arbitrary code execution, but the documents do not specify affected versions, exact vulner...
CVE-2021-40015
CVE-2021-40015 concerns a race condition in the binder driver subsystem of the kernel, with Huawei HarmonyOS Wearables kernel references appearing in connected sources. The vulnerability is described as potentially affecting kernel stability upon successful exploitation. Connected documents confi...
CVE-2021-40057
CVE-2021-40057 is linked to Huawei EMUI/Magic UI video framework and is described in connected documents as a heap-based and stack-based buffer overflow vulnerability that can impact availability. The affected product surface is Huawei EMUI and Magic UI video framework; root cause details are not...
CVE-2021-22319
CVE-2021-22319 affects Huawei HarmonyOS smartphones. The connected sources confirm an input validation/improper verification vulnerability in HarmonyOS components, which can lead to integer overflows. Root cause appears to be validation checks not properly handling edge cases, enabling overflow c...
CVE-2021-37027
CVE-2021-37027 is a DoS vulnerability reported across multiple feeds affecting Huawei EMUI/Magic UI on Android smartphones. Descriptions consistently state that exploitation may disrupt service availability and compromise service integrity. Public documents do not provide specific vulnerable comp...
CVE-2021-40061
CVE-2021-40061 : Type confusion in the Bastet module causes resource access via an incompatible type, with reported impact to integrity. Connected documents confirm the vulnerability name and general root cause but do not provide concrete exploit vectors, affected versions, or remediation steps. ...
CVE-2021-40060
The vulnerability (CVE-2021-40060) affects Huawei EMUI and Magic UI on Android, specifically the video framework’s heap-based buffer overflow.Root cause: heap-based overflow in the video framework. Impact: could affect availability. No exploitation details or explicit fixes are provided in the co...
CVE-2021-40064
CVE-2021-40064 is linked in connected documents to Huawei EMUI and Magic UI (Android-based) with a heap-based buffer overflow in system components. The root cause described across CNVD/CNNVD and Red Hat entries is a heap overflow that can affect stability/availability, potentially enabling a deni...
CVE-2022-31753
The CVE-2022-31753 entry describes a vulnerability in the voice wakeup module where externally-controlled format strings can be exploited, potentially impacting system availability. Connected sources attribute the issue to Huawei/HarmonyOS implementations (notably HarmonyOS 2.0) and reiterate tha...
CVE-2022-29793
CVE-2022-29793 concerns Huawei HarmonyOS activation-lock configuration defect. The vulnerability allows a network-accessible attacker to cause denial of service by impacting the activation-lock mechanism, leading to application availability degradation. Public details across sources confirm the d...
CVE-2021-22335
CVE-2021-22335 describes a memory buffer issue in Huawei Smartphone (Huawei EMUI/Magic UI). The vulnerability, labeled as memory buffer improper operation limit (also reflected as a heap overflow in several sources), can cause exceptions in image processing when exploited locally. Connected docum...
CVE-2021-22426
CVE-2021-22426 describes a memory address out-of-bounds (buffer error) vulnerability in smartphones, with multiple sources noting potential for malicious code execution upon successful exploitation. The connected documents identify Huawei HarmonyOS as affected (Huawei/HarmonyOS context) and refer...
CVE-2021-40058
CVE-2021-40058 describes a heap-based buffer overflow vulnerability in Huawei EMUI/Magic UI video framework. Evidence across connected documents shows the flaw is located in the video framework’s code path, with exploitation potentially impacting availability. The CVE entry itself notes the vulne...
CVE-2021-40063
Technical details for CVE-2021-40063 are not publicly available in the provided documents. Monitor for updates.
CVE-2021-46742
The CVE-2021-46742 entry concerns Huawei HarmonyOS’s multi-window module, where unauthorized insertion and tampering of Settings.Secure data could affect availability. Public details in the documents indicate this affects HarmonyOS components related to the multi-window module, with no explicit e...
CVE-2021-46787
Summary: CVE-2021-46787 affects the AMS module of Huawei/HarmonyOS, where an improper permission control could let non-system processes crash. The vulnerability is documented across multiple feeds (including OSV Ubuntu, CNVD, CNNVD, and Nessus plugins) with consistent description of the AMS modul...
CVE-2021-22489
Technical details about CVE-2021-22489 are not publicly provided in the supplied documents. Information is limited to a generic DoS description; monitor for updates from Red Hat, NVD, ENISA/EUVD and related vendors.
CVE-2022-31762
The CVE-2022-31762 entry concerns the AMS module with an input validation vulnerability that can lead to privilege escalation. Based on the documents, the vulnerability is local with low attack complexity; potential impacts include confidentiality, integrity, and availability being partially/high...
CVE-2021-46786
CVE-2021-46786 relates to Huawei/HarmonyOS, specifically the audio module in the HarmonyOS kernel. Connected sources describe a vulnerability where the audio component fails to properly verify parameters passed from the application space, leading to out-of-bounds memory access. The issue is frame...
CVE-2021-40056
The CVE-2021-40056 entry concerns Huawei EMUI/Magic UI where the video framework copies an input buffer without verifying its size, leading to a denial-of-service condition (availability impact). Connected CNVD-2022-20298 describes the same root cause in Huawei EMUI and Magic UI. Specific affecte...
CVE-2021-22437
Huawei EMUI and Magic UI (Android-based) are affected by a software integer overflow that creates a TOCTOU condition, potentially allowing random address access on compromised devices. The issue concerns the kernel/app logic leading to this overflow and is described consistently across multiple s...
CVE-2021-46741
Technical details about CVE-2021-46741 are not publicly available in the provided documents. Monitor for updates from vendors and security bulletins to determine affected products, impact, and fixes.
CVE-2021-46814
The CVE-2021-46814 entry concerns Huawei HarmonyOS’ video framework, described as having an out-of-bounds memory read/write vulnerability that can affect system availability when exploited. Connected sources corroborate a vulnerability in the video framework with out-of-bounds memory access as th...
CVE-2022-31755
CVE-2022-31755 affects Huawei HarmonyOS in the communication module, where improper permission preservation enables conditions that may impact system availability. The connected sources consistently describe the issue as a permission retention flaw in the communication module, without specifying ...
CVE-2022-31758
CVE-2022-31758 involves a race-condition in the kernel module that can affect data confidentiality. The core issue is a race condition in the kernel module, as reported by NVD/Red Hat/CVE lists and Huawei/ENISA/CNVD references. Impact is described as potential data confidentiality breach; attack ...