Filtered by vendor Huawei
Subscribe
Search
Total
644 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-48297 | 1 Huawei | 2 Emui, Harmonyos | 2023-08-08 | N/A | 7.5 HIGH |
| The geofencing kernel code has a vulnerability of not verifying the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access. | |||||
| CVE-2021-39969 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2022-48286 | 1 Huawei | 2 Emui, Harmonyos | 2023-08-08 | N/A | 7.5 HIGH |
| The multi-screen collaboration module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-48302 | 1 Huawei | 2 Emui, Harmonyos | 2023-08-08 | N/A | 7.5 HIGH |
| The AMS module has a vulnerability of lacking permission verification in APIs.Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-48298 | 1 Huawei | 2 Emui, Harmonyos | 2023-08-08 | N/A | 7.5 HIGH |
| The geofencing kernel code does not verify the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access. | |||||
| CVE-2022-22254 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2021-40012 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality. | |||||
| CVE-2021-40051 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality. | |||||
| CVE-2021-40005 | 1 Huawei | 1 Harmonyos | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2021-37133 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| There is an Unauthorized file access vulnerability in Smartphones.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2022-44550 | 1 Huawei | 2 Emui, Harmonyos | 2023-08-08 | N/A | 7.5 HIGH |
| The graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2022-44549 | 1 Huawei | 2 Emui, Harmonyos | 2023-08-08 | N/A | 7.5 HIGH |
| The LBS module has a vulnerability in geofencing API access. Successful exploitation of this vulnerability may cause third-party apps to access the geofencing APIs without authorization, affecting user confidentiality. | |||||
| CVE-2021-39971 | 1 Huawei | 1 Harmonyos | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Password vault has a External Control of System or Configuration Setting vulnerability.Successful exploitation of this vulnerability could compromise confidentiality. | |||||
| CVE-2021-37014 | 1 Huawei | 1 Harmonyos | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Stack-based Buffer Overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to device cannot be used properly. | |||||
| CVE-2021-46814 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| The video framework has an out-of-bounds memory read/write vulnerability. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2022-48261 | 1 Huawei | 2 Bisheng-wnm, Bisheng-wnm Firmware | 2023-08-08 | N/A | 7.5 HIGH |
| There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation of this vulnerability may cause the printer service to be abnormal. | |||||
| CVE-2021-22437 | 1 Huawei | 2 Emui, Magic Ui | 2023-08-08 | 6.9 MEDIUM | 7.0 HIGH |
| There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address access. | |||||
| CVE-2021-37078 | 1 Huawei | 1 Harmonyos | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to remote Denial of Service. | |||||
| CVE-2022-48230 | 1 Huawei | 2 Bisheng-wnm, Bisheng-wnm Firmware | 2023-08-08 | N/A | 7.5 HIGH |
| There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to DoS. | |||||
| CVE-2021-22406 | 1 Huawei | 2 Emui, Magic Ui | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| There is an Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly. | |||||
| CVE-2021-33656 | 2 Huawei, Linux | 2 Openeuler, Linux Kernel | 2022-07-28 | N/A | 7.8 HIGH |
| When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds. | |||||
| CVE-2022-34742 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-19 | 5.0 MEDIUM | 7.5 HIGH |
| The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-34743 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-19 | 5.0 MEDIUM | 7.5 HIGH |
| The AT commands of the USB port have an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2022-34739 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-19 | 5.0 MEDIUM | 7.5 HIGH |
| The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings. | |||||
| CVE-2022-34738 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-19 | 5.0 MEDIUM | 7.5 HIGH |
| The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background. | |||||
| CVE-2022-34736 | 1 Huawei | 2 Emui, Harmonyos | 2022-07-19 | 7.8 HIGH | 7.5 HIGH |
| The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability. | |||||
| CVE-2022-34735 | 1 Huawei | 2 Emui, Harmonyos | 2022-07-19 | 7.8 HIGH | 7.5 HIGH |
| The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability. | |||||
| CVE-2021-46741 | 1 Huawei | 2 Emui, Harmonyos | 2022-07-18 | 5.0 MEDIUM | 7.5 HIGH |
| The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity. | |||||
| CVE-2021-39999 | 1 Huawei | 2 Ese620x Vess, Ese620x Vess Firmware | 2022-07-15 | 7.8 HIGH | 7.5 HIGH |
| There is a buffer overflow vulnerability in eSE620X vESS V100R001C10SPC200 and V100R001C20SPC200. An attacker can exploit this vulnerability by sending a specific message to the target device due to insufficient validation of packets. Successful exploit could cause a denial of service condition. | |||||
| CVE-2021-37091 | 1 Huawei | 1 Harmonyos | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected. | |||||
| CVE-2021-22370 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-36991 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is an Unauthorized file access vulnerability in Huawei Smartphone due to unstandardized path input.Successful exploitation of this vulnerability by creating malicious file paths can cause unauthorized file access. | |||||
| CVE-2021-22449 | 1 Huawei | 1 Elf-g10hn | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a logic vulnerability in Elf-G10HN 1.0.0.608. An unauthenticated attacker could perform specific operations to exploit this vulnerability. Due to insufficient security design, successful exploit could allow an attacker to add users to be friends without prompting in the target device. | |||||
| CVE-2021-22334 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 3.3 LOW | 7.4 HIGH |
| There is an Improper Access Control vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause app redirections. | |||||
| CVE-2021-37109 | 1 Huawei | 1 Emui | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| There is a security protection bypass vulnerability with the modem.Successful exploitation of this vulnerability may cause memory protection failure. | |||||
| CVE-2021-39972 | 1 Huawei | 1 Harmonyos | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality. | |||||
| CVE-2021-22446 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 7.8 HIGH | 7.5 HIGH |
| There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset. | |||||
| CVE-2021-37075 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected. | |||||
| CVE-2021-22309 | 1 Huawei | 8 Usg9500, Usg9500 Firmware, Usg9520 and 5 more | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Affected product versions include:USG9500 versions V500R001C30SPC200, V500R001C60SPC500,V500R005C00SPC200;USG9520 versions V500R005C00;USG9560 versions V500R005C00;USG9580 versions V500R005C00. | |||||
| CVE-2021-22328 | 1 Huawei | 8 Cloudengine 12800, Cloudengine 12800 Firmware, Cloudengine 5800 and 5 more | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a denial of service vulnerability in some huawei products. In specific scenarios, due to the improper handling of the packets, an attacker may craft the specific packet. Successful exploit may cause some services abnormal. Affected product versions include:CloudEngine 12800 V200R005C00SPC800, CloudEngine 5800 V200R005C00SPC800, CloudEngine 6800 V200R005C00SPC800, CloudEngine 7800 V200R005C00SPC800. | |||||
| CVE-2021-39976 | 1 Huawei | 2 Cloudengine 5800, Cloudengine 5800 Firmware | 2022-07-12 | 7.2 HIGH | 7.8 HIGH |
| There is a privilege escalation vulnerability in CloudEngine 5800 V200R020C00SPC600. Due to lack of privilege restrictions, an authenticated local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. | |||||
| CVE-2021-37038 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-22314 | 1 Huawei | 1 Manageone | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| There is a local privilege escalation vulnerability in some versions of ManageOne. A local authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service. | |||||
| CVE-2021-37113 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-22299 | 1 Huawei | 5 Imaster Mae-m, Manageone, Network Functions Virtualization Fusionsphere and 2 more | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions include: ManageOne versions 6.5.0,6.5.0.SPC100.B210,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100; NFV_FusionSphere versions 6.5.1.SPC23,8.0.0.SPC12; SMC2.0 versions V600R019C00,V600R019C10; iMaster MAE-M versions MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220. | |||||
| CVE-2021-40044 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 5.8 MEDIUM | 8.8 HIGH |
| There is a permission verification vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may cause unauthorized operations. | |||||
| CVE-2021-22324 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Credentials Management Errors vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may impair data confidentiality. | |||||
| CVE-2021-22292 | 1 Huawei | 2 Ecns280, Ecns280 Firmware | 2022-07-12 | 7.8 HIGH | 7.5 HIGH |
| There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS. | |||||
| CVE-2021-22488 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups. | |||||
| CVE-2021-37068 | 1 Huawei | 1 Harmonyos | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Resource Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to denial of Service Attacks. | |||||