Search
Total
303 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-37045 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 10.0 HIGH | 9.8 CRITICAL |
| There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed. | |||||
| CVE-2021-22453 | 1 Huawei | 1 Harmonyos | 2022-07-12 | 2.1 LOW | 3.3 LOW |
| A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash. | |||||
| CVE-2021-22470 | 1 Huawei | 1 Harmonyos | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| A component of the HarmonyOS has a Privileges Controls vulnerability. Local attackers may exploit this vulnerability to expand the Recording Trusted Domain. | |||||
| CVE-2021-22430 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection. | |||||
| CVE-2021-39980 | 1 Huawei | 1 Harmonyos | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could lead to sensitive information disclosure. | |||||
| CVE-2021-46785 | 1 Huawei | 2 Emui, Harmonyos | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier. | |||||
| CVE-2021-46742 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 6.4 MEDIUM | 9.1 CRITICAL |
| The multi-window module has a vulnerability of unauthorized insertion and tampering of Settings.Secure data.Successful exploitation of this vulnerability may affect the availability. | |||||
| CVE-2021-39972 | 1 Huawei | 1 Harmonyos | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability.Successful exploitation of this vulnerability could compromise confidentiality. | |||||
| CVE-2021-37091 | 1 Huawei | 1 Harmonyos | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected. | |||||
| CVE-2021-37058 | 1 Huawei | 1 Harmonyos | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user's nickname is maliciously tampered with. | |||||
| CVE-2021-37093 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to attackers steal short messages. | |||||
| CVE-2021-37075 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Credentials Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to confidentiality affected. | |||||
| CVE-2021-37068 | 1 Huawei | 1 Harmonyos | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Resource Management Errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to denial of Service Attacks. | |||||
| CVE-2021-37113 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Privilege escalation vulnerability with the file system component in Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-37040 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 6.8 MEDIUM | 9.8 CRITICAL |
| There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting. | |||||
| CVE-2022-31751 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2022-31762 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation. | |||||
| CVE-2022-31755 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2021-40036 | 1 Huawei | 1 Harmonyos | 2022-06-27 | 7.5 HIGH | 9.8 CRITICAL |
| The bone voice ID TA has a memory overwrite vulnerability. Successful exploitation of this vulnerability may result in malicious code execution. | |||||
| CVE-2022-31760 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-06-27 | 6.4 MEDIUM | 9.1 CRITICAL |
| Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality. | |||||
| CVE-2022-31757 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-31753 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2021-46811 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-06-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information. | |||||
| CVE-2022-31758 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-06-21 | 1.9 LOW | 4.7 MEDIUM |
| The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2021-46812 | 1 Huawei | 2 Emui, Harmonyos | 2022-06-18 | 5.0 MEDIUM | 7.5 HIGH |
| The Device Manager has a vulnerability in multi-device interaction. Successful exploitation of this vulnerability may affect data integrity. | |||||
| CVE-2022-31763 | 1 Huawei | 2 Emui, Harmonyos | 2022-06-18 | 4.9 MEDIUM | 5.5 MEDIUM |
| The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2022-31759 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-06-18 | 2.1 LOW | 5.5 MEDIUM |
| AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2022-31756 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-06-18 | 2.1 LOW | 5.5 MEDIUM |
| The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-29793 | 1 Huawei | 2 Emui, Harmonyos | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability. | |||||
| CVE-2022-22252 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-05-26 | 7.8 HIGH | 7.5 HIGH |
| The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability. | |||||
| CVE-2021-46786 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-05-23 | 7.5 HIGH | 9.8 CRITICAL |
| The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access. | |||||
| CVE-2021-46787 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash. | |||||
| CVE-2022-22260 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 6.4 MEDIUM | 9.1 CRITICAL |
| The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability. | |||||
| CVE-2022-29789 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services. | |||||
| CVE-2022-22261 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | |||||
| CVE-2022-29791 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | |||||
| CVE-2022-29790 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions. | |||||
| CVE-2022-29792 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-29794 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 7.5 HIGH | 9.8 CRITICAL |
| The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality. | |||||
| CVE-2022-29796 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | |||||
| CVE-2022-29795 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability. | |||||
| CVE-2022-22258 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-05-13 | 7.5 HIGH | 9.8 CRITICAL |
| The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in elevation-of-privilege. | |||||
| CVE-2021-40010 | 1 Huawei | 1 Harmonyos | 2022-05-13 | 7.5 HIGH | 9.8 CRITICAL |
| The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution. | |||||
| CVE-2021-22420 | 1 Huawei | 1 Harmonyos | 2022-05-03 | 7.2 HIGH | 7.8 HIGH |
| A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause the underlying trust of the application trustlist mechanism is missing.. | |||||
| CVE-2021-22454 | 1 Huawei | 1 Harmonyos | 2022-05-03 | 2.1 LOW | 5.5 MEDIUM |
| A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause core dump. | |||||
| CVE-2021-22465 | 1 Huawei | 1 Harmonyos | 2022-05-03 | 2.1 LOW | 5.5 MEDIUM |
| A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable. | |||||
| CVE-2021-22468 | 1 Huawei | 1 Harmonyos | 2022-05-03 | 2.1 LOW | 3.3 LOW |
| A component of the HarmonyOS has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability. Local attackers may exploit this vulnerability to cause kernel address leakage. | |||||
| CVE-2021-37023 | 1 Huawei | 1 Harmonyos | 2022-05-03 | 6.4 MEDIUM | 6.5 MEDIUM |
| There is a Improper Access Control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause media files which can be reads and writes in non-distributed directories on any device on the network.. | |||||
| CVE-2021-40011 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-04-25 | 5.0 MEDIUM | 7.5 HIGH |
| There is an uncontrolled resource consumption vulnerability in the display module. Successful exploitation of this vulnerability may affect integrity. | |||||
| CVE-2021-40045 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-02-16 | 2.1 LOW | 5.5 MEDIUM |
| There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality. | |||||