Filtered by vendor Huawei
Subscribe
Search
Total
1474 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22488 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups. | |||||
| CVE-2021-22449 | 1 Huawei | 1 Elf-g10hn | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a logic vulnerability in Elf-G10HN 1.0.0.608. An unauthenticated attacker could perform specific operations to exploit this vulnerability. Due to insufficient security design, successful exploit could allow an attacker to add users to be friends without prompting in the target device. | |||||
| CVE-2021-22370 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-37038 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2021-22409 | 1 Huawei | 1 Manageone | 2022-07-12 | 3.5 LOW | 5.3 MEDIUM |
| There is a denial of service vulnerability in some versions of ManageOne. There is a logic error in the implementation of a function of a module. When the service pressure is heavy, there is a low probability that an exception may occur. Successful exploit may cause some services abnormal. | |||||
| CVE-2021-22309 | 1 Huawei | 8 Usg9500, Usg9500 Firmware, Usg9520 and 5 more | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Affected product versions include:USG9500 versions V500R001C30SPC200, V500R001C60SPC500,V500R005C00SPC200;USG9520 versions V500R005C00;USG9560 versions V500R005C00;USG9580 versions V500R005C00. | |||||
| CVE-2021-37058 | 1 Huawei | 1 Harmonyos | 2022-07-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to the user's nickname is maliciously tampered with. | |||||
| CVE-2021-37045 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 10.0 HIGH | 9.8 CRITICAL |
| There is an UAF vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart unexpectedly and the kernel-mode code to be executed. | |||||
| CVE-2021-37040 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 6.8 MEDIUM | 9.8 CRITICAL |
| There is a Parameter injection vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause privilege escalation of files after CIFS share mounting. | |||||
| CVE-2021-36991 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
| There is an Unauthorized file access vulnerability in Huawei Smartphone due to unstandardized path input.Successful exploitation of this vulnerability by creating malicious file paths can cause unauthorized file access. | |||||
| CVE-2021-22299 | 1 Huawei | 5 Imaster Mae-m, Manageone, Network Functions Virtualization Fusionsphere and 2 more | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. Affected product versions include: ManageOne versions 6.5.0,6.5.0.SPC100.B210,6.5.1.1.B010,6.5.1.1.B020,6.5.1.1.B030,6.5.1.1.B040,6.5.1.SPC100.B050,6.5.1.SPC101.B010,6.5.1.SPC101.B040,6.5.1.SPC200,6.5.1.SPC200.B010,6.5.1.SPC200.B030,6.5.1.SPC200.B040,6.5.1.SPC200.B050,6.5.1.SPC200.B060,6.5.1.SPC200.B070,6.5.1RC1.B060,6.5.1RC2.B020,6.5.1RC2.B030,6.5.1RC2.B040,6.5.1RC2.B050,6.5.1RC2.B060,6.5.1RC2.B070,6.5.1RC2.B080,6.5.1RC2.B090,6.5.RC2.B050,8.0.0,8.0.0-LCND81,8.0.0.SPC100,8.0.1,8.0.RC2,8.0.RC3,8.0.RC3.B041,8.0.RC3.SPC100; NFV_FusionSphere versions 6.5.1.SPC23,8.0.0.SPC12; SMC2.0 versions V600R019C00,V600R019C10; iMaster MAE-M versions MAE-TOOL(FusionSphereBasicTemplate_Euler_X86)V100R020C10SPC220. | |||||
| CVE-2021-22351 | 1 Huawei | 2 Emui, Magic Ui | 2022-07-12 | 5.5 MEDIUM | 8.1 HIGH |
| There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may induce users to grant permissions on modifying items in the configuration table,causing system exceptions. | |||||
| CVE-2021-22292 | 1 Huawei | 2 Ecns280, Ecns280 Firmware | 2022-07-12 | 7.8 HIGH | 7.5 HIGH |
| There is a denial of service (DoS) vulnerability in eCNS280 versions V100R005C00, V100R005C10. Due to a design defect, remote unauthorized attackers send a large number of specific messages to affected devices, causing system resource exhaustion and web application DoS. | |||||
| CVE-2021-22430 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection. | |||||
| CVE-2022-31762 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation. | |||||
| CVE-2022-31751 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2022-31755 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2021-40036 | 1 Huawei | 1 Harmonyos | 2022-06-27 | 7.5 HIGH | 9.8 CRITICAL |
| The bone voice ID TA has a memory overwrite vulnerability. Successful exploitation of this vulnerability may result in malicious code execution. | |||||
| CVE-2022-31760 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-06-27 | 6.4 MEDIUM | 9.1 CRITICAL |
| Dialog boxes can still be displayed even if the screen is locked in carrier-customized USSD services. Successful exploitation of this vulnerability may affect data integrity and confidentiality. | |||||
| CVE-2022-31757 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| The setting module has a vulnerability of improper use of APIs. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-31753 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2021-46813 | 1 Huawei | 2 Emui, Magic Ui | 2022-06-27 | 5.0 MEDIUM | 7.5 HIGH |
| Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2021-46811 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-06-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this vulnerability may cause disclosure of the Card Production Life Cycle (CPLC) information. | |||||
| CVE-2022-31758 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-06-21 | 1.9 LOW | 4.7 MEDIUM |
| The kernel module has the race condition vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-29798 | 1 Huawei | 2 Cv81-wdm, Cv81-wdm Firmware | 2022-06-18 | 7.8 HIGH | 7.5 HIGH |
| There is a denial of service vulnerability in CV81-WDM FW versions 01.70.49.29.46. Successful exploitation could cause denial of service. | |||||
| CVE-2022-29797 | 1 Huawei | 2 Cv81-wdm, Cv81-wdm Firmware | 2022-06-18 | 10.0 HIGH | 9.8 CRITICAL |
| There is a buffer overflow vulnerability in CV81-WDM FW 01.70.49.29.46. Successful exploitation of this vulnerability may lead to privilege escalation. | |||||
| CVE-2022-22259 | 1 Huawei | 2 Flmg-10, Flmg-10 Firmware | 2022-06-18 | 7.2 HIGH | 6.8 MEDIUM |
| There is an improper authentication vulnerability in FLMG-10 10.0.1.0(H100SP22C00). Successful exploitation of this vulnerability may lead to a control of the victim device. | |||||
| CVE-2022-31754 | 1 Huawei | 2 Emui, Magic Ui | 2022-06-18 | 5.0 MEDIUM | 7.5 HIGH |
| Logical defects in code implementation in some products. Successful exploitation of this vulnerability may affect the availability of some features. | |||||
| CVE-2022-31761 | 1 Huawei | 2 Emui, Magic Ui | 2022-06-18 | 5.0 MEDIUM | 7.5 HIGH |
| Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality. | |||||
| CVE-2021-46812 | 1 Huawei | 2 Emui, Harmonyos | 2022-06-18 | 5.0 MEDIUM | 7.5 HIGH |
| The Device Manager has a vulnerability in multi-device interaction. Successful exploitation of this vulnerability may affect data integrity. | |||||
| CVE-2022-31752 | 1 Huawei | 2 Emui, Magic Ui | 2022-06-18 | 2.1 LOW | 5.5 MEDIUM |
| Missing authorization vulnerability in the system components. Successful exploitation of this vulnerability will affect confidentiality. | |||||
| CVE-2022-31763 | 1 Huawei | 2 Emui, Harmonyos | 2022-06-18 | 4.9 MEDIUM | 5.5 MEDIUM |
| The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2022-31759 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-06-18 | 2.1 LOW | 5.5 MEDIUM |
| AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2022-31756 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-06-18 | 2.1 LOW | 5.5 MEDIUM |
| The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2021-46789 | 1 Huawei | 1 Emui | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| Configuration defects in the secure OS module. Successful exploitation of this vulnerability can affect availability. | |||||
| CVE-2022-29793 | 1 Huawei | 2 Emui, Harmonyos | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| There is a configuration defect in the activation lock of mobile phones.Successful exploitation of this vulnerability may affect application availability. | |||||
| CVE-2022-22252 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-05-26 | 7.8 HIGH | 7.5 HIGH |
| The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability. | |||||
| CVE-2021-46786 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-05-23 | 7.5 HIGH | 9.8 CRITICAL |
| The audio module has a vulnerability in verifying the parameters passed by the application space.Successful exploitation of this vulnerability may cause out-of-bounds memory access. | |||||
| CVE-2021-46787 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The AMS module has a vulnerability of improper permission control.Successful exploitation of this vulnerability may cause non-system application processes to crash. | |||||
| CVE-2021-46788 | 1 Huawei | 2 Emui, Magic Ui | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| Third-party pop-up window coverage vulnerability in the iConnect module.Successful exploitation of this vulnerability may cause system pop-up window may be covered to mislead users to perform incorrect operations. | |||||
| CVE-2022-22260 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 6.4 MEDIUM | 9.1 CRITICAL |
| The kernel module has a UAF vulnerability.Successful exploitation of this vulnerability will affect data integrity and availability. | |||||
| CVE-2022-29789 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The HiAIserver has a vulnerability in verifying the validity of the properties used in the model.Successful exploitation of this vulnerability will affect AI services. | |||||
| CVE-2022-22261 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | |||||
| CVE-2022-29791 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | |||||
| CVE-2022-29790 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions. | |||||
| CVE-2022-29792 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2022-29794 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 7.5 HIGH | 9.8 CRITICAL |
| The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality. | |||||
| CVE-2022-29796 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services. | |||||
| CVE-2022-29795 | 1 Huawei | 2 Emui, Harmonyos | 2022-05-23 | 5.0 MEDIUM | 7.5 HIGH |
| The frame scheduling module has a null pointer dereference vulnerability. Successful exploitation of this vulnerability will affect the kernel availability. | |||||
| CVE-2022-22258 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-05-13 | 7.5 HIGH | 9.8 CRITICAL |
| The Wi-Fi module has an event notification vulnerability.Successful exploitation of this vulnerability may allow third-party applications to intercept event notifications and add information and result in elevation-of-privilege. | |||||