Vulnerabilities (CVE)

Filtered by vendor Huawei Subscribe
Total 1449 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-37001 1 Huawei 1 Harmonyos 2022-08-15 N/A 7.5 HIGH
The diag-router module has a vulnerability in intercepting excessive long and short instructions. Successful exploitation of this vulnerability will cause the diag-router module to crash.
CVE-2022-37002 1 Huawei 3 Emui, Harmonyos, Magic Ui 2022-08-15 N/A 9.8 CRITICAL
The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background.
CVE-2022-37003 1 Huawei 3 Emui, Harmonyos, Magic Ui 2022-08-15 N/A 9.8 CRITICAL
The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files.
CVE-2022-37004 1 Huawei 3 Emui, Harmonyos, Magic Ui 2022-08-15 N/A 7.5 HIGH
The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability.
CVE-2022-37005 1 Huawei 3 Emui, Harmonyos, Magic Ui 2022-08-15 N/A 7.5 HIGH
The Settings application has an argument injection vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-37006 1 Huawei 1 Emui 2022-08-15 N/A 7.5 HIGH
Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service availability.
CVE-2022-37007 1 Huawei 3 Emui, Harmonyos, Magic Ui 2022-08-15 N/A 7.5 HIGH
The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability.
CVE-2022-37008 1 Huawei 3 Emui, Harmonyos, Magic Ui 2022-08-15 N/A 7.5 HIGH
The recovery module has a vulnerability of bypassing the verification of an update package before use. Successful exploitation of this vulnerability may affect system stability.
CVE-2021-33646 2 Feep, Huawei 2 Libtar, Openeuler 2022-08-13 N/A 7.5 HIGH
The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.
CVE-2021-33645 2 Feep, Huawei 2 Libtar, Openeuler 2022-08-13 N/A 7.5 HIGH
The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.
CVE-2021-33644 2 Feep, Huawei 2 Libtar, Openeuler 2022-08-13 N/A 8.1 HIGH
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
CVE-2021-33643 2 Feep, Huawei 2 Libtar, Openeuler 2022-08-13 N/A 9.1 CRITICAL
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.
CVE-2021-40030 1 Huawei 3 Emui, Harmonyos, Magic Ui 2022-08-12 N/A 7.5 HIGH
The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2021-40034 1 Huawei 3 Emui, Harmonyos, Magic Ui 2022-08-12 N/A 7.5 HIGH
The video framework has the memory overwriting vulnerability caused by addition overflow. Successful exploitation of this vulnerability may affect the availability.
CVE-2021-40040 1 Huawei 2 Emui, Magic Ui 2022-08-12 N/A 7.5 HIGH
Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2021-40052 1 Huawei 1 Harmonyos 2022-08-10 7.8 HIGH 7.5 HIGH
There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability.
CVE-2022-34742 1 Huawei 3 Emui, Harmonyos, Magic Ui 2022-08-10 5.0 MEDIUM 7.5 HIGH
The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2021-46741 1 Huawei 2 Emui, Harmonyos 2022-08-10 5.0 MEDIUM 7.5 HIGH
The basic framework and setting module have defects, which were introduced during the design. Successful exploitation of this vulnerability may affect system integrity.
CVE-2021-40012 1 Huawei 1 Emui 2022-08-10 5.0 MEDIUM 7.5 HIGH
Vulnerability of pointers being incorrectly used during data transmission in the video framework. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2021-33656 2 Huawei, Linux 2 Openeuler, Linux Kernel 2022-07-28 N/A 7.8 HIGH
When setting font with malicous data by ioctl cmd PIO_FONT,kernel will write memory out of bounds.