Total
623 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-37242 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 9.8 CRITICAL |
Vulnerability of commands from the modem being intercepted in the atcmdserver module. Attackers may exploit this vulnerability to rewrite the non-volatile random-access memory (NVRAM), or facilitate the exploitation of other vulnerabilities. | |||||
CVE-2022-48508 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulnerability may affect service integrity. | |||||
CVE-2022-48498 | 1 Huawei | 1 Emui | 2023-12-10 | N/A | 7.5 HIGH |
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | |||||
CVE-2022-48480 | 1 Huawei | 1 Emui | 2023-12-10 | N/A | 7.5 HIGH |
Integer overflow vulnerability in some phones. Successful exploitation of this vulnerability may affect service confidentiality. | |||||
CVE-2023-34160 | 1 Huawei | 1 Emui | 2023-12-10 | N/A | 5.3 MEDIUM |
Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on the desktop to prevent them from being uninstalled. | |||||
CVE-2022-48494 | 1 Huawei | 1 Emui | 2023-12-10 | N/A | 7.5 HIGH |
Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized. | |||||
CVE-2021-46884 | 1 Huawei | 1 Emui | 2023-12-10 | N/A | 7.5 HIGH |
The video framework has memory overwriting caused by addition overflow. Successful exploitation of this vulnerability may affect availability. | |||||
CVE-2023-26547 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.8 HIGH |
The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. | |||||
CVE-2022-48509 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 5.9 MEDIUM |
Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit abnormally. | |||||
CVE-2023-37245 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 9.1 CRITICAL |
Buffer overflow vulnerability in the modem pinctrl module. Successful exploitation of this vulnerability may affect the integrity and availability of the modem. | |||||
CVE-2022-48361 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 5.3 MEDIUM |
The Always On Display (AOD) has a path traversal vulnerability in theme files. Successful exploitation of this vulnerability may cause a failure in reading AOD theme resources. | |||||
CVE-2023-1693 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
The Settings module has the file privilege escalation vulnerability.Successful exploitation of this vulnerability may affect confidentiality. | |||||
CVE-2022-48515 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
Vulnerability of inappropriate permission control in Nearby. Successful exploitation of this vulnerability may affect service confidentiality. | |||||
CVE-2023-34163 | 1 Huawei | 1 Emui | 2023-12-10 | N/A | 7.5 HIGH |
Permission control vulnerability in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormally. | |||||
CVE-2022-48519 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality. | |||||
CVE-2021-46891 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 9.8 CRITICAL |
Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability. | |||||
CVE-2022-48489 | 1 Huawei | 1 Emui | 2023-12-10 | N/A | 7.5 HIGH |
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | |||||
CVE-2021-46892 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
Encryption bypass vulnerability in Maintenance mode. Successful exploitation of this vulnerability may affect service confidentiality. | |||||
CVE-2023-0117 | 1 Huawei | 1 Emui | 2023-12-10 | N/A | 5.3 MEDIUM |
The online authentication provided by the hwKitAssistant lacks strict identity verification of applications. Successful exploitation of this vulnerability may affect availability of features,such as MeeTime. | |||||
CVE-2022-48346 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect confidentiality. |