Total
593 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-48346 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect confidentiality. | |||||
CVE-2022-48349 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 9.1 CRITICAL |
The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and availability. | |||||
CVE-2022-48355 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 6.5 MEDIUM |
The Bluetooth module has a heap out-of-bounds read vulnerability. Successful exploitation of this vulnerability can cause the Bluetooth process to crash. | |||||
CVE-2023-34154 | 1 Huawei | 1 Harmonyos | 2023-12-10 | N/A | 8.2 HIGH |
Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of this vulnerability will cause third-party apps to create windows in an arbitrary way, consuming system resources. | |||||
CVE-2023-34157 | 1 Huawei | 1 Harmonyos | 2023-12-10 | N/A | 6.5 MEDIUM |
Vulnerability of HwWatchHealth being hijacked.Successful exploitation of this vulnerability may cause repeated pop-up windows of the app. | |||||
CVE-2023-37240 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 9.1 CRITICAL |
Vulnerability of missing input length verification in the distributed file system. Successful exploitation of this vulnerability may cause out-of-bounds read. | |||||
CVE-2022-48313 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 6.5 MEDIUM |
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality. | |||||
CVE-2021-46893 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
Vulnerability of unstrict data verification and parameter check. Successful exploitation of this vulnerability may affect integrity. | |||||
CVE-2021-46894 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 9.8 CRITICAL |
Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this vulnerability may lead to kernel privilege escalation. | |||||
CVE-2023-37239 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
Format string vulnerability in the distributed file system. Attackers who bypass the selinux permission can exploit this vulnerability to crash the program. | |||||
CVE-2022-48359 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
The recovery mode for updates has a vulnerability that causes arbitrary disk modification. Successful exploitation of this vulnerability may affect confidentiality. | |||||
CVE-2023-34164 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
Vulnerability of incomplete input parameter verification in the communication framework module. Successful exploitation of this vulnerability may affect availability. | |||||
CVE-2023-37241 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
Input verification vulnerability in the WMS API. Successful exploitation of this vulnerability may cause the device to restart. | |||||
CVE-2022-48514 | 1 Huawei | 1 Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
The Sepolicy module has inappropriate permission control on the use of Netlink.Successful exploitation of this vulnerability may affect confidentiality. | |||||
CVE-2022-48357 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
Some products have the double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service (DoS) attacks to the kernel. | |||||
CVE-2022-48298 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
The geofencing kernel code does not verify the length of the input data. Successful exploitation of this vulnerability may cause out-of-bounds memory access. | |||||
CVE-2022-46761 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
The system has a vulnerability that may cause dynamic hiding and restoring of app icons.Successful exploitation of this vulnerability may cause malicious hiding of app icons. | |||||
CVE-2022-48289 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
The bundle management module lacks authentication and control mechanisms in some APIs. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
CVE-2022-48301 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 7.5 HIGH |
The bundle management module lacks permission verification in some APIs. Successful exploitation of this vulnerability may restore the pre-installed apps that have been uninstalled. | |||||
CVE-2022-48292 | 1 Huawei | 2 Emui, Harmonyos | 2023-12-10 | N/A | 6.5 MEDIUM |
The Bluetooth module has an out-of-memory (OOM) vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. |