Harmonyos
by Huawei
CVEs (1,067)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-56442 | 0.00 | — | 0.00 | Jan 8, 2025 | Vulnerability of native APIs not being implemented in the NFC service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. | |||
| CVE-2024-56441 | 0.00 | — | 0.00 | Jan 8, 2025 | Race condition vulnerability in the Bastet module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2024-56440 | 0.00 | — | 0.00 | Jan 8, 2025 | Permission control vulnerability in the Connectivity module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. | |||
| CVE-2024-56439 | 0.00 | — | 0.00 | Jan 8, 2025 | Access control vulnerability in the identity authentication module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2024-56438 | 0.00 | — | 0.00 | Jan 8, 2025 | Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2024-56437 | 0.00 | — | 0.00 | Jan 8, 2025 | Vulnerability of input parameters not being verified in the widget framework module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2023-52955 | 0.00 | — | 0.00 | Jan 8, 2025 | Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. | |||
| CVE-2023-52954 | 0.00 | — | 0.00 | Jan 8, 2025 | Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2023-52953 | 0.00 | — | 0.00 | Jan 8, 2025 | Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||
| CVE-2024-56436 | 0.00 | — | 0.00 | Jan 8, 2025 | Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2024-56435 | 0.00 | — | 0.00 | Jan 8, 2025 | Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2024-56434 | 0.00 | — | 0.00 | Jan 8, 2025 | UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device. | |||
| CVE-2021-22484 | 0.00 | — | 0.00 | Dec 28, 2024 | Some Huawei wearables have a vulnerability of not verifying the actual data size when reading data. Successful exploitation of this vulnerability may cause a server out of memory (OOM). | |||
| CVE-2021-37000 | 0.00 | — | 0.00 | Dec 28, 2024 | Some Huawei wearables have a permission management vulnerability. | |||
| CVE-2024-54122 | 0.00 | — | 0.00 | Dec 12, 2024 | Concurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability. | |||
| CVE-2024-54119 | 0.00 | — | 0.00 | Dec 12, 2024 | Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2024-54117 | 0.00 | — | 0.00 | Dec 12, 2024 | Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2024-54116 | 0.00 | — | 0.00 | Dec 12, 2024 | Out-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. | |||
| CVE-2024-54115 | 0.00 | — | 0.00 | Dec 12, 2024 | Out-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability. | |||
| CVE-2024-54114 | 0.00 | — | 0.00 | Dec 12, 2024 | Out-of-bounds access vulnerability in playback in the DASH module Impact: Successful exploitation of this vulnerability will affect availability. |
- CVE-2024-56442Jan 8, 2025risk 0.00cvss —epss 0.00
Vulnerability of native APIs not being implemented in the NFC service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
- CVE-2024-56441Jan 8, 2025risk 0.00cvss —epss 0.00
Race condition vulnerability in the Bastet module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2024-56440Jan 8, 2025risk 0.00cvss —epss 0.00
Permission control vulnerability in the Connectivity module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
- CVE-2024-56439Jan 8, 2025risk 0.00cvss —epss 0.00
Access control vulnerability in the identity authentication module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2024-56438Jan 8, 2025risk 0.00cvss —epss 0.00
Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2024-56437Jan 8, 2025risk 0.00cvss —epss 0.00
Vulnerability of input parameters not being verified in the widget framework module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2023-52955Jan 8, 2025risk 0.00cvss —epss 0.00
Vulnerability of improper authentication in the ANS system service module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
- CVE-2023-52954Jan 8, 2025risk 0.00cvss —epss 0.00
Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2023-52953Jan 8, 2025risk 0.00cvss —epss 0.00
Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
- CVE-2024-56436Jan 8, 2025risk 0.00cvss —epss 0.00
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2024-56435Jan 8, 2025risk 0.00cvss —epss 0.00
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2024-56434Jan 8, 2025risk 0.00cvss —epss 0.00
UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device.
- CVE-2021-22484Dec 28, 2024risk 0.00cvss —epss 0.00
Some Huawei wearables have a vulnerability of not verifying the actual data size when reading data. Successful exploitation of this vulnerability may cause a server out of memory (OOM).
- CVE-2021-37000Dec 28, 2024risk 0.00cvss —epss 0.00
Some Huawei wearables have a permission management vulnerability.
- CVE-2024-54122Dec 12, 2024risk 0.00cvss —epss 0.00
Concurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability.
- CVE-2024-54119Dec 12, 2024risk 0.00cvss —epss 0.00
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2024-54117Dec 12, 2024risk 0.00cvss —epss 0.00
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2024-54116Dec 12, 2024risk 0.00cvss —epss 0.00
Out-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
- CVE-2024-54115Dec 12, 2024risk 0.00cvss —epss 0.00
Out-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.
- CVE-2024-54114Dec 12, 2024risk 0.00cvss —epss 0.00
Out-of-bounds access vulnerability in playback in the DASH module Impact: Successful exploitation of this vulnerability will affect availability.
Page 15 of 54