Harmonyos
by Huawei
CVEs (1,067)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-49240 | 0.00 | — | 0.00 | Dec 6, 2023 | Unauthorized access vulnerability in the launcher module. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2023-49239 | 0.00 | — | 0.00 | Dec 6, 2023 | Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2023-49246 | 0.00 | — | 0.00 | Dec 6, 2023 | Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2023-49245 | 0.00 | — | 0.00 | Dec 6, 2023 | Unauthorized access vulnerability in the Huawei Share module. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2023-49244 | 0.00 | — | 0.00 | Dec 6, 2023 | Permission management vulnerability in the multi-user module. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2023-49243 | 0.00 | — | 0.00 | Dec 6, 2023 | Vulnerability of unauthorized access to email attachments in the email module. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2023-49242 | 0.00 | — | 0.00 | Dec 6, 2023 | Free broadcast vulnerability in the running management module. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2023-49241 | 0.00 | — | 0.00 | Dec 6, 2023 | API permission control vulnerability in the network management module. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2023-44113 | 0.00 | — | 0.00 | Dec 6, 2023 | Vulnerability of missing permission verification for APIs in the Designed for Reliability (DFR) module. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2023-44099 | 0.00 | — | 0.01 | Dec 6, 2023 | Vulnerability of data verification errors in the kernel module. Successful exploitation of this vulnerability may cause WLAN interruption. | |||
| CVE-2023-49248 | 0.00 | — | 0.00 | Dec 6, 2023 | Vulnerability of unauthorized file access in the Settings app. Successful exploitation of this vulnerability may cause unauthorized file access. | |||
| CVE-2023-49247 | 0.00 | — | 0.00 | Dec 6, 2023 | Permission verification vulnerability in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2023-46773 | 0.00 | — | 0.01 | Dec 6, 2023 | Permission management vulnerability in the PMS module. Successful exploitation of this vulnerability may cause privilege escalation. | |||
| CVE-2023-46759 | 0.00 | — | 0.00 | Nov 8, 2023 | Permission control vulnerability in the call module. Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2023-46758 | 0.00 | — | 0.00 | Nov 8, 2023 | Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device. | |||
| CVE-2023-46757 | 0.00 | — | 0.00 | Nov 8, 2023 | The remote PIN module has a vulnerability that causes incorrect information storage locations.Successful exploitation of this vulnerability may affect confidentiality. | |||
| CVE-2023-46756 | 0.00 | — | 0.00 | Nov 8, 2023 | Permission control vulnerability in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows. | |||
| CVE-2023-46755 | 0.00 | — | 0.00 | Nov 8, 2023 | Vulnerability of input parameters being not strictly verified in the input. Successful exploitation of this vulnerability may cause the launcher to restart. | |||
| CVE-2023-46764 | 0.00 | — | 0.00 | Nov 8, 2023 | Unauthorized startup vulnerability of background apps. Successful exploitation of this vulnerability may cause background apps to start maliciously. | |||
| CVE-2023-46763 | 0.00 | — | 0.00 | Nov 8, 2023 | Vulnerability of background app permission management in the framework module. Successful exploitation of this vulnerability may cause background apps to start maliciously. |
- CVE-2023-49240Dec 6, 2023risk 0.00cvss —epss 0.00
Unauthorized access vulnerability in the launcher module. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2023-49239Dec 6, 2023risk 0.00cvss —epss 0.00
Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2023-49246Dec 6, 2023risk 0.00cvss —epss 0.00
Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2023-49245Dec 6, 2023risk 0.00cvss —epss 0.00
Unauthorized access vulnerability in the Huawei Share module. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2023-49244Dec 6, 2023risk 0.00cvss —epss 0.00
Permission management vulnerability in the multi-user module. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2023-49243Dec 6, 2023risk 0.00cvss —epss 0.00
Vulnerability of unauthorized access to email attachments in the email module. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2023-49242Dec 6, 2023risk 0.00cvss —epss 0.00
Free broadcast vulnerability in the running management module. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2023-49241Dec 6, 2023risk 0.00cvss —epss 0.00
API permission control vulnerability in the network management module. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2023-44113Dec 6, 2023risk 0.00cvss —epss 0.00
Vulnerability of missing permission verification for APIs in the Designed for Reliability (DFR) module. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2023-44099Dec 6, 2023risk 0.00cvss —epss 0.01
Vulnerability of data verification errors in the kernel module. Successful exploitation of this vulnerability may cause WLAN interruption.
- CVE-2023-49248Dec 6, 2023risk 0.00cvss —epss 0.00
Vulnerability of unauthorized file access in the Settings app. Successful exploitation of this vulnerability may cause unauthorized file access.
- CVE-2023-49247Dec 6, 2023risk 0.00cvss —epss 0.00
Permission verification vulnerability in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2023-46773Dec 6, 2023risk 0.00cvss —epss 0.01
Permission management vulnerability in the PMS module. Successful exploitation of this vulnerability may cause privilege escalation.
- CVE-2023-46759Nov 8, 2023risk 0.00cvss —epss 0.00
Permission control vulnerability in the call module. Successful exploitation of this vulnerability may affect service confidentiality.
- CVE-2023-46758Nov 8, 2023risk 0.00cvss —epss 0.00
Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device.
- CVE-2023-46757Nov 8, 2023risk 0.00cvss —epss 0.00
The remote PIN module has a vulnerability that causes incorrect information storage locations.Successful exploitation of this vulnerability may affect confidentiality.
- CVE-2023-46756Nov 8, 2023risk 0.00cvss —epss 0.00
Permission control vulnerability in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows.
- CVE-2023-46755Nov 8, 2023risk 0.00cvss —epss 0.00
Vulnerability of input parameters being not strictly verified in the input. Successful exploitation of this vulnerability may cause the launcher to restart.
- CVE-2023-46764Nov 8, 2023risk 0.00cvss —epss 0.00
Unauthorized startup vulnerability of background apps. Successful exploitation of this vulnerability may cause background apps to start maliciously.
- CVE-2023-46763Nov 8, 2023risk 0.00cvss —epss 0.00
Vulnerability of background app permission management in the framework module. Successful exploitation of this vulnerability may cause background apps to start maliciously.
Page 25 of 54