Harmonyos
by Huawei
CVEs (1,067)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-49248 | Med | 0.36 | 5.5 | 0.00 | Dec 6, 2023 | Vulnerability of unauthorized file access in the Settings app. Successful exploitation of this vulnerability may cause unauthorized file access. | ||
| CVE-2022-48518 | Med | 0.36 | 5.5 | 0.00 | Jul 6, 2023 | Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the… | ||
| CVE-2022-41590 | Med | 0.36 | 5.5 | 0.00 | Dec 20, 2022 | Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability. | ||
| CVE-2022-31763 | Med | 0.36 | 5.5 | 0.00 | Jun 13, 2022 | The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability. | ||
| CVE-2022-31759 | Med | 0.36 | 5.5 | 0.00 | Jun 13, 2022 | AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability. | ||
| CVE-2022-31756 | Med | 0.36 | 5.5 | 0.00 | Jun 13, 2022 | The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality. | ||
| CVE-2022-31755 | Med | 0.36 | 5.5 | 0.00 | Jun 13, 2022 | The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability. | ||
| CVE-2022-31751 | Med | 0.36 | 5.5 | 0.00 | Jun 13, 2022 | The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability. | ||
| CVE-2021-22479 | Med | 0.36 | 5.5 | 0.00 | Feb 25, 2022 | The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash. | ||
| CVE-2021-22478 | Med | 0.36 | 5.5 | 0.00 | Feb 25, 2022 | The interface of a certain HarmonyOS module has a UAF vulnerability. Successful exploitation of this vulnerability may lead to information leakage. | ||
| CVE-2021-22441 | Med | 0.36 | 5.5 | 0.00 | Feb 25, 2022 | Some Huawei products have an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to kernel crash. | ||
| CVE-2021-40045 | Med | 0.36 | 5.5 | 0.00 | Feb 9, 2022 | There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality. | ||
| CVE-2021-40037 | Med | 0.36 | 5.5 | 0.00 | Jan 10, 2022 | There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart. | ||
| CVE-2021-22471 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash. | ||
| CVE-2021-22467 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address. | ||
| CVE-2021-22466 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Use After Free vulnerability. Local attackers may exploit this vulnerability to cause kernel crash. | ||
| CVE-2021-22465 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable. | ||
| CVE-2021-22463 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Use After Free vulnerability . Local attackers may exploit this vulnerability to cause Kernel Information disclosure. | ||
| CVE-2021-22462 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause kernel crash. | ||
| CVE-2021-22461 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Allocation of Resources Without Limits or Throttling vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash. |
- risk 0.36cvss 5.5epss 0.00
Vulnerability of unauthorized file access in the Settings app. Successful exploitation of this vulnerability may cause unauthorized file access.
- risk 0.36cvss 5.5epss 0.00
Vulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the…
- risk 0.36cvss 5.5epss 0.00
Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability.
- risk 0.36cvss 5.5epss 0.00
The kernel module has the null pointer and out-of-bounds array vulnerabilities. Successful exploitation of this vulnerability may affect system availability.
- risk 0.36cvss 5.5epss 0.00
AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability.
- risk 0.36cvss 5.5epss 0.00
The fingerprint sensor module has design defects. Successful exploitation of this vulnerability may affect data confidentiality.
- risk 0.36cvss 5.5epss 0.00
The communication module has a vulnerability of improper permission preservation. Successful exploitation of this vulnerability may affect system availability.
- risk 0.36cvss 5.5epss 0.00
The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.
- risk 0.36cvss 5.5epss 0.00
The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.
- risk 0.36cvss 5.5epss 0.00
The interface of a certain HarmonyOS module has a UAF vulnerability. Successful exploitation of this vulnerability may lead to information leakage.
- risk 0.36cvss 5.5epss 0.00
Some Huawei products have an integer overflow vulnerability. Successful exploitation of this vulnerability may lead to kernel crash.
- risk 0.36cvss 5.5epss 0.00
There is a vulnerability of signature verification mechanism failure in system upgrade through recovery mode.Successful exploitation of this vulnerability may affect service confidentiality.
- risk 0.36cvss 5.5epss 0.00
There is a Vulnerability of accessing resources using an incompatible type (type confusion) in the MPTCP subsystem in smartphones. Successful exploitation of this vulnerability may cause the system to crash and restart.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Use After Free vulnerability. Local attackers may exploit this vulnerability to cause kernel crash.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Use After Free vulnerability . Local attackers may exploit this vulnerability to cause Kernel Information disclosure.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause kernel crash.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Allocation of Resources Without Limits or Throttling vulnerability. Local attackers may exploit this vulnerability to cause nearby process crash.
Page 27 of 54