Harmonyos
by Huawei
CVEs (1,067)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-22460 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to bypass the control mechanism. | ||
| CVE-2021-22459 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause System functions which are unavailable. | ||
| CVE-2021-22456 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable. | ||
| CVE-2021-22455 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause the memory which is not released. | ||
| CVE-2021-22454 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause core dump. | ||
| CVE-2021-22452 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address. | ||
| CVE-2021-22450 | Med | 0.36 | 5.5 | 0.00 | Oct 28, 2021 | A component of the HarmonyOS has a Incomplete Cleanup vulnerability. Local attackers may exploit this vulnerability to cause memory exhaustion. | ||
| CVE-2021-22295 | Med | 0.36 | 5.5 | 0.00 | Aug 6, 2021 | A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler. | ||
| CVE-2021-22424 | Med | 0.36 | 5.5 | 0.00 | Aug 3, 2021 | A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability. Local attackers may exploit this vulnerability to cause Kernel Denial of Service. | ||
| CVE-2021-22419 | Med | 0.36 | 5.5 | 0.00 | Aug 3, 2021 | A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to cause persistent dos. | ||
| CVE-2021-22417 | Med | 0.36 | 5.5 | 0.00 | Aug 3, 2021 | A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Memory Leakage. | ||
| CVE-2021-22318 | Med | 0.36 | 5.5 | 0.00 | Jul 14, 2021 | A component of the HarmonyOS 2.0 has a Null Pointer Dereference Vulnerability. Local attackers may exploit this vulnerability to cause system denial of service. | ||
| CVE-2021-22296 | Med | 0.36 | 5.5 | 0.00 | Mar 2, 2021 | A component of HarmonyOS 2.0 has a DoS vulnerability. Local attackers may exploit this vulnerability to mount a file system to the target device, causing DoS of the file system. | ||
| CVE-2021-40009 | Med | 0.35 | 5.3 | 0.01 | Jan 10, 2022 | There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity. | ||
| CVE-2021-40003 | Med | 0.35 | 5.3 | 0.01 | Jan 10, 2022 | HwPCAssistant has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality. | ||
| CVE-2021-40001 | Med | 0.35 | 5.3 | 0.01 | Jan 10, 2022 | The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable. | ||
| CVE-2021-37013 | Med | 0.35 | 5.3 | 0.01 | Nov 23, 2021 | There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the availability of users is affected. | ||
| CVE-2023-52112 | Med | 0.34 | 5.3 | 0.00 | Jan 16, 2024 | Unauthorized file access vulnerability in the wallpaper service module. Successful exploitation of this vulnerability may cause features to perform abnormally. | ||
| CVE-2023-6273 | Med | 0.34 | 5.3 | 0.00 | Dec 6, 2023 | Permission management vulnerability in the module for disabling Sound Booster. Successful exploitation of this vulnerability may cause features to perform abnormally. | ||
| CVE-2023-46756 | Med | 0.34 | 5.3 | 0.00 | Nov 8, 2023 | Permission control vulnerability in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows. |
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to bypass the control mechanism.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause System functions which are unavailable.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause the memory which is not released.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause core dump.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Incomplete Cleanup vulnerability. Local attackers may exploit this vulnerability to cause memory exhaustion.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability. Local attackers may exploit this vulnerability to cause Kernel Denial of Service.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability. Local attackers may exploit this vulnerability to cause persistent dos.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel Memory Leakage.
- risk 0.36cvss 5.5epss 0.00
A component of the HarmonyOS 2.0 has a Null Pointer Dereference Vulnerability. Local attackers may exploit this vulnerability to cause system denial of service.
- risk 0.36cvss 5.5epss 0.00
A component of HarmonyOS 2.0 has a DoS vulnerability. Local attackers may exploit this vulnerability to mount a file system to the target device, causing DoS of the file system.
- risk 0.35cvss 5.3epss 0.01
There is an Out-of-bounds write vulnerability in the AOD module in smartphones. Successful exploitation of this vulnerability may affect service integrity.
- risk 0.35cvss 5.3epss 0.01
HwPCAssistant has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
- risk 0.35cvss 5.3epss 0.01
The CaasKit module has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the MeeTime application to be unavailable.
- risk 0.35cvss 5.3epss 0.01
There is a Improper Input Validation vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the availability of users is affected.
- risk 0.34cvss 5.3epss 0.00
Unauthorized file access vulnerability in the wallpaper service module. Successful exploitation of this vulnerability may cause features to perform abnormally.
- risk 0.34cvss 5.3epss 0.00
Permission management vulnerability in the module for disabling Sound Booster. Successful exploitation of this vulnerability may cause features to perform abnormally.
- risk 0.34cvss 5.3epss 0.00
Permission control vulnerability in the window management module. Successful exploitation of this vulnerability may cause malicious pop-up windows.
Page 28 of 54